New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Try ddos deflate?
The packets per second matter more than the Mbit/s
How many PPS you getting?
DoS deflate does not work for this type of attacks (I think)
How can i see the PPS?
Is there a single source IP (as opposed to spoofed/random)?
Maybe this can help you: http://techblog.procurios.nl/k/n618/news/view/33045/14863/protection-against-syn-floods.html?pageNr=2
I have a VPS with RamNode where they said SYN cookies are not possible. In that case only solution is iptables, but that only works for non-spoofed source.
What virtualization as this is more important than anything
It would take a very tweaked config to be able to handle 200mbit of SYN floods on standard consumer hardware. You may have more luck on enterprise Intel network cards, but in which case its probably cheaper to use a service that specializes in mitigation instead of working on it yourself.
You should be able handle <50mbit attacks using syn cookies and iptables syn limiting etc.
I thought it has to be turned on at the host node? It's not "not possible", just not per VPS.
Well, filtering a syn flood at the server level requires a lot of CPU power, that's why some hosts don't enable syncookies for the whole box.
Its also more than just CPU power involved, syncookies throw away legitimate connections as well. So on a server level your SYN flood will affect everyone on the node (KVM/Xen is slightly different, although the PPS and Bandwidth will still affect).
Have you asked your provider if they have a firewall for rent service, alot of small hardware firewalls can handle this type of thing. Although it may not be possible with a VPS to do so.
So, I have no chance against this, right? (My provider does not have any firewalls ... )
(OpenVZ)
Thanks.
@Xaki
No you don't, I would recommend giving a provider in that field the job to protect you. Your provider most likely only offers VPS and not DDoS protection. 200mbit SYN is a small attack but it will harm your unprotected VPS.
Providers with DDoS protection are too much expensive
What are you using the server for? There are plenty of possibilities to protect yourself without spending alot of money.
But I want protection on nl,es,fr,uk ... BuyVM is USA right?
Yes, is Romania good enough? if so PM me.
Nop, pings are too high
Oh wait, voxility is 52ms from my home Internet in Germany, there are only a few applications that need a very low latency, maybe you should tell us what exactly you're hosting.
GameServer
Okay, even this information isn't enough, if you host a minecraft server e.g. a latency of 50ms would be fine, it would work out pretty good.
Ya, I know, but remember it's 50ms to your country, not for mine. Anyway, 50ms it's fine...
Where are you located? You could try and ping x4b.net, they have their site setup with their own protection and this is the same latency you would also get when you would use their services, you would have to get a vps in the same dc aswell though, e.g. server4.pro offers romanian vps, but there are some others around there aswell.
ping x4b.net = 130ms+