D/DoS Attack Warning

[k_oudom]

I've heard about D/DoS attack which recently attack some web hosting server. It cause inaccessible to all websites that host in attacked-server. It draw bandwidth badly. So please be careful and prevent before it's too late. I heard from the attacked-hostee about the solution is to setup a firewall. Website close for a few days seem not to be a big problem but unable to send/receive email is a big complaint.

----------------------------------------------------------
I used to be rude but try to be polite to people instead, as they will do the same to me.
Even if this is useful or not, please help me pay the negative reputation.
Dear Moderator please show some discretion

 

[Dynash]

Your rep bar doesn't mean anything, don't keep asking and you'll sooner or later get back into the green.

 

[bariteau]

DDOS are much more complicated than they seem and a firewall generally won't stop. There are some software solutions to block DDOS but they do have limited capabilities and they still use the CPU and RAM and Bandwith so the site is still slowed down or even made inaccessible. There are some better hardware solutions but they still have their limits. Bottom line is that there is not much you can do against them, especially if you only have one server which is an easy target.

P.S. don't ask for rep, you have more chances to get some + rep if you act nice and don't tell anyone that you do!

 

[SiberForum]

I used to be rude but I try to act politely from today. Please to give me a chance by adding me Reputation.

I did Hope that help you

 

[k_oudom]

Thanks everyone. Hope your hosting will be safe.

 

[Seraphim]

A lot of datacenters when a DDoS is detected will respond by a process called null routing. The basic idea is it sends the DDoS into black hole space by pointing it at a host that doesn't exist, protecting the hardware and software from damage.

Though this can also result in downtime, in a lot of cases it is sufficient to nullify the DDoS threat and keep the majority of the sites and services active.

Something to consider though is while it is indeed possible to get hit by a DDoS, I should hope that you or your customers would have to really get on the bad side of unsavory people to ever get hit with one. They're not the kind of thing that just anyone can produce, it takes a decent amount of traffic to have any effect on today's servers.

Toughest part about it though is the origins of a DDoS. A 'blast' DDoS where all of the attacking traffic has a common IP range, it is easy to null route based on that IP range. Most 'small' DDoS attacks are of this type, because it can be produced by a handful of servers. Whereas a DDoS coming out of a botnet is far harder to deflect without experiencing outages, because much like fighting terrorism there is no way to know which IPs are good and which ones are bad. Any of them could be part of that botnet, and you wouldn't know until they did something.