Results 1 to 16 of 16
Thread: DDoS protection
-
05-18-2010, 06:55 PM #1New Member
- Join Date
- May 2010
- Posts
- 3
DDoS protection
Hi,
We are having some problems with DDoS attacks. We were looking for solutions and we found Intruguard and RioRey. Does anyone have any experience with Intruguard or RioRey?
Is there any other company that offers DDoS protection?
BR,
BBKing
-
05-19-2010, 03:34 PM #2Disabled
- Join Date
- Jan 2010
- Posts
- 134
Hire a good system admin to find the cause of DDOS attack and resolve it.
You can also use cisco firewalls to stop ddos.
-
05-19-2010, 04:07 PM #3Temporarily Suspended
- Join Date
- May 2010
- Posts
- 57
I think still no one could find out solution on ddos. But We prevent ddos using setting firewall rules on server.
-
05-19-2010, 05:00 PM #4Backup Master
- Join Date
- Nov 2009
- Posts
- 816
Only a hardware firewall offers real protection against any DDOS attacks. I recommend using Cisco Guard. Search on google for Intruguard or RioRey. I bet you will find some reviews there.
-
05-20-2010, 03:34 AM #5New Member
- Join Date
- May 2010
- Posts
- 3
We know where attacks are comming from and we know what kind of attack is. We have Cisco Firewall and it fails (100% CPU Usage).
We are searching google for reviews but there is not much about that.
Cisco has discontinued his Cisco Guard product.
-
05-20-2010, 07:22 AM #6Temporarily Suspended
- Join Date
- May 2010
- Posts
- 282
-
05-20-2010, 07:43 AM #7CISSP-ISSMP, CISA
- Join Date
- Aug 2002
- Location
- Seattle
- Posts
- 5,525
We maintain two networks, one RioRey and one IntruGuard. The RioRey is easier to use but the IG has a more robust feature set.
Another poster mentioned using a firewall; works great for UDP but even a 100 - 200 Mbps TCP attack will sink a NS5200 ($80,000 firewall) so it's necessary to use DDoS appliances in front of your firewalls.
-
05-20-2010, 10:26 AM #8New Member
- Join Date
- May 2010
- Posts
- 1
We recently purchased a Riorey RX1810 and wrote a small review (link is on the riorey frontpage; "RioRey's RX1810 Reviewed by Tweakers.net"). Basically it works for us, but it totally depends on how big the ddos is and how many packets per second you get in attacker traffic. We successfully blocked 300-550k PPS SYN attacks and up to 1GBit/s 1500-byte packets with it.
For our website (~16 servers, ~5-10mbit incoming, 50-500 mbit outgoing) it works, and even tho it hasn't blocked a real attack so far, our testing indicated it would have blocked most of the previous attacks we suffered (save one, which was in excess of 7gbit).
I haven't tested the IntruGuard, but if it is a ddos appliance it probably works.
-
05-20-2010, 01:49 PM #9Disabled
- Join Date
- Apr 2009
- Posts
- 3,262
Maybe this can help: http://www.blockdos.net/
-
05-20-2010, 07:37 PM #10Web Hosting Master
- Join Date
- Jun 2006
- Location
- NYC / Memphis, TN
- Posts
- 1,454
I want to add to what Jeff has stated here. You can have an appliance but the appliance must must be configured properly by someone who knows what they are doing. You also must understand that they will likely not catch everything and you will probably need another form of protection with that.
I only mention this because we get lots of customers who have Riorey devices and are still down. Just be sure of what you are getting yourself into and that you know you are spending $10k+ on a solution that will resolve your problem.≈ PeakVPN.Com | Complete Privacy VPN | Cloud Hosting | Guaranteed Security | 1Gbps-10Gbps Unmetered
≈ PeakVPN | 31 VPN Servers | 17-Years Experience | Emergency 24/7 Support
≈ Visit us @ PeakVPN.Com (Coming SOON) | ASN: 3915
-
05-21-2010, 04:31 AM #11New Member
- Join Date
- May 2010
- Posts
- 3
@IRCCo Jeff:
Could you give a bit more detailed comparison between RioRey and Intruguard? How is Intruguard mitigating DDoS attacks? Did you have any false positive on RioRey or Intruguard?
-
05-22-2010, 06:22 PM #12Newbie
- Join Date
- May 2010
- Posts
- 14
why Intruguard and RioRey? There must be a better solution like a change in the configuration.
I read someone has used these 2 iptables:
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 2 --hitcount 6 -j DROP
First line: Port 80 logger
Second Line: Limit. 2 connections per 6 seconds.
If your site has a lot of pictures they will be loaded (partially) with a 2 seconds delay... So this is not a adequate solution, just a quick and dirty protection when you don't know what to do in a ddos attack.
I'm still searching for a better method. isn't there a best practice solution?
-
05-22-2010, 11:38 PM #13Web Hosting Master
- Join Date
- Jun 2006
- Location
- NYC / Memphis, TN
- Posts
- 1,454
≈ PeakVPN.Com | Complete Privacy VPN | Cloud Hosting | Guaranteed Security | 1Gbps-10Gbps Unmetered
≈ PeakVPN | 31 VPN Servers | 17-Years Experience | Emergency 24/7 Support
≈ Visit us @ PeakVPN.Com (Coming SOON) | ASN: 3915
-
05-23-2010, 04:35 AM #14Web Hosting Master
- Join Date
- May 2003
- Location
- Canada
- Posts
- 671
I have seen both devices going down. Infact there is no such thing as 100% protection. So depends on the type of attack you get it has to be dealt accordingly. Specially if you are installing any of the mitigation devices make sure that your internet provider is smart and friendly enough to listen to you and do what you ask. Bandwidth is just one factor. But these devices failed most of the time when hit by low rate attack which looks very real. So you will be needing some additional stuff besides this to block application level attacks.
Imagine attackers put iframe in 10 very busy sites .. which redirect traffic or open your webpage. Technically that traffic is Legit and these devices will pass them to your server. Human interaction is always something you need to keep in mind.
This is why most of the ddos mitigation companies actually sell ddos protection as a SERVICE. I had one client who had a lot of money but in the end he had to use the "Service" even he had his own equipments. To fight a 20gbps attack
btw iptables wont work if its windows based box :pServer4Sale
Dirt CHEAP Servers coming soon
-
05-23-2010, 08:16 AM #15Junior Guru
- Join Date
- Apr 2009
- Location
- Australia
- Posts
- 184
As said above no DDoS Attack can be fully mitigated but there are ways to reduce the attack.
Anyway, Have you got any idea on how big the attack is?
-
05-23-2010, 10:10 AM #16Newbie
- Join Date
- May 2010
- Location
- Egypt
- Posts
- 22
may be this can help http://www.blockdos.net/ddosprotection_plans.html
Similar Threads
-
DDoS protection providers vs DDoS protection scripts
By Mareshal in forum Dedicated ServerReplies: 12Last Post: 10-10-2009, 09:46 PM -
DDos protection.
By definebr in forum Dedicated ServerReplies: 4Last Post: 05-25-2009, 09:49 PM -
DDOS Protection
By hostingguy123 in forum Hosting Security and TechnologyReplies: 7Last Post: 07-05-2008, 02:04 AM -
Got DDoS? BLCC DDoS Protection sale! Stop HTTP GET attacks in their tracks!
By ddosguru in forum Dedicated Hosting OffersReplies: 7Last Post: 01-17-2007, 12:49 PM -
ddos protection
By morphey in forum Dedicated ServerReplies: 0Last Post: 06-06-2006, 06:58 PM