Printable View
Hello Mu Section
I'm doing research for MuServers, if there are many servers getting attacks by ddos then I might give out my anti-ddos program, fill in the poll, soon I will update this thread with more info about the program.
Kind regards,
DriftCity
I thought there's no such thing as Anti-DDOS program, or that a program is not enough to stop DDOS.
you are 100% right, there is no such thing.Quote:
Originally Posted by RebirthUSER
True, but me and my developers made a program that stops the ddos attacks more then others do, the server/website will still have lagg ofcourse but we work with a part of coding that bounces spam requests (ddos requests) back to the point where it's coming from, we are still developing this, it wont be able to stop those huge ddos attacks with 25 people attacking at the same time on a normal 100mbit up and down server.Quote:
Originally Posted by Saals
So people will also need a 1gb/s up and down connection, registery edits, http anti-flooder, apache mod_evasive, an extra firewall also.
Hopefully my program will be able to stop ddos attacks someday, post will be updated soon with software.
"bounces spam requests"
You may reconsider to re-analyze how DDOS works, sadly it is a BIG C.
Ddos has a lot of methods, the most used Ddos method is spam requests, opening connections to a server with TCP, UDP and HTTP methods. Ddos will never be stopped, but we can prevent it.Quote:
Originally Posted by phit666
Methods for ddosing:
ICMP
UDP
TCP-Synflood
HTTP/Crawling
SSL
Mailserver/Spam
I work for: FIRST COLO GmbH - Datacenter Frankfurt - DDoS Protection - IP Transit (No advertisement)
We work with advanced firewalls, too bad people can't just order these, because these firewalls are like $300 a month.
I don't think you should call 25 bots a serious ddos attack. If this is your software's target then you're losing your time. I'm curious how you can prevent ddos since it generates similar traffic to legit one. You will only be able to stop idiotic methods that are easy to spot on the traffic analyser like the httpdownload shit used by youtube hackers or uncommon connection routine like connecting and don't send anything(simulating big ping). I say it again, the one and only way to escape from ddos is the hardware firewalls that are able to operate at a very high speed and mitigate the attack across some load balancing clusters with a lot of internet bandwidth.
Most attacks I have seen is a simple DOS from a single source. Throw up an IPSec policy, 5 minutes later, the problem was done for. I don't know of many instances where an entire bot network is actually performing a DDOS.
This are real DDoS attacks:
Aug 31 13:28:30 PDT 2012 -5,506,763 Kbps - 697,609 PPS
Sep 10 09:32:43 PDT 2012 - 1,878,994 Kbps - 169,503 PPS
Sep 12 13:26:12 PDT 2012 - 2,530,253 Kbps - 408,215 PPS
Jul 2 12:10:19 PDT 2012 - 1,277,249 Kbps - 224,422 PPS
Yep, real attacks :P
No software can take 1/10 of this, so if you are facing attacks, forget about it. Better find a host that protects you or die!
If You Want To Protect Your Server Use Cloudflare > Home | CloudFlare | The web performance & security company
when u get a UDP DDos just host provider can help u
No soft
No Hard
This solution is very well i recomended this server Cloud Flare i use this service very good.Quote:
Originally Posted by TeLeScoPe
cloudflare? for website?... what about the server itself? remember that ddos can attack any ports available on your machine web or the server port itself
Software is bullshit,unless you have a Hardware Firewall and a PRO connection you're dead.
What I've found very good against DDOS attacks is the following method:
- Your dedicated server has at least 3-6 IP addresses, if you only have just one then order few more from your datacenter
- If/When you are under a (serious, aka not silly bots) DDOS attack a software won't be able to save your a$$, because your network is being overflooded, so the problem is occurring somewhere along the way b4 reaching your server... thus making a software on the server obsolete...
- Set your domain name on a easy customizable DNS manager, where you can set the DNS zone refresh timers to something like 5minutes
- In your main/patch make sure you input your domain name (NOT an IP)
- Once you are being attacked, all that HUGE DDOS traffic is going to your server's IP, simply connect to your server via KVM and change server's IP, removing the old IP from your network card configuration
- Then change the DNS Zone for your domain name to point to the new IP address
- All the DDOS traffic will still go to the old IP address, which is now nulled, so it won't really go anywhere
- Your server is back online within 5-10min on the new IP
- For the attacker to restart the whole attack on the new IP (once and if they even figure out what happened) won't be that easy... bot networks aren't easy to find and control, they don't grow on trees.
An alternative would be a very costly anti-ddos hardware firewall, which is provided by most datacenters, but at a VERY HIGH price, and even under the protection of that firewall a serious DDOS attack will still cause your server lag spikes every few minutes, not very big spikes, but enough to disconnect all your players... which is annoying and not worth the money.
Hope this helps...