Results 1 to 13 of 13
  1. #1

    DDoS protection providers vs DDoS protection scripts

    I am looking for some good ddos protection providers, via protected dns. I've searched on internet, but most of them are really expensive.

    Please tell me some ddos protection providers what could help me.(gige is too expensive btw).

    And I found some ddos protection scripts. How can a script protected a server from ddos? A sript like CSF or DDoS deflate?

  2. #2
    First of all, the protected dns will only mean that your nameservers are protected from a Denial of Service attack, in most cases.

    Firewalls like CSF and a script like DDoS deflate might help here and there against a DDoS, but it will eat up resources, as opposed to having your provider filter traffic, which will stop bad traffic before it reaches your server.

    What sort of attacks are you receiving? How many packets per second, how many mbps is the size of the attack?

    Implementing a system means you won't have instant DoS protection, as a filtering appliance needs time to analyse your traffic in order to precisely decide which packets are 'bad'.
    478east
    High Bandwidth Servers
    Custom Hosting Solutions

  3. #3
    most of attacks are between 100Mbps and 700Mbps. A good solution for 500Mbps is SecurePort from staminus, but I need something for 100Mbps and 300Mbps. I found that DDoS deflate would have to run in a cron every 1 minute, and this is resource eater, like you said.

  4. #4
    Join Date
    Jun 2004
    Location
    Europe
    Posts
    3,822
    Mod_deflate will actually not help you must against a real DDOS aimed to either saturate your uplink or max out the server or operating systems capacity to handle Packets per Seconds.

    What Mod_deflate does, is not much then use IPtables to stop certain attacks on httpd based on httpd requests. It is a tool to stop certain Denial of Services attacks, but it is not a DDOS filtering or mitigation method.

    EDIT: seems DDOS deflate is actually another script. Even so, PPS and link saturation limits do apply. There is not a script that can actually deflate that.
    Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017 Support response time <15 minutes 24/7
    Introducing our new Entry level server line ! Support response time <15 minutes 24/7. Technology Fast 50 & Fast 500 award winning for multiple years, Your Business deserves Swiftway Quality.

  5. #5
    In this case, CSF makes the same thing, KISS the same, APF too. all of them are using iptables. but do you know any ddos hosting providers, or ddos protection providers?

  6. #6
    Join Date
    Jun 2004
    Location
    Europe
    Posts
    3,822
    Quote Originally Posted by Mareshal View Post
    most of attacks are between 100Mbps and 700Mbps.
    And how much Packets per Second? bandwidth figures does not say much as all if you like to fight/stop/mitigate a DDOS attack.
    Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017 Support response time <15 minutes 24/7
    Introducing our new Entry level server line ! Support response time <15 minutes 24/7. Technology Fast 50 & Fast 500 award winning for multiple years, Your Business deserves Swiftway Quality.

  7. #7
    Join Date
    Jun 2004
    Location
    Europe
    Posts
    3,822
    Quote Originally Posted by Mareshal View Post
    but do you know any ddos hosting providers, or ddos protection providers?
    Blacklotus comes to mind. I suggest you talk to them.
    Gigenet seem to be reputable as well. But you labeled them as too expensive. Fighting DDOS attacks is not cheap altough.
    Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017 Support response time <15 minutes 24/7
    Introducing our new Entry level server line ! Support response time <15 minutes 24/7. Technology Fast 50 & Fast 500 award winning for multiple years, Your Business deserves Swiftway Quality.

  8. #8
    50-200k packets per second

  9. #9
    Join Date
    Aug 2002
    Location
    Seattle
    Posts
    5,525
    Mareshal, you need to be either on a DDoS protection provider or own the uplink and equipment to do the heavy lifting for you.

  10. #10
    Join Date
    Jun 2006
    Location
    NYC / Memphis, TN
    Posts
    1,454
    Agreed. Either way when you start talking upwards of 700Mbps / 200k PPS then it is going to be costly.

    Although, the investment to hire a DDoS protection company will be quite a bit lower than the cost of equipment required to "attempt" to mitigate an attack of that size.

    Best of luck!
    PeakVPN.Com | Complete Privacy VPN | Cloud Hosting | Guaranteed Security | 1Gbps-10Gbps Unmetered
    PeakVPN | 31 VPN Servers | 17-Years Experience | Emergency 24/7 Support
    Visit us @ PeakVPN.Com (Coming SOON) | ASN: 3915

  11. #11
    Fighting DDoS you are looking at over $100 a month my friend! It is not cheap at all and an overpriced market. Good luck!

  12. #12
    We use a combination of hardware and a customized script we wrote in house. Over $50k for the hardware portion though, so probably out of your range.

  13. #13
    Join Date
    Oct 2002
    Location
    Vancouver, B.C.
    Posts
    2,699
    Quote Originally Posted by robotronik View Post
    Fighting DDoS you are looking at over $100 a month my friend! It is not cheap at all and an overpriced market. Good luck!
    Like any market, there are suppliers who are overpriced. However, keep in mind that DDoS mitigation services are expensive because true DDoS mitigation itself is very expensive.

    Not only does the provider have to spend a lot of capital on purchasing specialized DDoS mitigation equipment, but they also have to maintain high capacity links with enough excess capacity to handle the largest attacks. Not only that, but they have to eat the bandwidth costs of the attack as well. Many attacks also require the attention of highly qualified staff to manually make adjustments to mitigate the attacks.

    If anything, I think DDoS mitigation may be undervalued, as the true providers are having to compete with the pricing of pretenders who do nothing except install scripts and mod_security.
    ASTUTE INTERNET: Advanced, customized, and scalable solutions with AS54527 Premium Performance and Canadian Optimized Network (Level3, Shaw, CogecoPeer1, GTT/Tinet),
    AS63213 Cost Effective High Performance Network (Cogent, HE, GTT/Tinet)
    Dedicated Hosting, Colo, Bandwidth, and Fiber out of Vancouver, Seattle, LA, Toronto, NYC, and Miami

Similar Threads

  1. DDoS Protection - What next?
    By wirefusemedia in forum Web Hosting
    Replies: 17
    Last Post: 10-07-2009, 01:59 AM
  2. DDoS Protection
    By MiguelV in forum Dedicated Server
    Replies: 8
    Last Post: 06-28-2009, 10:30 AM
  3. DDos protection.
    By definebr in forum Dedicated Server
    Replies: 4
    Last Post: 05-25-2009, 09:49 PM
  4. EU with DDoS protection?
    By Temper in forum Dedicated Server
    Replies: 8
    Last Post: 11-25-2007, 08:30 AM
  5. Replies: 7
    Last Post: 01-17-2007, 12:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •