| 1 |
On Wed, Sep 7, 2016 at 12:39 PM, Grant <emailgrant@×××××.com> wrote: |
| 2 |
> |
| 3 |
> I said I was under attack but it was really just an unthrottled and |
| 4 |
> very greedy bot. fail2ban would have gotten him. But while we're on |
| 5 |
> the subject, how would you recommend thwarting a DDoS attack against a |
| 6 |
> dedicated server in a hosted environment? Cloudflare? |
| 7 |
> |
| 8 |
|
| 9 |
I'm sure there are others who have more knowledge, but in general |
| 10 |
these probably require help outside the network. |
| 11 |
|
| 12 |
If your ISP isn't saturated they might be able to filter out the |
| 13 |
attack. However, services that distribute your service across |
| 14 |
multiple networks will almost certainly help by diluting attacks. |
| 15 |
|
| 16 |
The whole idea of a DDoS is that all the attackers use a little |
| 17 |
bandwidth, but as the attacks approach your site they become more and |
| 18 |
more concentrated, so that packets in have plenty of bandwidth to make |
| 19 |
it to your site, but your own network (and possibly your ISP's) end up |
| 20 |
being overwhelmed. By dispersing your service globally you force the |
| 21 |
attackers to target more network connections, which dilutes their |
| 22 |
bandwidth. |
| 23 |
|
| 24 |
Put another way, one server farm running on one 100Mbps connection is |
| 25 |
a lot easier to attack than 100 server farms globally each with a |
| 26 |
100Mbps connection (perhaps each shared with 10,000 other sites). |
| 27 |
|
| 28 |
-- |
| 29 |
Rich |
Archives