Results 1 to 8 of 8

Thread: DDOS Prevention

  1. #1
    Join Date
    Mar 2004
    Location
    Seattle, WA
    Posts
    2,561

    DDOS Prevention

    Hello,

    What are some effective software to prevent DDOS attacks? We already have in place APF and BFD, however our apache server continues to get flooded with unknown requests, higher than normal. We were suggested to buy a physical firewall as well. What are some descent firewalls out their?

    Please reply to both questions.

    Thanks
    ColoInSeattle - From 1U to cage space colocation in Seattle
    ServerStadium - Affordable Dedicated Servers
    Come visit our 18k sq ft. facility in Seattle!
    Managed Private Cloud | Colocation | Disaster Recovery | Dedicated Servers

  2. #2
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    Firewalls essentially were made to do port blocking - though features may have been added, they are nonetheless monolithic proxies essentially. They *DO* mitigate DDoS attacks quite a bit but should not entirely be relied upon for DDoSing alone.

    If you keep getting DDoS hits on say Port 80, you may want to look at deivces that do TRL (Transaction Rate Limiting) for a specific service. Other mitigation devices particularly for DDoS at OEMs like Top Layer, Mazu Networks, Arbor Networks (perhaps the best player out there), Captus, Riverhead (Now part of Cisco), Juniper/Netscreen (their firewalls greatly reduce DDoSing), Foundry Networks to name a few. I am sure there are more out there.

    Now to answer your question - Yes. A decent firewall, like say, Juniper Netscreen NS-50 should be able to handle upto 100Mbps traffic very nicely and should be able to handle small to mid-size DDoS attacks.

    The basic thing about DDoS is...

    a. The type of attack?
    b. Attack bandwidth
    c. Setup Rate (measured in seconds).

    Here is a good resource to read-up more on DDoS:
    http://staff.washington.edu/dittrich/misc/ddos/

    Hope the above helps.

    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  3. #3
    Join Date
    Mar 2004
    Location
    Seattle, WA
    Posts
    2,561
    Thank you Faisal for your input.
    ColoInSeattle - From 1U to cage space colocation in Seattle
    ServerStadium - Affordable Dedicated Servers
    Come visit our 18k sq ft. facility in Seattle!
    Managed Private Cloud | Colocation | Disaster Recovery | Dedicated Servers

  4. #4
    Join Date
    Feb 2004
    Posts
    772

  5. #5
    Join Date
    Mar 2004
    Location
    Seattle, WA
    Posts
    2,561
    Also, just to get more detailed as to what type of DDOS attack this is, it is a syn flood attack.
    ColoInSeattle - From 1U to cage space colocation in Seattle
    ServerStadium - Affordable Dedicated Servers
    Come visit our 18k sq ft. facility in Seattle!
    Managed Private Cloud | Colocation | Disaster Recovery | Dedicated Servers

  6. #6
    Join Date
    Mar 2001
    Location
    Houston, TX
    Posts
    972
    Who's your datacenter? Usually, your datacenter will be able to help you by putting up some kind of flood protection (temporarily) until the attack subsides.

    Roj
    Web Hosting? Been there. Done that.
    I am niyogi.

  7. #7
    Is there any way by which I can find on what port DoS attacks are being done??
    I am not able to figure out who and who my server is attacke by Dos.. my host company (hostcentric) are not willing to help me.. what do I do?

  8. #8
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    747
    You need to capture some traffic in order to determine that. Are you on a dedicated server or shared? If on a dedicated server, install any packet capturing software, like Ethereal, etc. and you will be able to determine what sort of traffic was/in coming in.

    If you are unable to access your server (assuming you are on a dedicated server), then your only hope is to have your hosting provider assist you in the packet capturing.

    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •