Page 1 of 2 12 LastLast
Results 1 to 25 of 37
  1. #1
    Join Date
    Oct 2009
    Posts
    36

    DDoS Protection - Staminus vs Gigenet

    I've been taking my time, trying to get my first dedicated server purchase right. I'm a newb to this though.

    I've had 1 DDoS attack in 3+ years of being online, but it took down my site for 2+ weeks. I really want to avoid that in the future.

    I honestly only do less than 10GB/mo bandwidth usually, although recently got to 21 GB/mo.

    Really, I'm just looking to not get raped if i need DDoS protection again. Gigenet offers their protection starting at $500/mo and Staminus starts at $200/mo. Luckily with either one you can turn on/off this service within a billing period or two. Because there's no way I could maintain paying that type of service.

    From threads Staminus seems to be more DDoS oriented than Gigenet. But their site really seems pretty ghetto lol. Also, I'm not a big fan of Southern California DCs. Also, did i read another thread right? Sounded like it was ran by only a few people? Does that mean support is limited or takes a while?

    Gigenet on the other hand has a very nice site, awesome pics showing many things at their facilities, and they have Chicago DC's which sounds great. I think they have better uptime too. However, their DDoS protection is more expensive and according to Staminus folks is worse than Staminus for advanced attacks.

    Any advice or suggestions would be appreciated.

  2. #2
    However, their DDoS protection is more expensive and according to Staminus folks is worse than Staminus for advanced attacks.
    Did you seriously ask a company for an opinion on another competing hosting company?
    478east
    High Bandwidth Servers
    Custom Hosting Solutions

  3. #3
    Join Date
    Oct 2009
    Posts
    36
    Quote Originally Posted by cristibighea View Post
    Did you seriously ask a company for an opinion on another competing hosting company?
    Heh, I just mentioned them on the phone and they gave me their input.

  4. #4
    Join Date
    Jun 2006
    Location
    Houston, Texas
    Posts
    9
    From a customer stand point that has used both staminus and gigenet I would have to point you toward gigenet. I have had serious issues with staminus getting knocked offline during attacks as where I have never gotten killed offline while using gigenet. Staminus is great for small attacks but if you get hit with anything over 5gbps say goodnight on staminus. I have sustained attacks on gigenet that where very large with no lag or downtime. As for those people downing gigenet they dont have a clue what they talk about. I have used gigenet since the day they have opened their doors and i have been through numerous denial of service attacks and they are the only company that has proved their abilities to filter it all out. Gigenet also provides excellent customer support as opposed to staminus.
    Last edited by winkbsd; 11-11-2009 at 12:08 PM.

  5. #5
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    884
    I am currently customer of staminus.

    As for their DDOS protection, it has been working for me for now.

    Attacks range from 500mbit - 2gbps - so far i have not experienced any lag\downtime.

    As for their support, they been great, very helpful to me.

    For gigenet i am not sure about their DDOS protection, i have dedicated servers with them, but never experienced any attack on that server, so no idea what to say there.

    When i was looking for DDOS protected server, i've sent email to Gige, waited couple of days, but never got any response from them.
    (Similar happened when i ordered the server that i have now with them - which is offtopic, i know, but i don't know why that is happening).

    Anyway, depends on how big ur attacks, i am not sure what is the MOST Staminus can go with in GB, but so far it works for me and i am happy customer (hope it stays that way).

    s-f-r-j
    HostingFields - Managed Web Hosting - sales@hostingfields.com
    Affordable Shared Web Hosting, Semi Dedicated Servers & Dedicated Servers
    https://www.hostingfields.com

  6. #6
    Quote Originally Posted by McNulty View Post
    I've been taking my time, trying to get my first dedicated server purchase right. I'm a newb to this though.

    I've had 1 DDoS attack in 3+ years of being online, but it took down my site for 2+ weeks. I really want to avoid that in the future.
    Presumably you were on shared hosting, since you say you are looking for your first dedicated server.

    a) How long ago was your attack?
    b) How large was your attack?
    c) What was the actual reason that you were offline for 2+ weeks?
    i.e. Were you kept offline? Were you suspended? Did the attack last 2 weeks straight? Did they crash the server and your host took 2 weeks to get the server back online?
    d) Do you anticipate being attacked again soon?
    If not, then worrying about DDoS mitigation at this point is more of an academic exercise.


    Quote Originally Posted by McNulty View Post
    I honestly only do less than 10GB/mo bandwidth usually, although recently got to 21 GB/mo.

    Really, I'm just looking to not get raped if i need DDoS protection again. Gigenet offers their protection starting at $500/mo and Staminus starts at $200/mo. Luckily with either one you can turn on/off this service within a billing period or two. Because there's no way I could maintain paying that type of service.
    There are companies out there who will overstate your attack to compensate for their lack of ability to protect you.

    However, I doubt Gigenet would rape you if you need DDoS protection. I do not recall ever seeing anyone claim to have been raped by Gige. They run a well respected data center.

    And, I know Staminus won't rape you, or I wouldn't be working for them.

    Quote Originally Posted by McNulty View Post
    From threads Staminus seems to be more DDoS oriented than Gigenet. But their site really seems pretty ghetto lol.
    Staminus has been doing DDoS mitigation for 10+ years, long before I started with them. DDoS mitigation is one of the primary focus items for Staminus.

    In my experience a snazzy website indicates that someone is clever with snazzy websites. It does not translate into someone who is also good (or bad) at DDoS mitigation.

    I agree, the Staminus website is not uber fancy. We try to provide the relevant information, without trying to be fancy.

    Ironically, a customer recently said that they signed up "because we had a plain, but functional website". Solemn truth, they actually cited our website as one of the reasons for signing up.

    I'll leave the rest of your questions to be addressed by consumers.
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  7. #7
    Quote Originally Posted by McNulty View Post
    Heh, I just mentioned them on the phone and they gave me their input.
    I'm not sure who did that, nor exactly what was said. And, I'd rather not take your thread off topic to discuss it.

    However, it is against our policy to make negative criticisms of other hosting companies or to name them specifically.

    There are many happy customers at Gige who are satisfied with the level of service and protection they receive.
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  8. #8
    Join Date
    Oct 2009
    Posts
    36
    Hi DiverGuy,
    Yes I was on shared hosting before.

    a) The attack started at the beginning of October.
    b) Web-host-4-life people didnt give me exact numbers on how big it was. But they gave me some logs. It took them like 8+ hrs to even realize it was a DDoS attack lol. I think it was big though. I still have the logs.
    c) After the attack WH4Life I think Null-routed my domain. They would not check it again for another week. And when they rechecked it they said it was still occurring and I have a 2nd log with that info. Then we waited another 1.5 weeks or so before checking again and it had stopped.
    d) I don't anticipate being attacked again soon. I've been up for about 3 weeks now.

    I'm pretty certain is was competitors that did it. Once they saw that I continued to operate my website and even get sales by using sub-domains they may have been discouraged to not do it again. They may have initially ordered a 2 week bot attack though, and that's why it went on for so long.

  9. #9
    Join Date
    Mar 2006
    Location
    New Jersey
    Posts
    851
    It is really important to know what was the size of attack else you may end up spending more than required. After reading through your previous posts, I feel that attacks may not have been big enough. The webhost may have intentionally kept your website offline for little longer to make sure that other clients on that server are not affected.
    24Shells in Business Since 2003 - AS55081
    Dedicated Servers, High Bandwidth Servers
    @24Shells - 24shells.net

  10. #10
    Join Date
    Oct 2009
    Posts
    36
    Quote Originally Posted by 24shells View Post
    It is really important to know what was the size of attack else you may end up spending more than required. After reading through your previous posts, I feel that attacks may not have been big enough. The webhost may have intentionally kept your website offline for little longer to make sure that other clients on that server are not affected.
    Well yes, they didn't even check to see if the attack was still going on unless I begged them to check. They tried nothing to mitigate it or even monitor it.

    I was actually able to access my website during the attack through sub-domains. So it didnt crash the server.

    Ok I just counted up how many requests per second I got. And it looks like around 1500 requests per second. I think that's a lot

    It was a HTTP GET attack - I think.

    2009-10-02 09:46:07 GET /images/XXXXX.jpg - XX.XX.XX.XX HTTP/1.1 - - 404 1795

  11. #11
    Quote Originally Posted by McNulty View Post
    Ok I just counted up how many requests per second I got. And it looks like around 1500 requests per second. I think that's a lot

    It was a HTTP GET attack - I think.

    2009-10-02 09:46:07 GET /images/XXXXX.jpg - XX.XX.XX.XX HTTP/1.1 - - 404 1795
    1500 pps is actually a very small attack, as ddos attacks go.

    It will, however, totally cripple any unprotected server that has not been tuned for performance during attacks and does not have Apache (or other server) modules installed to detect such attacks.

    Using this information, combined with your initial post, I believe what you are asking is:

    Will Staminus or Gige protect me better against a low (or high) volume GET attack?

    That being the case, I know that Staminus has protection for that type of attack. Someone else will have to address the issue for Gige.

    And, more importantly, your dedicated server needs to be properly tuned. With any DDoS mitigation company I know, you will be expected to handle (give or take) around 1% of any attack at your server level. Our goal is to filter at 99.7% efficiency. But keep in mind, 0.3% of a 200kpps attack still leaves your server with 600pps, in addition to your regular traffic. If your server is not well tuned, 600 SYN pps can quickly consume and tie up your resources.

    DDoS mitigation is not an exact science and attack drones are designed to look like regular traffic. Trying to block 100% of an attack will always result in also blocking legitimate traffic.

    But I digress... carry on.
    Last edited by DiverGuy; 11-11-2009 at 03:09 PM. Reason: .
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  12. #12
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Quote Originally Posted by McNulty View Post
    Luckily with either one you can turn on/off this service within a billing period or two. Because there's no way I could maintain paying that type of service.
    It costs a lot more than $200.00 to fight a 1 Gbps DDoS attack. Don't be surprised if you're asked to leave after one or two times of canceling your protection after an attack has passed. No one likes doing emergency installations for someone who is just playing the system.

  13. #13
    Join Date
    Oct 2009
    Posts
    36
    Thanks for that info DiverGuy. One last question. Is one type of server more vulnerable than another (Win2003, Win2008, Apache, etc)? I prefer IIS servers. Or should I just throw out all my .Net code and take months to reprogram into .php?

  14. #14
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    1500 coonections/sec is nothing but apache will fall over with half this and no apache modules can cope with a true DdoS where every single hit is from a different IP. There are far easier and cheaper ways to protect yourself then paying the murderous amounts of money you usually have to pay for basic protection from specialists, however, that being said, sometimes people do suffer extremely large attacks and when this happens one has to question what they are into in the first place too attrack such attentions. Maybe they have just been shooting their mouth off to the wrong people in which case what goes around comes around. For those who do suffer DdoS attacks on a smaller scale <= 100mbits you can easily fight this off with a good setup or a good hosting provider who knows how to fight it off. The thing about DdoS is it usually doesnt last so long especially not against small insignificant websites. So my advice is to get with a decent webhosting company who knows all about this in the first place and does not give you any crap about how great they and how they can protect you no matter what because if your on a shared service and the attacks begin to effect other customers, you are rightly going offline just just make sure you clarify this before parting with any money.
    For those larger businesses who have a lot of money invested in their websites and who require the protection services offered by the specialist companies I do feel for you, but the sad fact is attacks in the range of 5-10gbits are very difficult to deal with and someone has to pay for all that traffic. The fact that you have a single point of failure though, is your undoing. Dont underinvest in your infastructure from the start and perhaps when these things come along you will be better equipted to deal with it. Hire a specialist to advise you on how best to setup your infastructure thats what they are there for.

  15. #15
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    dont throw away IIS... just remember windows linux iis apache... none are configured out of the box or even coded to take such hits... you need to introduce something more into your setup to intercept the attacks and let apache or iis do what they are designed for, serve pages!

  16. #16
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Quote Originally Posted by chaosuk View Post
    dont throw away IIS... just remember windows linux iis apache... none are configured out of the box or even coded to take such hits... you need to introduce something more into your setup to intercept the attacks and let apache or iis do what they are designed for, serve pages!
    You can place a Litespeed proxy in front of your IIS though

  17. #17
    Join Date
    Jul 2008
    Location
    France
    Posts
    105
    Quote Originally Posted by DiverGuy View Post
    Trying to block 100% of an attack will always result in also blocking legitimate traffic.
    But I digress... carry on.
    I disagree, but not with your theory, trying to block the attack will result in legitimate traffic being lost, however, having spent a very long time working with such problems I can confidently say that small scale attacks <=100mbits can be completely dealt with without any loss of legitimate traffic and without any external hardware (providing you are on a 100mbit switch and your server is dedicated)
    However, I do not want to appear to be belittling your post, it contains very useful and accurate information for these guys.

  18. #18
    Quote Originally Posted by IRCCo Jeff View Post
    It costs a lot more than $200.00 to fight a 1 Gbps DDoS attack. Don't be surprised if you're asked to leave after one or two times of canceling your protection after an attack has passed. No one likes doing emergency installations for someone who is just playing the system.
    Jeff,

    I'm not sure that's really a fair remark.

    a) The op said Staminus ddos mitigation starts at $200.00. He did not say that was for 1 gbps protection. (And it isn't). He also said that Gige started at $500.00 but did not specify their guaranteed levels of protection for their $500.00 package.

    And, of course, you are correct that it costs much more than $200.00 to mitigate a sustained 1gbps attack. The bandwidth alone for such any such sustained attack is in the 1000's of dollars. The only reason companies like Staminus, Black Lotus, Gige (and others) can sell these services below cost, is because the attacks don't generally continue long term, and thus the attack bandwidth is ultimately paid for over several months of protected but unattacked service.

    b) I'm not aware of any reputable hosting company that asks someone to 'leave' due to DDoS attacks, when the host is contracted to protect against such attacks. I know Staminus does not do that. And, when I worked for Black Lotus, you did not do it either. I would assume that has not changed.

    Unless I missed something, nobody suggested canceling and re-ordering and canceling.. or gaming the system. I hope you did not mean to imply that the OP intended to.

    Again, though, you are correct. Because the 'costs' of mitigating the attacks are spread out over the periods of non-attack, some people do try to game the system and only buy protection 'when they need it'. It's a bad plan, though, and isn't looked upon favorably by the host, who just spent $5000.00 to protect a website last month only to have the customer cancel for a month and then at 2am frantically demand re-installation of the $200.00 mitigation package for a $1000.00 level attack.

    but again.. off-topic.. carry on.
    Last edited by DiverGuy; 11-11-2009 at 04:09 PM. Reason: .
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  19. #19
    Just go with DedicatedNOW.com http://www.dedicatednow.com

    JD = Job Done. xD
    HostXNow - Shared Web Hosting | Semi Dedicated Hosting | Enterprise Reseller Hosting | VPS Hosting

  20. #20
    Quote Originally Posted by chaosuk View Post
    I disagree, but not with your theory, trying to block the attack will result in legitimate traffic being lost, however, having spent a very long time working with such problems I can confidently say that small scale attacks <=100mbits can be completely dealt with without any loss of legitimate traffic and without any external hardware (providing you are on a 100mbit switch and your server is dedicated)
    However, I do not want to appear to be belittling your post, it contains very useful and accurate information for these guys.
    IMO, Small scale attacks <=100mbps are easily dealt with at the server level and do not (normally) require the services of a DDoS mitigation company.

    My post was related to large attacks in the 500mbps - 10gbps range and was intended to describe generic ddos attacks.

    And, I'd still say that any attempt to filter 100% of any significant attack.. with zero tolerance for any missed ddos.. "will" result in some quantity of false positive detection.

    I think we agree in principle. I just don't think attacks less than 100mbps justify network level protection.

    But we are picking nits.. and off topic from his original question.
    Last edited by DiverGuy; 11-11-2009 at 04:19 PM. Reason: .
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  21. #21
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Quote Originally Posted by DiverGuy View Post
    b) I'm not aware of any reputable hosting company that asks someone to 'leave' due to DDoS attacks, when the host is contracted to protect against such attacks. I know Staminus does not do that. And, when I worked for Black Lotus, you did not do it either. I would assume that has not changed.
    Once upon a time we used Staminus heavily and still have 16 servers there. Matt has refused to protect customers who he knows will cancel the protection and similarly Black Lotus has refused business from leads who open their requests with "Can I just buy this <fill in cheap protection service here> and then cancel it when i'm done with the attack?"

    BTW: I confused your 1 Gbps price with the 1 Gbps by one of your resellers.

  22. #22
    Quote Originally Posted by McNulty View Post
    Thanks for that info DiverGuy. One last question. Is one type of server more vulnerable than another (Win2003, Win2008, Apache, etc)? I prefer IIS servers. Or should I just throw out all my .Net code and take months to reprogram into .php?
    That is really up to you, entirely.

    Personally, I do not like Windows and am unlikely to give it a favorable nod.

    However, I have seen windows servers that were properly configured and could withstand enormous attacks on their own.

    And, equally, I have seen powerful linux servers brought to their knees in under 10 seconds because the server was poorly configured and they had SQL wide open to the public.

    So, ultimately, your skills as an admin will play the largest role in your success in handling 'your' end of any attack.
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  23. #23
    Join Date
    Oct 2009
    Posts
    36
    Quote Originally Posted by IRCCo Jeff View Post
    You can place a Litespeed proxy in front of your IIS though
    Did you mean "can't"?

    You saying IIS is more vulnerable because they can not use Litespeed?

  24. #24
    Quote Originally Posted by IRCCo Jeff View Post
    Once upon a time we used Staminus heavily and still have 16 servers there. Matt has refused to protect customers who he knows will cancel the protection and similarly Black Lotus has refused business from leads who open their requests with "Can I just buy this <fill in cheap protection service here> and then cancel it when i'm done with the attack?"

    BTW: I confused your 1 Gbps price with the 1 Gbps by one of your resellers.
    *nod* But your original claim was that they could expect to be asked to leave. I'm unaware of either Black Lotus or Staminus asking anyone to leave because they were attacked or because they canceled their protection.

    Though it may be a technical distinction.. (and off topic again)... choosing to not accept payment for ddos protection service (because a customer is known to game the system and cancel protection between attacks), and then null routing the IP during an attack, is different from asking someone to leave.

    I think we're on the same page.
    Last edited by DiverGuy; 11-11-2009 at 04:37 PM. Reason: .
    John Blazek
    Auroralink Communications
    Shell & Web Hosting

  25. #25
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Quote Originally Posted by McNulty View Post
    Did you mean "can't"?

    You saying IIS is more vulnerable because they can not use Litespeed?
    Litespeed can be setup in a proxy configuration to transparently pass all http/https traffic to a back end IIS (or other organically vulnerable server). You'll just need a second machine sitting in front of it.

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 08-24-2007, 09:12 AM
  2. Gr8 DDoS Protection By Staminus
    By babarhyd in forum Dedicated Server
    Replies: 8
    Last Post: 09-02-2006, 05:09 PM
  3. Replies: 0
    Last Post: 07-04-2006, 02:01 PM
  4. CBRAS - UNMETERED STAMINUS VPS - The BEST DDoS Protection
    By eugeniopacheco in forum VPS Hosting Offers
    Replies: 0
    Last Post: 06-09-2006, 07:57 PM
  5. Staminus DDoS protection under $100, DEALS DEALS DEALS!
    By ddosguru in forum Dedicated Hosting Offers
    Replies: 12
    Last Post: 04-03-2006, 09:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •