All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Need a bit more understanding.
Well im still thinking of a way to stop or limit ddos attacks.
First of all, i have a openvz and a kvm vps with ipv6, is it possible for customers(without needing to submit a support ticket) to null route there own ipv6 addresses?
I am thinking of maybe limiting web server speeds (but i heard that does not really matter in a ddos attack?) and then have several (different vps) web servers randomly distribute the requested data.
I seriously hate tcp/udp - I wish there was a way you can just "block connections (and the data it sends - without using resources router/server side) from a ip" from what i understand from what i read is that when a bot connects it will send a crap load of dummy data to attack the server and it will overload the network. And i read that whitelist of ip address does not help provent ddos attacks.
Its like "hopeless" to prevent major ddos attacks unless you pay a crap load of money a month for a proxy or datacenter that supports it :-/
Comments
I'm not sure you fully understand how a network works. It is not possible to null route your own address (I'm assuming you don't have router access) but it would be possible to blackhole the packets locally with iptables, but that will ave limited effectiveness against a DoS. Limiting web server speeds won't do anything (it might actually exacerbate the issue by forcing the web server to keep more concurrent requests open, thus requiring lower malicious traffic levels).
There is a way to block connections. You already mentioned it. Null routing. This basically tells the entire internet to disregard any traffic destined for you. It depends at what layer the attack occurs, but the serious ones all operate low level. So it doesn't matter who you block or whitelist, because the proverbial door is jammed with data.
Yes, a major DDoS attack is just that. A major attack. Unless a tech breakthrough occurs, it won't be possible to sustain a major attack on a LEB budget.
the ddos attack cannot be stopped, it just can't. As long as people have the option to send you packets, ddos will always be an option unfortunately
Here is a fantastic article from CloudFlare discussing DDoS in details.
http://blog.cloudflare.com/65gbps-ddos-no-problem
Elvis Costello will give you some Understanding
Null routing would remove the ability to send packets.
Ok thanks for your answers.
Im a bit "slow" but i understand you cant prevent ddos.
But with sockets - as i understand you can block connections? im not talking about a webserver now, but a application which only has 1 socket port - is there a way to block connections? as i understand a web server is using sockets - but sinces its a server its non-blocking.
So sorry if i am confusing/hard headed
I mean this in the most constructive way possible, but I think you are in way over your head. I started to try to answer that and then realized I have no idea what you're asking. I think you're confusing non-blocking I/O at the application level with blocking a connection, or something...not quite sure.
Here let me just be blunt: if there were a way to cheaply, effectively and easily block DDoS attacks in the manner you've suggested, people would be doing it. There are very technically skilled people working around the clock to develop new mitigation strategies. It's big business with big money behind it.
iwaswrongonce - yea im sorry.
So basically it does not matter if using a web server/custom socket program - if it has a tcp/ip address it can be DDOS correct?
If so that sucks.
You would think with these high GBPS attacks tcp/ip would be more up to date and have some sort of protection.
I was even thinking of alternative ways to transfer data - sms and even touch tone phone using a cloud phone service(yes i know that will be VERY data limited lol) - but even then people could just sms bomb or call the number that it will eat all my money.
I guess the only way to not be DDOS or DoS attacked is not have it online lol
We do have protection. It's just not cheap, but it's getting much cheaper.
Think of it this way. You have a party at your house for you and 50 of your closest friends. A few hundred thousand people decide to crash it. It doesn't matter if you tell them to leave once they get to your door. The traffic of all those people trying to drive down your residential street will block out the 50 guests you invited.