Results 1 to 25 of 25
  1. #1
    Join Date
    Aug 2005
    Posts
    33

    DDoS protection for a smaller guy

    While doing a research on hosting companies that offer at least some kind of protection from DDoS attacks for reseller/shared accounts I realized that there are currently 2 companies being successful in effectively protecting their customers from DDoS attacks: staminus (S) and gigeservers (G) for moderate price. However, even $150/month for dedicated hosting offered by those companies is way above my budget. Also I do not have neither expertise no time to administer a box, so I'm after reseller accounts.

    Naturally I thought that I have to find smaller hosting companies who keep their servers with G. or S. and offer reseller accounts (or at worst, just regular shared hosting allowing to host more than one domain).

    From the threads on WHT I found some names, here they are:

    stamina-host.com/reseller.html (@Staminus)

    hostxpro.com (@ Gigeservers)
    pyrexnetworks.com (@ G)
    best-shellz.net (@ G)
    sh3lls.net (@ G)
    voltshells.com (@ G)

    But as I found out except for the stamina-host the rest keep only IRC-servers at G., and the servers used for web hosting are kept elsewhere...

    Question #1: are there any other hosting companies offering shared hosting/reseller account and having servers at G or S?

    Question #2: why reputable companies like HTTPme, Idologic and bunch of others offering reseller accounts do not keep couple of servers at Staminus or Gigeservers to host customers who for some reasons have attracted attention of packet kiddies? I mean, the regular procedure when someone is being DDoS-ed at shared hosting is like this: the host first tries to somehow protect the server from the attack (best case scenario) then/or just nullroutes the doomed IP. If attacks continue the customer is being asked to leave ASAP so the others do not suffer, that's it.

    But isn't it better to offer the victim of the attack some space at a much better protected facility, even for higher price? For example I am willing to pay lets say $50-55/month for the basic reseller account instead of $30 (Idologic) or $35 (HTTPme) just for being sure that I am not being booted because one of my clients has become a target of a DDoS attack. Not to say that offering protection for small guys may be a great selling point.
    Last edited by Shorshor; 08-05-2005 at 05:53 PM.

  2. #2
    HI, Shorshor

    You should really look arround the forum in the offers section if you want info like that and besides it never hurts to contact the companies with questions reading DDOS protection. One thing for sure is that almost every company out there tries to protect them self from beaing damaged. After all who in here wants to be destroyed. Some companies can protect them selfs more than others but that does not mean that they are not trying.

    Good Luck

  3. #3
    Join Date
    Jan 2005
    Location
    Scotland, UK
    Posts
    2,681
    Staminus are really good.
    Server Management - AdminGeekZ.com
    Infrastructure Management, Web Application Performance, mySQL DBA. System Automation.
    WordPress/Magento Performance, Apache to Nginx Conversion, Varnish Implimentation, DDoS Protection, Custom Nginx Modules
    Check our wordpress varnish plugin. Contact us for quote: sales@admingeekz.com

  4. #4
    Join Date
    Aug 2005
    Posts
    33
    Originally posted by productive
    HI, Shorshor

    You should really look arround the forum in the offers section if you want info like that and besides it never hurts to contact the companies with questions reading DDOS protection.
    This is what I have been doing since the last Friday

    Originally posted by productive
    One thing for sure is that almost every company out there tries to protect them self from beaing damaged. After all who in here wants to be destroyed. Some companies can protect them selfs more than others but that does not mean that they are not trying.
    Yes. But still I would prefer to deal with a company that has it servers in a protected DC, rather than with someone who is going to fight just to some point then run to the hills

    Originally posted by HostGeekZ
    Staminus are really good.
    I was asking not about Staminus but smaller hosting companies keeping their servers there.

  5. #5
    Hello, Shorshor

    I totally understand you, you want to know that you are protected to the fulless extent.

    Good Luck

  6. #6
    Join Date
    Jul 2005
    Location
    Mexico
    Posts
    1,762
    Some of my sites have DDos Attacks lately. Then i buy Jodohost with a spcecific ip plans ( for emergencies ) and use roundr robbins with three resellers in different DC each using cpanel, blocking offenders ip.

    Things are safe now for me.

  7. #7
    Join Date
    Aug 2005
    Posts
    33
    The fact that you used round robin suggests that you have dedicated servers. Or was it shared account?
    Last edited by Shorshor; 08-08-2005 at 02:53 PM.

  8. #8
    Join Date
    Jul 2005
    Location
    Mexico
    Posts
    1,762
    Simple Resellers. I have not any dedicated or VPS. Mi main concern is not have a significant % of my customers with one business.. if one fail, is not catastrophic.

    At the moment have 12 resellers around 120-140 USD monthly, but my income is around 500 to 800 Monthly,

    I use round robbin ONLY in cpanel and static sites, but have too plesk, hsphere, ensim, helm.

    I put the ns of the target domains in this matter:

    1) ns1.resellerinGlobalcompass.com
    2) ns2.resellerinGlobalcompass.com
    3) ns1.resellerinGNAX.com
    4) ns2.resellerinGNAX.com
    5) ns1.resellerinTHEPLANET.com
    6) ns2.resellerinTHEPLANET.com

    And get around 100% Uptime. The customer need upload in three sites via FTP, but no much problems. If you have addon domains in the account, can be shared. I have a little plan with round robbin, and i backup ALL the customers data in one step, is the reason i use cpanel and not helm or DIrectAdmin.

  9. #9
    Join Date
    Aug 2005
    Posts
    33
    Sounds logical yet I have to check this in more detail, I am not very well aware of how the round robin works. I thought one needs to have a dedicated server and to run some additional scripts to implement round robin.

  10. #10
    Join Date
    Jul 2005
    Location
    Mexico
    Posts
    1,762
    use the search feature , in a thread beginned for me asking for "weird reseller requeriment about the planet" one guy put a good link.

  11. #11
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    748
    Some companies do offer DoS/DDoS protection - for example resellers for shared hosting on EZZI might do it and EV1, etc. but chances are their mitigation systems may not thwart an attack in its entirety (a) it could be too small to be noticed (b) it could be too big for the hardware protecting the DC or the Server.

    If you're experiencing an attack of say 200k setups per second, there is very little a Netscreen firewall or even a TopLayer 5500 (base) model can do. It would inundate the appliance.

    If your attack is small (you need to find out) then it could very well be controlled.

    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  12. #12
    Join Date
    Aug 2005
    Posts
    33
    Nothing like 200K/sec. The most agressive I've seen was less than a hundred requests per sec.

  13. #13
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    748
    1-2K per second is very controllable.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  14. #14
    Join Date
    Aug 2005
    Posts
    33
    Yes, if the hoster wishes to spend time while being at risk of getting hit by a wave of complaints from other customers on the same server. In my case the hoster didn't try and didn't want to do anything.

  15. #15
    Join Date
    Jul 2005
    Location
    Mexico
    Posts
    1,762
    do u know how many ip are the offenders ort are too many ?

  16. #16
    Join Date
    Aug 2005
    Posts
    33
    Not many, actually. It's all about the willingness to fight for the customer's interest in an out of ordinary situation.

  17. #17
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    748
    Your problem might come down to pure economics (sadly!). If it costs the data-center say 10 hours to control this - assuming they are charging US$ 90/hour, its $900 of billing so to speak for that month. If you only give them say $45/month, that's only $540/year - considering a year has 12 months and you may have only been with them for say 3 months.

    So in your case they may very well adopt the "screw it" attitude. It all depends from DC to DC / host-to-host. Some will bend over backwards to help you out, others might not.

    YMMV.
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  18. #18
    Join Date
    Aug 2005
    Posts
    33
    I understand that perfectly (sigh...).

    However, I think every host must have some basic protection at least from smaller attacks, because nowadays anyone can get hit by a DDoS attack. A web hosting client doesn't need to run an online casino, porn site or IRC network to become targetted. A host that cannot and doesn't want to protect customers from a 2Mbps attack is asking for troubles for those very clients whose interests he/she claims to be protecting.

    These days running a web hosting company without some DDoS protection is like entering a battlefield driving Honda Civic. Of course, there are chances the driver and passengers may survive, but those are very low I believe.
    Last edited by Shorshor; 08-17-2005 at 04:42 AM.

  19. #19
    Join Date
    Aug 2004
    Location
    Karachi, Pakistan
    Posts
    748
    Actually Fast & Furious taight us that Honda Civics are good for the run!!!

    Any ways, most DCs do not have protection from DoS/DDoS, even if they do, the trigger threshold may be set up high - so as to kick in if the traffic to & from the data center starts getting affected. 2Mbps would not even register on some DCs network monitoring systems, but a mis-configured server, and one that is not throughly patched up and drummed down, a 2Mbps pipe can play havoc.

    Just remember one thing - the estimate of the number of PCs/Servers compromised that can adequately be termed as "zombie" machines is anywhere from 50 million nodes to 90 million nodes, depending whom you ask. The problem is only going to get worse before it gets better.

    Faisal
    "I drink too much. The last time I gave a urine sample it had an olive in it. ".
    Rodney Dangerfield (from "I Get No Respect!").

  20. #20
    Join Date
    Aug 2005
    Posts
    33
    The problem is only going to get worse before it gets better.
    Yes and yes and yes!
    That's why I am sure that making some investments by hosting companies now will let both them and their clients avoid some potentially disastrous consequences of DDoS attacks later on.

    Actually there are not that many huge botnets around and chances are one won't get attention from those big guys, but even smaller (500-2000) botnets can cause lots of trouble to unprepared hosts. And it is possible to create such a botnet for people without some extraordinary knowledge of computers and networks.
    Last edited by Shorshor; 08-17-2005 at 06:05 AM.

  21. #21
    Join Date
    Jul 2005
    Location
    Mexico
    Posts
    1,762
    well you say are noy too much ip causing the problem, i try to ban it in cpanel... and use round robbin

  22. #22
    Originally posted by Shorshor
    Yes and yes and yes!
    That's why I am sure that making some investments by hosting companies now will let both them and their clients avoid some potentially disastrous consequences of DDoS attacks later on.
    *Sigh* - yup - unfortunately the ISP market is very competitive, so expending money on DDoS mitigation is only a last resort for many. However, we have seen quite a change in attitude in the last year and a bit, so maybe, just maybe......

  23. #23
    Join Date
    Jan 2002
    Location
    Scotland, UK
    Posts
    2,688
    Although a lot of web hosting providers will have systems in place to help protect against DOS/DDOS attacks many will not advertise this as a feature to try and prevent customers signing up who are actively looking for this protection because they know their websites will be attacked.

    - Chris

  24. #24
    Join Date
    Aug 2005
    Posts
    33
    Although a lot of web hosting providers will have systems in place to help protect against DOS/DDOS attacks...
    My (though very limited) experience shows that most of the hosting companies claim they have something in place to protect from DDoS. However, when there is an attack they fail to stop even the smallest one. Recently my site was DDoSed along with 7 other web sites of similar theme: in all cases except for one the hosting companies were totally useless.

  25. #25
    Join Date
    Aug 2005
    Location
    Oxford, England, UK
    Posts
    828
    Ezzi have some basic DDoS protection, but a no IRC allwoed policy too.
    Having said that, a 2mbps attack against a DC with multiple GigE would not cause any harm, its when attacks get into the 10mbit or more (especially if you are on a 10mbit port) that problems occur.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •