Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

DDoS Mitigation - definition
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

DDoS Mitigation - definition

BruceBruce Member
in General

here's what I DO NOT consider to be DDoS protection

DDoS Mitigation

Unlike most providers that will just suspend your VPS or even worse terminate it in case of DDoS attacks, our automatic mitigation system will null-route the IP address till the DDoS attacks stops.

been seeing this more often now. null route != DDoS protection

also, 1Gb protection on a 1Gb port also is not protection. so what is considered the minimum "protection" to be of much use ? 5Gb ? 10Gb ?

Thanked by 1angrysnarl

Comments

  • angrysnarlangrysnarl Member

    It's crazy how some hosts think nullrouting is some sort of protection. I mean it's common sense that if my server is protected it should stay online despite the attacks...

  • IshaqIshaq Member

    Didn't you feature them in your deadpool list?

  • BruceBruce Member
    edited July 2015

    yes, but there are others offering the same "protection"

  • letboxletbox Member, Patron Provider

    @Bruce said:
    here's what I DO NOT consider to be DDoS protection

    also, 1Gb protection on a 1Gb port also is not protection. so what is considered the minimum "protection" to be of much use ? 5Gb ? 10Gb ?

    10Gbps / 10Mpps minimum i think.

    Thanks

    Thanked by 1yhuza
  • perennateperennate Member, Host Rep
    edited July 2015

    Referring to automatic null route as DDoS mitigation is pretty common; RamNode and others do it. The alternative is usually to suspend and eventually terminate your VM after repeated attacks (as mentioned in the text you quoted).

  • WilliamWilliam Member

    key900 said: 10Gbps / 10Mpps minimum i think.

    Reasonable - Anything less than that is not real protection.

    Id even put it higher - 40G/40MPPS.

    Thanked by 1Bruce
  • letboxletbox Member, Patron Provider
    edited July 2015

    @William said:

    True, We use both 20Gbps and 40Gbps. I see 20Gbps is quite nice.

  • MarkTurnerMarkTurner Member

    Mitigation:

    the act of mitigating, or lessening the force or intensity of something unpleasant, as wrath, pain, grief, or extreme circumstances.

    Null routing is not mitigation. Many providers confuse these points. Null routing protects the providers infrastructure at the cost of complete shutdown of the victim.

    OVH mitigate DDOS ie detect, filter and scrub.

    Realistically 20, 40Gbps and above is advantageous. 1Gbps is worthless, it sounds more like the provider has got themselves a little server with some rudimentary filter running on it.

  • NexHostNexHost Member
    edited July 2015

    @William said:

    I'd still say the average DDoS Attack is 20Gbps is in size.

  • nexmarknexmark Member

    What I consider to be useless

  • perennateperennate Member, Host Rep

    MarkTurner said: Null routing is not mitigation. Many providers confuse these points. Null routing protects the providers infrastructure at the cost of complete shutdown of the victim.

    I agree that null routing shouldn't be called DDoS mitigation, but the reality is that's how it's referred to commonly. Anyhow, under your definition, null route would certainly qualify since you can still receive traffic on the other IP addresses when one of them gets null routed; this has been useful for me in the past, for example running game servers on different IP addresses so that other servers aren't affected when one is targeted.

Sign In or Register to comment.