New on LowEndTalk? Please Register and read our Community Rules.
DDoS protection?
Well, since BuyVM can't even support the large attacks that are incoming, I need a alternative, fast. I was using Jacks reverse proxy....
15:45:24Jack [18/11/2012 20:45:11] Francisco: you're getting 7Gbit UDP bumps too it seems
Now, they are attacking my LI server it appears, so its completely dead. Any suggestions?
Comments
@DataFrogs stop pissing people off? ;p
@Jack they've already said they won't accept me.
@Jack how deep?
Meh, so overpriced though.
What kind of flood is it? Maybe post some logs here. Also what's you budget?
What jack said.
Not close, it's at 7Gbit/sec of UDP.
Awk nulls at like 10Gbit so Justin apologized and removed the null for us to continue eating the SYN.
The SYN is still ongoing.
Francisco
That's quite powerful, it'd take a long of power to do that, then again some places have 10gbit servers, so would not surprise me.
How much PPS is the SYN?
Haha @Jack but providers like I3D/HostHatch make me mad.
712486
730902
716035
735899
https://www.staminus.net/SecurePort-Proxy
@Bamn no
@DataFrogs
Or you just cluster your website and MySQL over several servers and use Google Apps for mail and Cloudflare or something for pure DNS?
You should see if these guys would be willing to suck down 7Gbit: http://javapipe.com/web/security/ddos-mitigation/
Of course, if your app normally uses a lot of bandwidth, it'll be expensive.
@Datafrogs
http://www.lowendtalk.com/discussion/5932/mysql-replication-vs.-clustering
They just took out my LI server. It's 100% dead. The whole node it is on crashed.
@DataFrogs
Cluster your site!
Cloudflare business may eat it for you. Supports the Level 7 migration with 100% uptime.
Little bit cheaper than other options at $200 a month
Ernie is meh, hes helping.
You should expect to pay $500-1500/mo if you want to sporadic protection of close to 10gbps DoS. Otherwise you're kidding yourself.
As others mentioned, setup 100 LEB at $5/mo and reverse proxy / cluster whatever it is you're hosting.
I'd rather just get a DDoS protected server with that money than setup 100 LEBs.
Setting up 100 LEBs would be pretty simple. You'd just need to write a short script to do the whole thing. Or there's all of the programs that are designed to do exactly that, such as chef, puppet, Juju, and others.
I don't think 100 LEBs are a proper response to DDoS. Considering that each of them will probably be blackholed for 24 hours if it gets DDoSsed for 10 minutes it would be easy to take them all down one by one
I think only Linode nullroutes for 24 hours. I think even 1 hour is overkill unless it's under constant attack.
It probably depends. If a particular IP gets attacked several times a day for a week - i might nullroute it for 24h too. Or forever.
I also apply nullroutes for 24 hours if the attacks are persistent.
I don't follow the reasoning for a 24 hour nullroute. Am I missing something?
ClientX gets attacked at 7AM with 5gbps UDP for example. Gets nullrouted untill the attack stops (lets say 15 minutes)
At 8AM the same thing happens, so does at 9AM, 10AM, 1PM and etc. .. Than The nullroutes we apply are for longer period of time, for example 24 hours. That's on my side though. It is something rare, hadn't happened the soon (hope it won't).