Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
  #1  
Old 21 Mar 2006, 21:14
The Prohacker's Avatar
The Prohacker The Prohacker is offline
 
Join Date: Oct 2001
Real name: Mat Sumpter
Attack Mitigation

One of the more common problems I'm sure we all face is denial of service attacks. A few of our communities face fairly regular attacks while others have never. What methods are you using to mitigate the attack?

Our own experience:
We have had to deploy a two tier method. Our hosting provider offers a mitigation service which has done very well in the past, but several of the script kiddies have found ways around it. We also have a custom script that monitors connections to the servers and reports the top 'talkers' to a database. A script watches that database for a huge spike in connections and when x threshold is reached, it is shunned at our firewall.

Overall I would love a more out of the box method, but nothing has seemed to be the magic bullet yet.
Reply With Quote
Comments
  #2  
Old 22 Mar 2006, 04:08
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
Some software firewalls like apf have anti-dos features.
Reply With Quote
  #3  
Old 27 Mar 2006, 12:58
Paul M's Avatar
Paul M Paul M is offline
 
Join Date: Sep 2004
Real name: Paul M
At the end of the day, if someone is determined to ddos/flood your site with traffic, there is little you can do.
__________________
Former vBulletin.org Staff Member


Cable Forum
Please do not PM me about custom work - I no longer undertake any.
Note: I will not answer support questions via e-mail or PM - please use the relevant thread or forum.
Reply With Quote
  #4  
Old 27 Mar 2006, 18:38
The Prohacker's Avatar
The Prohacker The Prohacker is offline
 
Join Date: Oct 2001
Real name: Mat Sumpter
Originally Posted by Paul M
At the end of the day, if someone is determined to ddos/flood your site with traffic, there is little you can do.

Not completely true. There is a lot you can do; it's just a mater of what length you are willing to go. We had a huge problem with a script kiddie attacking our second largest forum. Eventually we learned his method of attack and were able to block it. We also learned personal information about him and were able to pursue legal actions.

There are several mitigation systems produced by Cisco, TippingPoint, etc.
Reply With Quote
  #5  
Old 27 Mar 2006, 22:36
Erwin's Avatar
Erwin Erwin is offline
 
Join Date: Jan 2002
A lot of DCs now have hardware anti-dos systems like you listed provided.
Reply With Quote
  #6  
Old 01 Apr 2006, 20:03
SZ|TalonKarrde SZ|TalonKarrde is offline
 
Join Date: Jun 2002
gigeservers has http://www.ddosprotection.com/ - Which, while I have no personal experience with, is supposed to be rather good. All it takes is pointing your DNS at them, and you're good to go. I figure that if it's anything like their inhouse ProxyShield system, it might be rather pricy.

I'm not sure how redundant this would be if your datacenter already has good dos protection, but if they're still getting through, it might be worth talking with the ddosprotection people.
Reply With Quote
  #7  
Old 10 Apr 2006, 07:58
Robert Basil's Avatar
Robert Basil Robert Basil is offline
 
Join Date: Oct 2001
Real name: Robert Basil
Originally Posted by SZ|TalonKarrde
gigeservers has http://www.ddosprotection.com/ - Which, while I have no personal experience with, is supposed to be rather good. All it takes is pointing your DNS at them, and you're good to go.
I've looked at their system and it does nothing to protect you if the attacker is accessing your server via your IP address and not your domain name.
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 11:56.

Layout Options | Width: Wide Color: