Results 1 to 12 of 12
Thread: DDos and server security
-
10-29-2014, 02:53 PM #1Newbie
- Join Date
- Oct 2014
- Posts
- 7
DDos and server security
What security should a Hosting company have on their servers to prevent DDos attacks ,besides firewall protection.
-
10-29-2014, 03:55 PM #2Disabled
- Join Date
- Jul 2013
- Location
- US; UK/EU; Asia/Australia
- Posts
- 895
There are many ways to protect yourself and your customers.
The exact means a company is using to protect itself are a well kept secret but there are industry standards that should be followed as a basis.
-
10-29-2014, 04:11 PM #3Newbie
- Join Date
- Oct 2014
- Posts
- 7
My Hosting company has recently gone down with a DDOs attack, hence my server and site were down, i am woundering what questions i can ask as to what prevention and measures they are taking to prevent more down time, this is the first time in 12 years i have had this happen.
-
10-29-2014, 06:38 PM #4Web Hosting Evangelist
- Join Date
- Jul 2009
- Location
- Los Angeles, CA
- Posts
- 525
GorillaServers Inc. Powerful Bare Metal Servers
Instant and Custom Deploy 1Gbps/10Gbps Servers in Los Angeles & Ogden Utah
Follow us @GorillaServers | GSI on Facebook
-
10-29-2014, 06:41 PM #5Web Hosting Master
- Join Date
- Jul 2004
- Posts
- 778
Sounds like your host needs a better way to detect DDOS and decide to mitigate an attack or null route.
It looks like the attack saturated their peering. In some cases they can ask their peering to rate limit specifics
IE - NTP, DNS, or specific UDP amplications attacks.Psychz Networks - Dedicated Servers, Co-location | PhotonVPS - SSD Cloud | YardVPS - Storage VPS
True Layer 7 DDoS Mitigation | BGP Optimized by Noction Intelligent Routing | Asia-Pacific Low Latency Routes
Los Angeles, CA | Dallas, TX | Ashburn, VA | London, UK | Amsterdam, NL | Johannesburg, ZA
-
10-30-2014, 01:02 AM #6Newbie
- Join Date
- Oct 2014
- Posts
- 7
Thanks
Thanks Guys
Regards
Dave
-
10-30-2014, 04:46 AM #7
The right answer would generally be one of the two:
1) Nothing -- null route IPs that receive a ddos, tell the offending customer to seek out a ddos specializing host if they receive multiple attacks
2) Everything -- be a ddos mitigating host who specializes in hosting customers who receive large attacks. Be prepared to have everything thrown at you and respond accordingly.
There's not a lot of middle ground in most cases. DDoS protection is expensive, and most customers don't need it. Customers don't pay for things that are expensive that they don't need. The few customers who need ddos protection, generally need a lot of protection. It's not that often that you can get by with providing "basic" protection and leave it at that. If you protect someone who gets attacked, soon they will get bigger attacks that you cannot easily protect against.
So in my opinion, either you need the best ddos protected network possible, or you need nothing at all. Most customers need nothing in the way of ddos protection, and because it is very expensive and difficult to provide, that's what most hosts will have -- not much beyond the ability to null route the target of the attack.IOFLOOD.com -- We Love Servers
Phoenix, AZ Dedicated Servers in under an hour
★ Ryzen 9: 7950x3D ★ Dual E5-2680v4 Xeon ★
Contact Us: sales@ioflood.com ★
-
10-30-2014, 05:30 AM #8Newbie
- Join Date
- Oct 2014
- Posts
- 7
Thanks
Thanks,
I appreciate the time you took to answer my post
Regards
Dave
-
10-30-2014, 06:28 AM #9Disabled
- Join Date
- Oct 2014
- Location
- The Netherlands
- Posts
- 84
Does your DC/Provider have hardware DDoS protection? Seems very much a must nowadays as normal firewall rules (SYN_FLOOD) will not help against large attacks.
-
10-30-2014, 06:36 AM #10Web Hosting Master
- Join Date
- May 2006
- Posts
- 873
Depends if it was something your system administrator could handle (not saturating your server uplink) or if it was something bigger then your network uplink.
On the first situation just hire proper server administrators and have them filter the attacks.
On the second situation you need your servers administrators to coordinate the efforts with the datacenter.
Often a few specific ACL helps a lot with volumetric attacks
-
10-30-2014, 05:25 PM #11Newbie
- Join Date
- Oct 2014
- Posts
- 7
Admin response
Hi Guys,
There is a detailed report coming out from the Host, to address all issues, and what measures are and have been taken,
Thanks for all the info, this helps me understand this area of hosting.
Regards
Dave
-
10-30-2014, 05:35 PM #12Web Hosting Master
- Join Date
- Oct 2010
- Posts
- 3,662
DDoS happens. Usually, it affects a limited amount of clients, however there are cases where it can affect everyone. Sadly, it is really easy for near-anyone to DDoS these days. And I'm not talking a few Mbps, we're talking tens of Gbps, enough to take out small setups.
If your provider advertises DDoS protection, it's not acceptable (in my opinion) for a client to be affected by another's attacks. If they do not advertise DDoS protection, they should still auto-null route any IPs receiving lots of bandwidth, to the point that it will have any adverse affects on their networks.
Another thing to be weary of is people that setup 40 servers with 1 Gbps on a rack with 1 or 2 x 1 Gbps uplinks. It's really not acceptable, but a lot of people do it. That means that even a small attack can affect the entire rack, hell, it doesn't even need to be an attack! Just a few clients actually using their bandwidth!SiFuQi.net - Affordable Dedicated Servers in Los Angeles, California
24x7 Support • Enterprise Grade Hardware • Automated OS Reinstalls
Check out our reseller program, with a unique two-tiered discount.
Similar Threads
-
Fortnode Security Systems | Giant DoS Server Sale | DDOS Secure Servers 25% Off!!!
By Fortnode in forum Dedicated Hosting OffersReplies: 0Last Post: 03-05-2012, 02:59 AM -
Fortnode Security Systems | Giant DoS Server Sale | DDOS Secure Servers 25% Off!!!
By Fortnode in forum Dedicated Hosting OffersReplies: 0Last Post: 02-18-2012, 02:14 AM -
Fortnode Security Systems | Giant DoS Server Sale | DDOS Secure Servers 25% Off!!!
By Fortnode in forum Dedicated Hosting OffersReplies: 0Last Post: 01-19-2012, 03:12 AM -
Need someone to check my server security (A recent DDoS took down my site)
By Phatmat in forum Systems Management RequestsReplies: 6Last Post: 07-26-2009, 03:29 PM -
Server Systems Administration NZ | Security & anti-dDOS
By LoganNZ in forum Systems Management OffersReplies: 0Last Post: 07-10-2007, 09:38 PM