Results 1 to 11 of 11
-
09-03-2005, 05:25 PM #1
What to do when my site gets DoS'ed (and what hosts can help filter DoS)?
my website, www.oilfight.com, has been DoS'ed off the internet for the past 40 hours or so. I dont have a way to prove it but I think I know who is doing it.
My webhost has been completely incapable of doing anything about the sutuation, the person doing it lives in another country, and their isp has not contacted me back.
What are my optons to get my site back up? I'm thinking of switching to a server somewhere where they can better filter these sorts of things. Does anybody know a reasonably priced dedicated server host who can help?IOFLOOD.com -- We Love Servers
Phoenix, AZ Dedicated Servers in under an hour
★ Ryzen 9: 7950x3D ★ Dual E5-2680v4 Xeon ★
Contact Us: sales@ioflood.com ★
-
09-03-2005, 07:14 PM #2WHT Addict
- Join Date
- Jan 2005
- Location
- Lincs, UK
- Posts
- 152
Staminus are known for DDos mitigation, there are many others - a quick search here will throw them up.
What sort of attack are you getting? How much traffic is actually coming your way?
AlexMember, MySQL Guilds
Author, "MySQL Clusterng" (Sams)
-
09-03-2005, 10:32 PM #3Web Hosting Master
- Join Date
- Apr 2003
- Location
- NC
- Posts
- 3,093
It depends on the type of DOS attack as to just how much a host can do. If the attack is setup in an ideal (for the attacker not you) manner it may be near impossible fo ryou to do anything but wait. It seems like you are hosting some controversial webpages and the only solution may be to use a round robin dns setup and host the pages on multiple servers to help mitigate it.
John W, CISSP, C|EH
MS Information Security and Assurance
ITEagleEye.com - Server Administration and Security
Yawig.com - Managed VPS and Dedicated Servers with VIP Service
-
09-04-2005, 12:03 AM #4Aspiring Evangelist
- Join Date
- Nov 2002
- Location
- Los Angeles, CA
- Posts
- 415
There are usually ways to reroute DDoS attacks, but as eth00 said, sometimes it's just not enough.
You could probably forward you domain to a mirror host that has a bit more bandwidth and/or experience in dealing with these types of attacks. It's also a good idea to send out a newsletter stating what's happening, and possibly get some support from your viewers that have some knowledge in this issue.
But technically, if your host has tried everything, and nothing has prevailed. Then really all you can do is wait.
-
09-04-2005, 02:45 AM #5
the site is not controversial, it is a browser based game
IOFLOOD.com -- We Love Servers
Phoenix, AZ Dedicated Servers in under an hour
★ Ryzen 9: 7950x3D ★ Dual E5-2680v4 Xeon ★
Contact Us: sales@ioflood.com ★
-
09-04-2005, 11:10 AM #6Web Hosting Master
- Join Date
- Apr 2003
- Location
- NC
- Posts
- 3,093
Originally posted by funkywizard
the site is not controversial, it is a browser based game
Anyways as posted above if you can give more information about what the DOS attack is we may be able to give some suggestions.John W, CISSP, C|EH
MS Information Security and Assurance
ITEagleEye.com - Server Administration and Security
Yawig.com - Managed VPS and Dedicated Servers with VIP Service
-
09-04-2005, 12:43 PM #7Web Hosting Master
- Join Date
- Aug 2004
- Location
- London
- Posts
- 887
do you have any bandwidth graphs?
How much traffic is your server actually receiving?...loading
-
09-04-2005, 04:34 PM #8Web Hosting Master
- Join Date
- Nov 2004
- Location
- Dallas
- Posts
- 740
I recommen to deny the IP of the attacker or use a firewall.
-
09-06-2005, 10:24 AM #9Dennis Johnson
- Join Date
- Jun 2001
- Location
- Kalamazoo
- Posts
- 33,412
Re: What to do when my site gets DoS'ed (and what hosts can help filter DoS)?
Originally posted by funkywizard
. . . Does anybody know a reasonably priced dedicated server host who can help?
The server was wrapped up about as tight as you can wrap one and still have it functional. Of course, this was at the cost of being annoying for some clients at time.
Finally moved to GigeServers.
The server has been left loose and free wheelin' since. And has maintained excellent uptime and connectivity.
From my experience, they are very good at mitigating ddos. I've actually been able to sleep since moving that server to GigeServers.There is no best host. There is only the host that's best for you.
-
09-06-2005, 04:25 PM #10
ah i forgot to update you guys. i made a simple javascript that took down the offenders website and he agreed to a truce. there is no doubt who is reponsible for the attacks as i talked to him on irc about it. i have his name / address from his whois, and if anything ever happens again I know whose door to knock on.
IOFLOOD.com -- We Love Servers
Phoenix, AZ Dedicated Servers in under an hour
★ Ryzen 9: 7950x3D ★ Dual E5-2680v4 Xeon ★
Contact Us: sales@ioflood.com ★
-
09-07-2005, 05:52 PM #11Web Hosting Master
- Join Date
- Mar 2004
- Posts
- 1,007
First you could find out how nig an attack is,second what kind of attack is it and how smart are their scripts setup,try to find out the neccessary firewall rule but if its port 80 attack and they are changing they tactics everytime you are mitigating them then consider moving to Staminus or Gigeservers or even their none irc netowrk
Also a good managed provider like www.isprime.com could mitigate them
Depending on your budget and teh nature of an attack you could choose the right solution for youBest Regards,
Namesniper