Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    Netcup.de 2 Tbps DDOS Protection .WOW. layer 3-4-7
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Netcup.de 2 Tbps DDOS Protection .WOW. layer 3-4-7

    ZweiTigerZweiTiger Member, Provider
    edited January 22 in General

    Just discovered one of their facebook post.. now they got 2TBPS ddos protection instead of 5Gbps.

    https://www.netcup.eu/ueber-netcup/ddos-schutz-filter.php

    Comments

    • MikeAMikeA Member, Provider
      edited January 22

      So what is this, Voxility or something? They just say traffic will be rerouted, no info about how it works.

      ExtraVM - AMD Ryzen & i7 NVMe VPS starting @ $3.50
      USA, Canada, France, United Kingdom, Singapore, Australia

    • RhysRhys Member, Provider
      edited January 22

      @MikeA said:
      So what is this, Voxility or something? They just say traffic will be rerouted, no info about how it works.

      Looks like they're using anexia for it. (https://anexia.com/en/hosting-it-solutions/managed-hosting/ddos-protection)

    • WebGuruWebGuru Member
      edited January 22

      Curious to know more about their layer 7 protection and how it works.

      we protect your infrastructure not only against attacks on layers 3 and 4, but upon request also against attacks on layer 7 (application layer)

    • jackbjackb Member, Provider
      edited January 22

      @MikeA said:
      So what is this, Voxility or something? They just say traffic will be rerouted, no info about how it works.

      The rerouting bit makes me think not this - but I believe pushing your mitigation rules to your upstream via flowspec (where accepted by your upstreams) can get you serious gains in terms of mitigations. Might be related.

      One time about 5 or so years ago I saw a Germany IP (/32) that had a nullroute pushed up and level3 dropped inbound traffic at source in Miami. Apply the same principle to mitigation rules and that would be pretty powerful.

      Afterburst - Awesome OpenVZ&KVM VPS in US+EU

    • ClouviderClouvider Member, Provider
      edited January 22

      Null route != FlowSpec. FlowSpec allows you to pushfirewall rules through BGP to selectively drop the packets, I.e. src port UDP/53 then rate-limit or reject. Blackhole drops everything.

      There’s no tier 1 accepting FlowSpec at the moment, there are however plenty networks using their within their own backbones

      Clouvider Limited - Leading EU Provider || Dedicated Server Sale - True HA Cloud VPS - Help Australia with our Latest LET Offer

      Cloud Web Hosting | SSD & SAS HA VPS on OnApp | Dedicated Servers | Colocation | Managed Services

    • combahton_itcombahton_it Member, Provider

      @Clouvider said:
      Null route != FlowSpec. FlowSpec allows you to pushfirewall rules through BGP to selectively drop the packets, I.e. src port UDP/53 then rate-limit or reject. Blackhole drops everything.

      There’s no tier 1 accepting FlowSpec at the moment, there are however plenty networks using their within their own backbones

      As far as I remember, NTT or/and GTT offered us flowspec some time ago.

      However, we ended up with RETN as their network was far more attractive for our use case.

      combahton GmbH trading as fastpipe.io - providing Cloud and Dedicated Servers in Frankfurt, Germany

    • ClouviderClouvider Member, Provider

      @combahton_it said:

      @Clouvider said:
      Null route != FlowSpec. FlowSpec allows you to pushfirewall rules through BGP to selectively drop the packets, I.e. src port UDP/53 then rate-limit or reject. Blackhole drops everything.

      There’s no tier 1 accepting FlowSpec at the moment, there are however plenty networks using their within their own backbones

      As far as I remember, NTT or/and GTT offered us flowspec some time ago.

      However, we ended up with RETN as their network was far more attractive for our use case.

      Define some time?

      Clouvider Limited - Leading EU Provider || Dedicated Server Sale - True HA Cloud VPS - Help Australia with our Latest LET Offer

      Cloud Web Hosting | SSD & SAS HA VPS on OnApp | Dedicated Servers | Colocation | Managed Services

    • netcup is a part of anexia company

      Thanked by 1cybertech
    • combahton_itcombahton_it Member, Provider

      @Clouvider said:

      @combahton_it said:

      @Clouvider said:
      Null route != FlowSpec. FlowSpec allows you to pushfirewall rules through BGP to selectively drop the packets, I.e. src port UDP/53 then rate-limit or reject. Blackhole drops everything.

      There’s no tier 1 accepting FlowSpec at the moment, there are however plenty networks using their within their own backbones

      As far as I remember, NTT or/and GTT offered us flowspec some time ago.

      However, we ended up with RETN as their network was far more attractive for our use case.

      Define some time?

      Around two years ago

      Thanked by 1Clouvider

      combahton GmbH trading as fastpipe.io - providing Cloud and Dedicated Servers in Frankfurt, Germany

    • ClouviderClouvider Member, Provider

      @combahton_it said:

      @Clouvider said:

      @combahton_it said:

      @Clouvider said:
      Null route != FlowSpec. FlowSpec allows you to pushfirewall rules through BGP to selectively drop the packets, I.e. src port UDP/53 then rate-limit or reject. Blackhole drops everything.

      There’s no tier 1 accepting FlowSpec at the moment, there are however plenty networks using their within their own backbones

      As far as I remember, NTT or/and GTT offered us flowspec some time ago.

      However, we ended up with RETN as their network was far more attractive for our use case.

      Define some time?

      Around two years ago

      My understanding is that this is no longer the case and whoever had access had it later removed, but I guess worth checking with the account manager :-).

      Thanks

      Clouvider Limited - Leading EU Provider || Dedicated Server Sale - True HA Cloud VPS - Help Australia with our Latest LET Offer

      Cloud Web Hosting | SSD & SAS HA VPS on OnApp | Dedicated Servers | Colocation | Managed Services

    • stefemanstefeman Member
      edited January 24

      Its very slow in becoming active, moved my personal TS3 server there and it was a nightmare.

      The following attack types were recognized:
      The "UDP" host alert signature severity rate configured for "netcup" has been exceeded for 3 minutes, changing Severity Level from medium to high  (expected rate: 250.00 Kpps, observed rate: 297.68 Kpps) (boundary: managed object)
      The "UDP" host alert signature severity rate configured for "netcup" has been exceeded, changing Severity Level from low to medium  (expected rate: 250.00 Kpps, observed rate: 310.40 Kpps) (boundary: managed object)
      The "UDP" host alert signature has been triggered at router "bbr02.anx25.fra.de". (expected rate: 100.00 Kpps, observed rate: 116.70 Kpps)
      The "RIPv1 Amplification" host alert signature has been triggered at router "bbr01.anx25.fra.de". (expected rate: 200.00 Mbps/30.00 Kpps, observed rate: 187.29 Mbps/51.34 Kpps)
      

      Server was down 3 minutes before mitigation even started working, and even then it went offline after working fine for 10 minutes. Moved it back to OVH Game.

    • benj0xbenj0x Member
      edited February 3

      I'm not sure if their Anti-DDoS got worse since their press announcement. Previously I had received messages about the Anti-DDoS how it got active and filtered small attacks (the server stayed online.). Sometimes they did even null route me.
      However, yesterday evening I got a DDoS Attac,k and nothing happened. The server went offline due to the high amount of traffic. I can see the attack in the control panel quite well (the spike of traffic) but as it seems nothing happened in filtering.

      Monitoring also reported it as down throughout the whole attack.

      Did anyone else experience DDoS Attacks on their netcup service yet and can report about their experiences?

      is annoyed of VirMach's Black Friday Flash Sale Page.

    • Really nice!

    Sign In or Register to comment.