1 |
On Wed, Sep 7, 2016 at 12:39 PM, Grant <emailgrant@×××××.com> wrote: |
2 |
> |
3 |
> I said I was under attack but it was really just an unthrottled and |
4 |
> very greedy bot. fail2ban would have gotten him. But while we're on |
5 |
> the subject, how would you recommend thwarting a DDoS attack against a |
6 |
> dedicated server in a hosted environment? Cloudflare? |
7 |
> |
8 |
|
9 |
I'm sure there are others who have more knowledge, but in general |
10 |
these probably require help outside the network. |
11 |
|
12 |
If your ISP isn't saturated they might be able to filter out the |
13 |
attack. However, services that distribute your service across |
14 |
multiple networks will almost certainly help by diluting attacks. |
15 |
|
16 |
The whole idea of a DDoS is that all the attackers use a little |
17 |
bandwidth, but as the attacks approach your site they become more and |
18 |
more concentrated, so that packets in have plenty of bandwidth to make |
19 |
it to your site, but your own network (and possibly your ISP's) end up |
20 |
being overwhelmed. By dispersing your service globally you force the |
21 |
attackers to target more network connections, which dilutes their |
22 |
bandwidth. |
23 |
|
24 |
Put another way, one server farm running on one 100Mbps connection is |
25 |
a lot easier to attack than 100 server farms globally each with a |
26 |
100Mbps connection (perhaps each shared with 10,000 other sites). |
27 |
|
28 |
-- |
29 |
Rich |