Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
DDoS Protected
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

DDoS Protected

Greetings
I am looking for a ddos protected hosts, my team has tried several hosts such as stormwall, voxility, OVH , but was not protected from the type of attack received, the botnet attack ranges from 200gbps to 800gbps(Amplified), we have a large scaling community of gamers consisting of teamspeak 3 and multiple game-servers.

«1

Comments

  • SwiftnodeSwiftnode Member, Provider

    @Ahzam said:
    the botnet attack ranges from 200gbps to 800gbps(Amplified)

    Where did you get that information?

    but was not protected from the type of attack received

    Do you have a capture of the attack?

  • thedpthedp Member
    edited June 28

    Looking for IT/Tech/Hosting-related Domain Names? Send me a PM here or on Discord (DP#3914)

  • BloomVPSBloomVPS Member
    edited June 28

    We offer DDoS protected plans. Our servers are hosted at ReliableSite so you can read more about their DDoS protection here: https://www.reliablesite.net/ddos-protection/

    Although I don' think our protection could meet your needs though because that's a lot of bandwidth.

    @Francisco uses Cloudflare Magic Transit and I believe his DDoS protected IPs can handle up to 500Gbps.

    Abby @ bloomvps.com | Gaming-Grade Virtual Servers | Ryzen 9 Dedicated CPU $3/GB | i9 10900X Shared CPU $2/GB

  • HabeebHabeeb Member

    @Swiftnode said:

    @Ahzam said:
    the botnet attack ranges from 200gbps to 800gbps(Amplified)

    Where did you get that information?

    but was not protected from the type of attack received

    Do you have a capture of the attack?

    Host provided me that information I already have the servers from hosteam.pk , buyvm, stormwall, rs-media ( Russian ), team-host(Russian) , php-friends right now which I am facing attacks to, artplanet(Russian)

    Around 8-10 servers I have.

    I got this information from stormwall, artplanet technicians, that I am facing gigantic ddos attacks more then 200gbp/s above there network capacity, the problem with the capture is attacker attacks the whole datacenter uplink not just mine, and tcpdump is never captured accurately, I have few dumps captured though.

  • HabeebHabeeb Member

    @BloomVPS said:
    We offer DDoS protected plans. Our servers are hosted at ReliableSite so you can read more about their DDoS protection here: https://www.reliablesite.net/ddos-protection/

    Although I don' think our protection could meet your needs though because that's a lot of bandwidth.

    @Francisco uses Cloudflare Magic Transit and I believe his DDoS protected IPs can handle up to 500Gbps.

    The clean bandwidth I need is very less to be honest, but that range of attack is really high, I was looking at seflow, noex.de, cloud-shield.ru right now to switch to. To be honest I have tried every provider I could find till date, some providers just block the port 9987 when under attack .

  • SplitIceSplitIce Member, Provider

    Hi,

    We at X4B off remote DDoS mitigation solutions. Our guarantees are fixed at around 100Gbps which is high enough that we only have to hand out a 3-4 nullroutes most years (from nearly a million attacks). Our max capacity is significantly higher (100Gbps is hard limited per PoP) however depends on attack, time, etc.

    Regarding your measurements are you sure they are accurate? 800Gbps seems to be abnormally high. That's nation state level. I'm not sure that there is that much of any of the common amp sources currently available, it's certainly higher than anything I've seen recently.

    When it comes to amplified attacks good transit providers (e.g NTT) rate limit them, effectively mitigating them before they reach the provider.

    Further why is a amplified attack affecting you, surely it can just be ACLed?

    Thanked by 1kalimov622
    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • HabeebHabeeb Member

    @SplitIce said:
    Hi,

    We at X4B off remote DDoS mitigation solutions. Our guarantees are fixed at around 100Gbps which is high enough that we only have to hand out a 3-4 nullroutes most years (from nearly a million attacks). Our max capacity is significantly higher (100Gbps is hard limited per PoP) however depends on attack, time, etc.

    Regarding your measurements are you sure they are accurate? 800Gbps seems to be abnormally high. That's nation state level. I'm not sure that there is that much of any of the common amp sources currently available, it's certainly higher than anything I've seen recently.

    When it comes to amplified attacks good transit providers (e.g NTT) rate limit them, effectively mitigating them before they reach the provider.

    Further why is a amplified attack affecting you, surely it can just be ACLed?

    https://www.youtube.com/channel/UCWng9V8ccQb-dGgRWYhRJEA
    This botnet being used for the attack, not 100% sure but around 70% sure.

  • SplitIceSplitIce Member, Provider

    @Habeeb If you are are actually receiving attacks of that magnitude I suggest making a report to US FBI. They are always very interested in attacks of that magnitude.

    Thanked by 2MikeA sayem314
    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • dustincdustinc Member, Provider

    You can look into @layerhost who offers 4Tbps mitigation. I'd recommend reaching out to them first, to learn more about their mitigation.

    RackNerd LLC - Introducing Infrastructure Stability
    Dedicated Servers, Private Cloud, DRaaS, Colocation, VPS, DDoS Mitigation, Shared & Reseller Hosting

  • stefemanstefeman Member
    edited June 29

    It's not that uncommon anymore unfortunately.. Gamers are targeted a lot.

  • HabeebHabeeb Member

    @SplitIce said:
    @Habeeb If you are are actually receiving attacks of that magnitude I suggest making a report to US FBI. They are always very interested in attacks of that magnitude.

    Already submitted the details,

  • HabeebHabeeb Member

    @stefeman said:
    It's not that uncommon anymore unfortunately.. Gamers are targeted a lot.

    Yes for sure, was online.net able to successfully mitigate the attack without any interruptions on your services?

  • stefemanstefeman Member
    edited June 29

    @Habeeb said:

    @stefeman said:
    It's not that uncommon anymore unfortunately.. Gamers are targeted a lot.

    Yes for sure, was online.net able to successfully mitigate the attack without any interruptions on your services?

    I don't have their curative protection on that server, so no. this specific server was hosting cs:go fastdl server and VPN for some users.

    Either pay for their curative Anti-DDoS or move to OVH which is the only cheap one known to cover any attack size.

  • HabeebHabeeb Member

    @stefeman said:

    @Habeeb said:

    @stefeman said:
    It's not that uncommon anymore unfortunately.. Gamers are targeted a lot.

    Yes for sure, was online.net able to successfully mitigate the attack without any interruptions on your services?

    I don't have their curative protection on that server, so no.

    Either pay for their curative Anti-DDoS or move to OVH which is the only cheap one known to cover any attack size.

    The problem with OVH is they drop some countries when under heavy mitigation, and unfortunately my country is one of them

  • SplitIceSplitIce Member, Provider

    @stefeman Until recently the officially recognized record was 1.35 Tbps. That's well on the way there... I wouldn't call that common.

    Also I'm guessing you need to get your transit filtered for Amp. Let them do all the filtering so it doesnt count...

    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • stefemanstefeman Member
    edited June 29

    Looking back some history, this is the worst I've seen:

    1,12 Tbps Ugh..

    It's also possible that the reporting is bugged too.

    @SplitIce said:
    @stefeman Until recently the officially recognized record was 1.35 Tbps. That's well on the way there... I wouldn't call that common.

    I think Akamai said not too long ago that there was around 2Tbps attack against them.

  • HabeebHabeeb Member

    Anyone has experience with https://www.stackpath.com/, what do you say about there ddos protection for gameservers?

  • stefemanstefeman Member
    edited June 29

    @Habeeb said:

    @stefeman said:

    @Habeeb said:

    @stefeman said:
    It's not that uncommon anymore unfortunately.. Gamers are targeted a lot.

    Yes for sure, was online.net able to successfully mitigate the attack without any interruptions on your services?

    I don't have their curative protection on that server, so no.

    Either pay for their curative Anti-DDoS or move to OVH which is the only cheap one known to cover any attack size.

    The problem with OVH is they drop some countries when under heavy mitigation, and unfortunately my country is one of them

    Try @Clouvider UK location, they have best effort protection, and it should be pretty nice, though im not sure what Dom thinks about this risky stuff. I usually put my gameservers and TS3 on OVH to spare the other hosts from attracted trouble.

    Maybe ask/wait him to respond first before trying his service.

    Thanked by 1Clouvider
  • stefemanstefeman Member

    @Habeeb said:
    Anyone has experience with https://www.stackpath.com/, what do you say about there ddos protection for gameservers?

    Stackpath is not DDoS protected. only their WAF is, but its for websites.

    You probly mean https://dedipath.com/ or https://path.net/ ?

  • HabeebHabeeb Member

    @stefeman said:

    @Habeeb said:
    Anyone has experience with https://www.stackpath.com/, what do you say about there ddos protection for gameservers?

    Stackpath is not DDoS protected. only their WAF is, but its for websites.

    You probly mean https://dedipath.com/ or https://path.net/ ?

    Yes I have already contacted clouvider through there site earlier, and was talking about stackpath just came to know that they are of no use for game-servers, I have also tried dedipath already.

  • stefemanstefeman Member
    edited June 29

    Then pretty much only thing left is the: https://www.online.net/en/dedicated-server/ddos-arbor curative protection from the cheap ones.

    Actually theres Voxility too.. It might work for you.

  • HabeebHabeeb Member

    @stefeman said:
    Then pretty much only thing left is the: https://www.online.net/en/dedicated-server/ddos-arbor curative protection from the cheap ones.

    Actually theres Voxility too.. It might work for you.

    I bought from https://dedicatserver.ro/, not working, I was looking at https://noez.de/ now , both using Voxility

  • stefemanstefeman Member

    @Habeeb said:

    @stefeman said:
    Then pretty much only thing left is the: https://www.online.net/en/dedicated-server/ddos-arbor curative protection from the cheap ones.

    Actually theres Voxility too.. It might work for you.

    I bought from https://dedicatserver.ro/, not working, I was looking at https://noez.de/ now , both using Voxility

    Not a VPS from reseller. I mean directly.

  • thedpthedp Member

    Check out HyperFilter - not cheap though.

    Looking for IT/Tech/Hosting-related Domain Names? Send me a PM here or on Discord (DP#3914)

  • HabeebHabeeb Member

    Anyone familiar with https://flokinet.is ? the owner is saying they have 2tbps mitigation and can withstand the attacks I am facing

  • SplitIceSplitIce Member, Provider
    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • HabeebHabeeb Member

    What about combahton ?

  • HabeebHabeeb Member

    And if someone is familiar with https://zap-hosting.com/en/shop/product/linux-vserver/ Finland location

  • SplitIceSplitIce Member, Provider

    @Habeeb there isnt that many mitigation companies. Most of those you are looking at are using the likes of Voxility or Cloudflare to provide their mitigation. Look up the companies ASNs or (especially if they are too small / don't have one) perform a traceroute.

    See the site I linked you for an example web tool for doing that research.

    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • HabeebHabeeb Member

    These are the latest attack logs I received from one of my provider
    https://prnt.sc/t8ctnj
    https://prnt.sc/t8cstl
    https://prnt.sc/t8ctvw

    I was thinking combahton as an option fastpipe.io ?

  • AvoroAvoro Member, Provider

    Hi @Habeeb

    if you want we can check if we can filter your attacks. At the moment we are already filtering big attacks for gameservers from 50 GBit/s to several hundert GBit/s :)

    Thanked by 1kalimov622
  • HabeebHabeeb Member

    @Avoro said:
    Hi @Habeeb

    if you want we can check if we can filter your attacks. At the moment we are already filtering big attacks for gameservers from 50 GBit/s to several hundert GBit/s :)

    These are the types of attack I received if you see above screenshot and this log

    The main sources of traffic:
    111-26-240-188.static.trined. nl (188.240.26.111) UDP 112.0M bytes with a packet size of 90 bytes on 9987 port.
    90 -84-232-180.orangero.net ( 90 .84.232.180) UDP 95.6M bytes with a packet size of 90 bytes on 9987 port.
    (109.100.92.78) UDP 91.3M bytes with a packet size of 90 bytes on 9987 port.
    c151-177-150-111.bredband. comhem.se (151.177.150.111) UDP 79.8M bytes with a packet size of 90 bytes on port 9987.
    ppp-110-168-55-230.revip5. asianet.co.th (110.168.55.230) UDP 72.6M bytes with a packet size of 90 bytes on 9987 port.
    46-214-216-226.next-gen.ro (46.214.216.226) UDP 69.1M bytes with a packet size of 90 bytes on 9987 port.
    (93.113.181.147) UDP 68.9M bytes with a packet size of 90 bytes on 9987 port.
    90 -154-141-242.ip.btc-net.bg ( 90.154.141.242) UDP 51.8M bytes with a packet size of 90 bytes on port 9987.
    149.233.211.138.dynamic-pppoe. dt.ipv4.wtnet.de (149.233.211.138) UDP 37.2M bytes with a packet size of 90 bytes on 9987 port.
    93-57-42-185.ip162.fastwebnet. it (93.57.42.185) UDP 27.4M bytes with a packet size of 90 bytes on 9987 port.
    212-233-153-7.optisprint.net (212.233.153.7) UDP 26.9M bytes with a packet size of 90 bytes on 9987 port.
    xdsl-78-35-154-171.nc.de (78.35.154.171) UDP 26.1M bytes with a packet size of 90 bytes on 9987 port.
    ( 90 .95.129.143) UDP 23.3M bytes with packet size90 bytes on 9987 port.
    95-31-73-96.broadband.corbina. ru (95.31.73.96) UDP 21.7M bytes with a packet size of 90 bytes on 9987 port.
    host-94-251-43-115.bbcustomer. zsttk.net (94.251.43.115) UDP 21.0M bytes with a packet size of 90 bytes on 9987 port.
    (46.109.38.176) UDP 20.5M bytes with a packet size of 90 bytes on 9987 port.
    h081217197209.dyn.cm.kabsi.at (81.217.197.209) UDP 17.3M bytes with a packet size of 90 bytes on 9987 port.
    (89.121.240.219) UDP 15.1M bytes with a packet size of 90 bytes on 9987 port.
    93-38-125-13.ip70.fastwebnet. it(93.38.125.13) UDP 15.0M bytes with a packet size of 90 bytes on port 9987.
    host217-43-50-78.range217-43. btcentralplus.com (217.43.50.78) UDP 14.3M bytes with a packet size of 90 bytes on port 9987.

  • AvoroAvoro Member, Provider

    If you want we can give you a testserver, but this attack should be no problem for us :)

    Thanked by 2kalimov622 sayem314
  • HostSlickHostSlick Member, Provider

    @Zare, maybe your Corero can do so?

  • HabeebHabeeb Member

    @Avoro said:
    If you want we can give you a testserver, but this attack should be no problem for us :)

    I have sent you a private message

  • combahton_itcombahton_it Member, Provider

    To be honest, no one will filter you several hundred gigabit of attack traffic over a serious timeframe, without paying for ddos protection specifically. However, we're always happy to assist when it comes into antiddos.

    combahton GmbH trading as fastpipe.io - providing Cloud and Dedicated Servers in Frankfurt, Germany

  • None of the above will work. Try BuyVM again with a DDoS protected IP, and give some work to the Cloudflare guys. I'm sure they are up for a challenge.

  • HabeebHabeeb Member

    @combahton_it said:
    To be honest, no one will filter you several hundred gigabit of attack traffic over a serious timeframe, without paying for ddos protection specifically. However, we're always happy to assist when it comes into antiddos.

    I have already ordered a server from you in process of payment confirmation.

  • hyperblasthyperblast Member
    edited June 30

    budget?

    for such attacks you are looking for a lowendsolution? 8-X

  • HabeebHabeeb Member
    edited June 30

    @hyperblast said:
    budget?

    for such attacks you are looking for a lowendsolution? 8-X

    To be honest, I just mentioned for solutions, I am open to budget, but whatever the reasonable price could be to be protected from these types of attacks.

  • HabeebHabeeb Member

    Tried Voxility, corero, arbor still I am open to budget but I can't seem to find a working solution

  • stefemanstefeman Member
    edited July 16

    @Habeeb said:
    Tried Voxility, corero, arbor still I am open to budget but I can't seem to find a working solution

    Go back to OVH and give tcpdump of anything that takes down your server.

    edit: ahh, I forgot they drop ur country, lol Only expensive solutions left then.

  • wdmgwdmg Member
    edited July 16

    I’m not a provider on this site (am on others like LES), but we’ve seen and mitigated attacks of that caliber.

    But, that being said, we don’t do it cheaply. You’d be paying us around US$500-1000/month baseline + whatever you need in clean bandwidth for that, but SLA we can mitigate it no matter what.

    All in all, you could also try nesting mitigation providers and simply doing HA/load balance/health checks on the DNS level.

  • SplitIceSplitIce Member, Provider
    edited July 16

    @wdmg said: nesting mitigation providers

    That's not how mitigation works. I assume you mean round-robin or active failover or something

    A->B->C mitigation providers won't help anyone.


    If you read this thread carefully you will notice that none of the usual suspects are offering to guaruntee protection in this case.

    Sure most of the networks being discussed here have the raw capacity. But no one is going to tank consistent attacks of that magnitude for pennies. We are talking potentially $20k+/m in bandwidth costs here and likely $500-$2k/m+ in amortized hardware capacity. Excluding those direct costs you then have technical costs (software development, rule development), any engineer time required for complex attacks etc and a healthy markup.

    On the bandwidth side most cheaper DDoS protected networks significantly reduce mitigation costs by using their ingress to egress ratio difference to significantly discount their transit bill. e.g if they have a consistent egress of 200G and ingress of 100G they then have a "free" capacity of 100G for mitigation at no additional cost. This is because generally on the wholesale market you usually pay for whichever is greater from your ingress or egress. Eyeball networks use more ingress, datacenters typically use more egress.

    That under utilized ingress capacity is a big part of how you get many of the cheaper protection offers this forum knows and loves. But it's also why the pricing quickly increases once you get beyond certain levels.

    Not too many networks would have enough free ingress to be willing to do sustained 200-800G without opening their wallet. OP needs to be looking for big networks. He may not like it but OVH is probably one of his better bets in the cheap market. Assuming he is getting that 200-800G at a consistent level he needs someone egressing Tbps.

    NOTE: lots of assumptions and simplifications. Peering, Cost Sharing, Insurance, Value Adding & Transit Rate-Limiting are also all factors to name a few as well.

    X4B - DDoS Protection: Affordable Anycast DDoS mitigation with PoPs in the Europe, Asia, North and South America.
    Latest Offer: Brazil Launch 2020 Offer
  • wdmgwdmg Member
    edited July 16

    @SplitIce

    That’s not how mitigation works.

    I’m aware how mitigation works, it was a cheap suggestion. Relying on the fact that any decent DNS provider could HA and swap, so you’ll have minimal outage, but it’s still going to be costly.

    The bottom line is, you’ve got to pay to defend it. I’m sure if you slapped a ton of money to Google, AWS, Azure, Akamai, Imperva they’d be happy to filter it, but you’re easily looking $500 minimum, likely on a year contract.

  • hzrhzr Member, Moderator

    @wdmg said: The bottom line is, you’ve got to pay to defend it. I’m sure if you slapped a ton of money to Google, AWS, Azure, Akamai, Imperva they’d be happy to filter it, but you’re easily looking $500 minimum, likely on a year contract.

    Having worked at or used these, $500 doesn't begin to cover the account manager's cost.

    Thanked by 2SplitIce Clouvider
  • ourvdsourvds Member

    @Habeeb said:
    Greetings
    I am looking for a ddos protected hosts, my team has tried several hosts such as stormwall, voxility, OVH , but was not protected from the type of attack received, the botnet attack ranges from 200gbps to 800gbps(Amplified), we have a large scaling community of gamers consisting of teamspeak 3 and multiple game-servers.

    https://www.team-host.ru/ ask this is place

  • HabeebHabeeb Member

    @ourvds said:

    @Habeeb said:
    Greetings
    I am looking for a ddos protected hosts, my team has tried several hosts such as stormwall, voxility, OVH , but was not protected from the type of attack received, the botnet attack ranges from 200gbps to 800gbps(Amplified), we have a large scaling community of gamers consisting of teamspeak 3 and multiple game-servers.

    https://www.team-host.ru/ ask this is place

    I have tried them they said there protection does not work with the size of attack I am receiving

  • thedpthedp Member

    Can't you just say sorry? :joy:

    Looking for IT/Tech/Hosting-related Domain Names? Send me a PM here or on Discord (DP#3914)

  • HabeebHabeeb Member

    @thedp said:
    Can't you just say sorry? :joy:

    What ? datacheap.ru hosted on team-host I tried them ,directly team-host they do no reply to emails, as datacheap.ru they said there protection does not work completely with teamsspeak 3 , there would be some sort of disturbance with the application level protection.

Sign In or Register to comment.