Best way to overcome DDoS attacks?

Joined
Apr 19, 2016
Messages
36
Best answers
0
Ratings
1
Points
0
#1
What is the best way to survive DDoS attacks ? Do we have to pay for it ? Are there any free methods available ?
 

Chris Worner

Well-known member
Joined
Apr 15, 2016
Messages
287
Best answers
0
Ratings
25
Points
28
#2
What is the best way to survive DDoS attacks ? Do we have to pay for it ? Are there any free methods available ?
As my experience, if you want a free method to anti DDOS, you should go with a CDN like cloudfare, maxcdn

Otherwise you should contact your hosting provider for support and they can provide you a best way to anti ddos attacks
 
Joined
Apr 19, 2016
Messages
36
Best answers
0
Ratings
1
Points
0
#3
Thanks for the reply. Can we just depend on our hosting provider and still be safe from DDoS attacks ? How to know whether your host supports protection from DDOS ?
 

RDO Servers

Well-known member
Joined
Apr 3, 2015
Messages
1,026
Best answers
0
Ratings
416 3
Points
83
#4
RDO Servers
The only way to know for sure is to ask them. Also be sure to ask what level of DDoS protection they can provide. Some advertise "DDoS Protected", but only provide protection up to 2Gbps, which is a pretty small attack!
 

Mihai B.

Well-known member
Joined
Apr 19, 2016
Messages
156
Best answers
0
Ratings
10
Points
18
#6
Mihai B.
Could you please explain what is the difference between 2Gbps and 10Gbps? Gbps is billions of bits per second or Giga bits per second?
 

macklong

Active member
Joined
Jun 17, 2016
Messages
67
Best answers
0
Ratings
4
Points
0
#7
macklong
The attacker speed metered by Gbps. it depends on attacker what computer speed he got! 2Gbps or 10Gbps.

Giga bits per second.
 

RDO Servers

Well-known member
Joined
Apr 3, 2015
Messages
1,026
Best answers
0
Ratings
416 3
Points
83
#8
RDO Servers
Actually, it has nothing to do with the speed of the attackers computer.

A DDoS (Distributed Denial of Service) uses many computers/servers to attack a single server. The speed of the attack depends on the number of servers being used, and the combined throughput.

i.e
10 servers, each with a 100Mbps port speed = 1Gbps attack
40 servers, each with a 100Mbps port speed = 4Gbps attack
5 servers, each with a 1Gbps port speed = 5Gbps attack
20 servers, each with a 1Gbps port speed = 20Gbps attack

There are MANY different types of DDoS attacks, but this should give you a general idea of what the speed rating of an attack means.

Defeating DDoS attacks is difficult task.
 

macklong

Active member
Joined
Jun 17, 2016
Messages
67
Best answers
0
Ratings
4
Points
0
#9
macklong
That's the basic attack you are talking about. that's so 80's !

I was saying..

i.e.
I have 1Gbps port speed 1 server which act like 100 computers with 1Gbps connection avg. = Impact you 10Gbps Attack.

now think I have 10Gbps server. Then how big my attack could be?

There are lik 25 types of ddos attack we are researching one. And when we thought about ddos protection we are prepare for all kinds of attacks. :)

I'm just giving you the idea how big an ddos attack could be.. not to scare you!

Well, good DDoS protection filter the traffic and then work against the attack. :) it's [email protected]!
 

RDO Servers

Well-known member
Joined
Apr 3, 2015
Messages
1,026
Best answers
0
Ratings
416 3
Points
83
#10
RDO Servers
It does not matter what the server is "acting like". 1 server with a 1 Gbps port, cannot push traffic at 10Gbps.

A DDoS attack is distributed, meaning it comes from multiple sources, not just one server.
 
Joined
Apr 19, 2016
Messages
36
Best answers
0
Ratings
1
Points
0
#5
How are DDoS attacks rated ? What does it mean by protection upto 2 Gbps ? How much rating we should ask for ?
 

VirtuBox

Global Mod
Staff Member
Joined
May 3, 2016
Messages
1,500
Best answers
4
Ratings
380 10
Points
83
#11
A DDoS attack is distributed, meaning it comes from multiple sources, not just one server.
Right RDO, the DDoS overload the server with a huge amount of small files. More files it can send, more your server will be slow. And when you see there are around the world thousands of computer or servers, with VNC installed and without a password to access, you understand why DDoS is so easy. Get zombie is not a "hacker" skill.
 

Marc A

Well-known member
Joined
Jun 14, 2016
Messages
125
Best answers
0
Ratings
5
Points
18
#12
I've gotten DDoS and all I did was just wait for my website to come back. Not really tough, but it is illegal :p
 

Luxin Host

Well-known member
Joined
Jun 26, 2016
Messages
544
Best answers
0
Ratings
103
Points
43
#13
@meetdilip
the best way is of course not the free way however the free ways are very effective for small websites.
I highly suggest cloudflare as a free DDOS protection service.
Also it is recommended that you purchase hosting with a company whom has DDOS protection and good firewalls in place.

There are many paid services which offer Strong DDOS protection however you would not need those unless you have a very popular website or game server.
 

fwh

Administrator
Staff Member
Joined
Dec 8, 2012
Messages
669
Best answers
0
Ratings
262 1
Points
63
#14
fwh
I also checked this and it appeared as a redirected page to your web pages when you enable DDOS protection on Clouflare. I suppose it will affect to search engines for websites so it can not be good for websites, although can be effective in protecting from DDOS.

What about IP DDOS filter and DDSO service that already integrated into hosting packages? can we trust these as a good solution for DDOS protection?
 

Luxin Host

Well-known member
Joined
Jun 26, 2016
Messages
544
Best answers
0
Ratings
103
Points
43
#15
Luxin Host
not the best with cloudflare however i believe Yes, the redirection does have its down side however I see it as a price that comes with getting such good free service.
I am not 100% sure however Believe that IP DDOS filter is accessible via cloudflare.
By integrated DDOS service I mean your hosting provider, providing you with DDOS protection. E.g. we ahve 20Gbps DDOS protection on shared hosting plans.
for a small website, yes you can as simply there arent many better options (in my opinion). However for a large website which has good profit, it is ideal to purchase Dedicated DDOS protection which can be expensive.
 

RDO Servers

Well-known member
Joined
Apr 3, 2015
Messages
1,026
Best answers
0
Ratings
416 3
Points
83
#16
RDO Servers
Cloudflare works as a reverse proxy which is not the same as a redirection. I don't believe there is any negative SEO effects to using Cloudflare.
Over 2 million websites use Cloudflare including Reddit, eHarmony, oDesk, MIT, SEO.com, and many others.
Why would search engine penalize these websites for using a CDN to inrease their speed?

As far as ways to mitigate a DDoS attack, there are a couple option.
- Reverse proxy service like Cloudflare, Incapsula, X4b.net. Traffic is directed to these remote servers, then their servers request the data from your server.
- Tunneled solution. Some remote DDoS protection providers also offer the option to setup a GRE tunnel from their server to yours. If done correctly, then eliminates (or at least greatly decreases) the chance of someone bypassing the remote server and attacking your server directly. (Most hosting providers use one of these 2 methods)
- In house protection. This is the best, but most expensive method. This involves dedicated DDoS mitigation hardware on site, filtering traffic as it comes in. These devices cost hundreds of thousands of dollars, plus you have to have very large amounts of transit coming into the datacenter so that an attack does not saturate the transit lines.
 

fwh

Administrator
Staff Member
Joined
Dec 8, 2012
Messages
669
Best answers
0
Ratings
262 1
Points
63
#17
fwh
If this is true then I am sure Cloudflare has ignored spiders from search engines to verify at that step on their DDOS protection tool

They only show that page to Suspect IP addresses so it could not affect rankings for any sites using this service. I just thought this and guessed that. It also can use other ways to filter IPs attacking sites.
 

RDO Servers

Well-known member
Joined
Apr 3, 2015
Messages
1,026
Best answers
0
Ratings
416 3
Points
83
#18
Joined
Jul 18, 2016
Messages
16
Best answers
0
Ratings
1
Points
0
#19
Summing up, is CloudFare a good choice to overcome DDoS attacks?
 
Joined
Jul 2, 2016
Messages
17
Best answers
0
Ratings
1
Points
3
#21
Defeating a DDoS attack is not an easy task. It requires experience in technology and understanding the concept. Most ddos protection providers have software and hardware firewalls working in conjunction to stop these attacks from reaching your server.

Attack speed (10gbps attack etc) may not matter if you website have other security flaws. There are various types of ddos attack like some effect on application layer while some effect on network.

For starters, try cloudflare service as it is easier to setup and maintain. Keep in mind not every provider can block every type of attack.

Highly recommended services after cloudflare would be incapsula, black lotus, imperva, bitninja, blockdos etc.
 
Joined
May 12, 2016
Messages
4
Best answers
0
Ratings
1
Points
0
#22
hardware firewalls are best and effective against DDOS, I am not that much supportive to the services of cloudflare, but it will work greatly for mid rage traffic. I heard some issues regarding Cloudflare on our page rank. Hope this one helps here.

What is the best way to survive DDoS attacks ? Do we have to pay for it ? Are there any free methods available ?
Prevention is better than cure, I refer you to go through this article regarding DDOS from NCI
You can easily implement some simple steps like limiting router to prevent the web server from being overloaded and adding custom packet filters.
To make sure that company operations aren't affected in the event of DDOS attack try to avoid sharing the same server for hosting website and Company data.
You can implement different methods depending upon your priority of business through online.
If you are having an online payment system which is critical to your business , I recommend you should go with a premium protection service. We can easily implement an early DDOS detection system by motoring our traffic and comparing it with previous logs like. A sudden spike in traffic is one of the major signs of DDOS.
 
Joined
Oct 10, 2016
Messages
14
Best answers
0
Ratings
2
Points
0
#25
What is the best way to survive DDoS attacks ? Do we have to pay for it ? Are there any free methods available ?
There is no universal DDOS protection on market. There are so many types of DDOS attacks. There are hw elements which can filter DDOS (I think that OVH has got some of them) and also there are SW filters, which I find out not too usefull (why? The best way to filter DDOS is to do it manually - by hosting provider or your network admin. If you do it manully you'll find a unique pattern of DDOS which most of DDOS are unique). Even though I would recommend you to set up some (eg. CSF).

PS: Despite the OVH have a HW DDOS they experienced a brutal 1Tbps DDOS (find out more @ https://twitter.com/olesovhcom/status/778830571677978624) so it corresponds with what I wrote above > that there is no universal protection against DDOS attacks.
 

EpicGlobalWeb

Well-known member
Joined
Jan 24, 2016
Messages
180
Best answers
0
Ratings
19
Points
0
#28
EpicGlobalWeb
I was pretty sure of this and was talking about it on another thread I wrote on how there is virtually no recourse for a DDoS attack, particularly if it was administered through a large botnet and sheltered again through vpn services or even Tor. Even if you can prevent it, it's even more difficult to catch the attacker, and nearly impossible to prosecute them, which means that there is no way to prevent the same attacker coming back.

Best bet is to allocate some resources to "absorb" some of the attack and manually deny the IP addresses of large and repetitive packet requests.

The challenge is sorting through legitimate traffic and illegitimate traffic. Some automated systems can assist you but like Michal said, there's little recourse against large scale attacks.

An example is when Anonymous took down PayPal, the FBI website, the CIA website, and similar.
 

Nixtree

Well-known member
Joined
Jul 16, 2016
Messages
120
Best answers
0
Ratings
40 4
Points
28
#27
For small Attacks, Cloudflare will do the job but if the attack is large and huge, then Hardware firewall will be the only hope and that too the capacity depends regarding how much large attack it can hold and that you need to clarify with your own datacenter as it can be different for each data center.

Cloudflare is a good one and I will suggest the same for small attacks
 
Older Threads
Replies
3
Views
1,078
Replies
5
Views
1,840
Replies
0
Views
794
Replies
4
Views
758
Newer Threads
Replies
5
Views
1,006
Replies
2
Views
806
Replies
82
Views
14,403
Latest Threads
Replies
0
Views
14
Replies
0
Views
1
Replies
2
Views
23
Replies
2
Views
37

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Latest Blog ArticlesMost Viewed Threads

Top