Results 1 to 30 of 30
  1. #1
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,035

    * Why do people think CloudFlare will stop DDoS attacks?

    Hello,

    Over the last few weeks I have been seeing more and more people start to recommend CloudFlare for the prevention of DDoS attacks, Why is this?

  2. #2
    Join Date
    Jul 2010
    Posts
    363
    Cause people have no money for real DDOS protection or they don't want to spend big bucks. So any small glimmer of hope is worth clinging to .. for them

  3. #3
    Join Date
    Mar 2009
    Posts
    3,807
    because they do.. until they realize it's your site being hit and change the A record so all traffic goes directly to you

  4. #4
    I used cloud flare to make my dns load faster for my site, didn't work... Changed my computers DNS to google's 8.8.8.8 and 8.8.4.4 and it loaded my site instantly after a second of updating it, but if cloud flare doesn't speed up the load time then it sure doesn't stop ddosing...

  5. #5
    Join Date
    Nov 2010
    Location
    San Francisco, CA
    Posts
    899

    Post CloudFlare and DDoS

    Most of the time I see this happen because someone mistakenly thinks we are a DDoS service & mentions it on board. When it comes to an attack, unfortunately, people rush to find a quick fix to the problem.

    There are some things that we do that can help with smaller attacks & there are some things in the threat control panel you can do as well. But a monster attack will most certainly cause us to go direct to a site...

  6. #6
    Join Date
    Dec 2004
    Location
    New York, NY
    Posts
    10,574
    The nature of the service alone allows traffic to be spread across various POPs, which can help isolate a DDoS attack pretty well. This alone doesn't do much to help with larger attacks (for that, you'll need other mitigation methods), but I can see CloudFlare being useful for smaller attacks.

  7. #7
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,035
    Quote Originally Posted by damoncloudflare View Post
    There are some things that we do that can help with smaller attacks & there are some things in the threat control panel you can do as well. But a monster attack will most certainly cause us to go direct to a site...

    Quote Originally Posted by layer0 View Post
    The nature of the service alone allows traffic to be spread across various POPs, which can help isolate a DDoS attack pretty well. This alone doesn't do much to help with larger attacks (for that, you'll need other mitigation methods), but I can see CloudFlare being useful for smaller attacks.
    How small are we talking?

    Also if all of this is true why isnt their any information on their site regarding this Anti-DDoS...

  8. #8
    Join Date
    Nov 2010
    Location
    San Francisco, CA
    Posts
    899

    Post CloudFlare and DDoS

    Quote Originally Posted by layer0 View Post
    The nature of the service alone allows traffic to be spread across various POPs, which can help isolate a DDoS attack pretty well. This alone doesn't do much to help with larger attacks (for that, you'll need other mitigation methods), but I can see CloudFlare being useful for smaller attacks.
    Good summary We do not position ourselves as a DDoS solution at all.

  9. #9
    Join Date
    Nov 2010
    Location
    San Francisco, CA
    Posts
    899

    Post CloudFlare and DDoS

    Quote Originally Posted by cd/home View Post
    How small are we talking?

    Also if all of this is true why isnt their any information on their site regarding this Anti-DDoS...
    Because we don't want to be looked at as a DDoS solution. Generally speaking, people that are having a DDoS look for a quick fix & we do not guarantee that we will stop an attack. We will most certainly go direct to a server when the attack is large & starts to impact other customers.

  10. #10
    Join Date
    Nov 2010
    Location
    San Francisco, CA
    Posts
    899

    Post Hi,

    Quote Originally Posted by quantumphysics View Post
    because they do.. until they realize it's your site being hit and change the A record so all traffic goes directly to you
    Just a quick note that we don't make any DNS changes. We simply remove the CloudFlare proxy for the domain(s) impacted.

  11. #11
    Join Date
    Mar 2009
    Posts
    3,807
    that's ... pretty much a dns change isn't it

  12. #12
    Join Date
    Nov 2010
    Location
    San Francisco, CA
    Posts
    899

    Hi,

    Quote Originally Posted by quantumphysics View Post
    that's ... pretty much a dns change isn't it
    Not really. We're still resolving the DNS & simply removing our proxy on the DNS entry. Probably somewhat of a semantics thing...

  13. #13
    Join Date
    May 2011
    Posts
    580
    CloudFlare doesn't work well on high-end DDoS attacks (Ex: 100mbit+), but works fine when script kiddies attempt to take your website(s) offline.

    Most script kiddies have a tool which they refer to as a "Booter". A Booter, in logical terms, is a program which sends a command to multiple hacked servers. These hacked servers use their connection to attack your website's IP Address.

    When your site is behind CloudFlare, the hacked servers attack CloudFlare, instead of your website. CloudFlare isn't really made for DDoS protection, BUT it is able to filter these small attacks much better than your average web host.

    To sum this post up: Yes, CloudFlare is able to filter small DDoS attacks, but not large ones. If you are experiencing DDoS attacks, it's worth trying CloudFlare (It's free), but KEEP IM MIND, that if the script kiddie trying to take your website offline attacks your NON-CLOUDFLARE IP Address, your site will go offline. (Note: Your Non-CloudFlare IP is the IP you had before you switched to CloudFlare's DNS servers).

  14. #14
    Quote Originally Posted by Appdeveloper View Post
    CloudFlare doesn't work well on high-end DDoS attacks (Ex: 100mbit+), but works fine when script kiddies attempt to take your website(s) offline.
    100mbit+? More like 2000mbit+ or even higher.

  15. #15
    Join Date
    May 2011
    Posts
    580
    Quote Originally Posted by misspink View Post
    100mbit+? More like 2000mbit+ or even higher.
    If you're getting a constant 100Mbit+ DDoS Attack, I believe CloudFlare may kick you off (on the free version). The Pro version may be different.

  16. #16
    Quote Originally Posted by Appdeveloper View Post
    If you're getting a constant 100Mbit+ DDoS Attack, I believe CloudFlare may kick you off (on the free version). The Pro version may be different.
    how do they know you are the target with a udp attack? I doubt each person gets a dedicated ip.

  17. #17
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,035
    Quote Originally Posted by misspink View Post
    100mbit+? More like 2000mbit+ or even higher.
    100Mb is some 32.85 TB... I highly doubt 2000+...

  18. #18
    Quote Originally Posted by cd/home View Post
    100Mb is some 32.85 TB... I highly doubt 2000+...
    see above.

  19. #19
    Join Date
    May 2011
    Posts
    580
    Quote Originally Posted by misspink View Post
    how do they know you are the target with a udp attack? I doubt each person gets a dedicated ip.
    I honestly have no idea. I don't believe they can if they have 100+ websites on one IP address, and one of them are under an attack. Also, kicking off the website won't mean the DDoS won't continue against them.

  20. #20
    Appdeveloper, the "booters" you are talking about all use cloudflare and I'm sure they regularly get attacks.

  21. #21
    Join Date
    May 2011
    Posts
    580
    Quote Originally Posted by misspink View Post
    Appdeveloper, the "booters" you are talking about all use cloudflare and I'm sure they regularly get attacks.
    Actually, I'm well aware of this. Most web-based booters (Booters which requires no downloading, just going to a webpage and logging in) are indeed taking advantage of CloudFlare. Yes, they probably do get quite a lot of DDoS attacks from their competitors.

  22. #22
    Join Date
    Nov 2009
    Location
    /etc/my.cnf
    Posts
    10,035
    Come on guys, Lets not turn this into a pissing contest...

  23. #23
    What worries me more is why they aren't getting kicked off.



    Quote Originally Posted by cd/home View Post
    Come on guys, Lets not turn this into a pissing contest...
    ?

  24. #24
    Join Date
    May 2011
    Posts
    580
    Quote Originally Posted by misspink View Post
    What worries me more is why they aren't getting kicked off.
    Not only that, and their hosting and domain suspended, too. Most of them use $3/month "Offshore" Hosting in the Netherlands, or Germany (Which has more strict cybercrime laws then USA...).

  25. #25
    Quote Originally Posted by Appdeveloper View Post
    Not only that, and their hosting and domain suspended, too. Most of them use $3/month "Offshore" Hosting in the Netherlands, or Germany (Which has more strict cybercrime laws then USA...).
    Yes, rofl. "$4 a month unlimited reseller location germany offshore everything allowed bro!!!"

  26. #26
    Join Date
    May 2011
    Posts
    580
    Quote Originally Posted by misspink View Post
    Yes, rofl. "$4 a month unlimited reseller location germany offshore everything allowed bro!!!"
    ...When it's off a Master Reseller from Santrex.net, which they bought from someone who has an Alpha Reseller From Santrex and sells "UNLIMITED LIFETIME" Master Reseller Packages for $15.

  27. #27
    Quote Originally Posted by Appdeveloper View Post
    ...When it's off a Master Reseller from Santrex.net, which they bought from someone who has an Alpha Reseller From Santrex and sells "UNLIMITED LIFETIME" Master Reseller Packages for $15.
    http://orionhosting.co.cc/

  28. #28
    Its mainly because people are mislead through sketchy sales practices.

  29. #29
    Join Date
    May 2008
    Location
    Melbourne, Australia
    Posts
    10,482
    In our experience, CloudFlare has worked quite well on a scale of security and blocking out un-wanted pests. However, where it comes to performance I'd say it lacks a little there with ping times at exceptionally high rates.

    When it comes to the protection of DDOS attacks, well I suppose in a way it can work but it surely is not going to prevent such an enormous attack on there networks by any means.

    We have had a customer that has been attacked on a constant basis, so we had to block everyone from the world from accessing his/her website and only allowing CloudFlare to work on their behalf and I must say it has worked wonders.

    Within 5hrs of originally ordering with us the site had consumed up to more than 20GB of the allocated bandwidth we had provided, ever since limiting the fractions it has worked a miracle (for them), sure CloudFlare will work small wonders but when it comes to a large scale impact it might be a different matter.

    Other than that I would believe that people are always searching for a cheap alternative that would work just as good as the more expensive service on the market, now-a-days people want to spend cheap or even attain services for free and then expect top service and protection, sadly it does not really work that way

  30. #30
    it just helps it..not really doin anything special..
    resources will still be taken and if the attackers are smarter they will hop port or double-port attack it...

Similar Threads

  1. Replies: 0
    Last Post: 10-14-2010, 05:52 PM
  2. Replies: 0
    Last Post: 10-03-2010, 12:39 PM
  3. Replies: 0
    Last Post: 09-23-2010, 12:57 PM
  4. Replies: 7
    Last Post: 01-17-2007, 12:49 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •