Jump to content

ddos protected server

jameshunt

By jameshunt
in Security

 Share

Recommended Posts

cooper Newbie

cooper

Posted
Posted

Kind of a dick move there.

I disagree. It's easy to assume people google their own questions before asking them here or on any other forum, but quite often they fail to find the proper question to pose or are simply full-on lazy. In case of the former, I provide a query that does provide the requested results and in case of the latter I'm just as entitled to be at least as lazy as him.

Link to comment
Share on other sites
barry99705 Veteran

barry99705

Posted
Posted

I disagree. It's easy to assume people google their own questions before asking them here or on any other forum, but quite often they fail to find the proper question to pose or are simply full-on lazy. In case of the former, I provide a query that does provide the requested results and in case of the latter I'm just as entitled to be at least as lazy as him.

Sure, but we're supposed to be the "experts" here. Not some ass hat on 4chan posting lmgt links. If you're going to post shit like that then don't bother.

Link to comment
Share on other sites
  • 2 weeks later...
Keggy Newbie

Keggy

Posted
Posted

As stated there's not really anything viable for what you're asking. I haven't seen a datacentre that will give you access to one of their firewalls, as they're usually shared. You can of course rent rackspace (not the company) and supply your own or have the DC supply firewall and have access to it.

However this isn't a reality for a hobby server. You mention it's for a game server, this also brings in new difficulties as whatever you have listening for those connections might not be up to the job and relatively easy to crash with basically no data. An example is a torrent tracker, the site frontend may be served via a service like nginx, though the actual tracker may be a C application with its own socket, if that's vulnerable then it's trivial to take that part of the service down.

If you're just concerned with saturation of your server's connection, then there are suppliers of dedicated and VPS's which advertise DDoS protection. Though take this with a grain of salt, if they're a reseller then chances are they also have no control of the network equipment so it's your standard L4 protection, they'll also advertise their network can handle 400Gbps+, may even note how many packets a second that equates to. If it's actually direct to the datacentre and game servers do not breach their T&C then they may be able to do something, if you report a sustained attack (though they'll likely notice if it's a VPS as you'll affect the other users) they can start to mitigate it at the network rather than the traffic reaching your NIC.

Of course many DoS attacks will be from pissed off users and don't have the ability to saturate your connection, therefor blocking at a software firewall can prevent the service from getting unwanted traffic. However if it's a big attack like some kind of amplified DDoS and the traffic is getting as far as your OS, it's not going to do anything to keep it alive.

You do have the option of reverse proxy / CDN services such as CloudFlare, but be aware they do not support sockets, just HTTP/S (80,443 for free anyway). If you are able to use such a service it's recommended you change your IP, and do what you can to hide the IP. If an attacker gets your IP, they can bypass CF's infrastructure and hit you directly. It's also worth noting if they get hit hard enough on the free account they'll switch your DNS to bypass mode directing any traffic straight to you.

If you want to go direct and are on a tight budget you can try Kimsufi (OVH France), or even one of their Canadian resellers. Depends if you want it in EU/NA etc. Russian VPS from a DC - https://secure.vstoike.ru/cart&action=default&languagechange=English again very low price but have 3TB data allowance and again, you're stuck on 100Mb/s.

Link to comment
Share on other sites
jameshunt Newbie

jameshunt

Posted
  • Author
Posted

Guys, I was looking more for "real expert" opinions and recommendations. Ofcourse I did some Google search. I was curious if anyone around could share some positive thoughts on their experience with IaaS providers, which ideally would provide DDoS mitigation with rented hardware as well. I have to admit the Google search was a little harsh as most of DDoS providers out there, don't allow your own routing, BGP, custom built servres etc. I know DDoS Protection may be very expensive, but I am tired of "free DDoS protection" advertisements who really don't do "sh..t" when we are under attack.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...