New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Apparently it's getting worse?
P.S. Images in signature are bad
He's cookie stuffing us with his DigitalOcean affiliate link.
I get 404 for his sig! http://img.wheezy.io/signature/0
It's done on purpose.
Try it with this page as a referer
Try with the correct Accept header
@linuxthefish see the Initiator column
The OVH protection will filter some attacks, but the game ddos protection it seems to me better than PRO.
I used OVH a long time ago before I established my new company. Their "protection" at the time was something like null-routing you.
Their "Anti-DDoS GAME" mentions Layer 3, 4, and 7 so I'd assume it to be actual protection. Their "Anti-DDoS PRO" seems like some sort of constant mitigation, but not really protection. Probably just filtering some attacks. Their "Anti-DDoS" sounds like no protection at all and they just handle it by null-routing you or mitigating it after it happens so it doesn't affect all their other customers.
Their standard Anti-DDoS mitigates in similar way as their Anti-DDoS PRO but it activates after when an attack starts on an IP address so it does take a minute or so to start the mitigation & you cannot configure firewall rules with it as well.
It's better than nothing, but the "DDoS Mitigation Network" is as effective as standing in front of a car coming at you at 80 miles an hour (130 km/hour). What I suggest is that you go with a decent DDoS protection provider (e.g. Voxility, but it's a terribly expensive), or @Francisco (BuyVM filtered IPs).
@doghouch Voxility is terrible but BuyVM who use Voxility are good?
terribly expensive
DERP "but it's a terribly expensive" ==> "but it's terribly expensive"
(made the little grammatical mistake there) :L
OVH ddos protection had improved a lot from last 2 years. I am using OVH dedicated server 10G and there DDOS work well , if you configure firewall well in control panel of OVH.
DDoS attacks have also decreased in power.
Huh, the ones we have mitigated are getting bigger, well big attacks rather than a HF script kiddie.
Generally all scripts from HF is blocked on the newest firewalls (DNS , SSDP , NTP). Blocking its "payload"
(I read on LET)
I do not like OVH, not after their decision to close down RunAbove cloud services. I advise everyone to really consider if they want OVH.
my sandbox is up and running since almost an year!
What technology is ovh using for their ddos protection?
They didn't close it, it was always a lab environment, and they have moved what worked will into production ready (OVH) and introduced new labs into RunAbove.
Cisco and Tilera. RioRey like yours does not scale well and is prohibitively expensive, Tilera is cheaper but you need to write your own software stack.
Does Cisco actually have a modern ddos protection product? Last I remember was Cisco Guard and that is essentially an antique now.
Cisco ASR9000 series:
https://www.arbornetworks.com/images/PB_CiscoASR9000_EN2015.pdf
More info about OVH protection:
https://www.ovh.com/us/anti-ddos/pre-firewall.xml
https://www.ovh.com/us/anti-ddos/firewall-network.xml
https://www.ovh.com/us/anti-ddos/tilera.xml
https://www.ovh.com/us/anti-ddos/arbor.xml
Does anyone know if internal attacks are patched?
Maybe 2-3 years ago we had one server put under DDoS protection, from our perspective it was merely a notice they are doing this. Didn't hinder traffic at all etc.
Was surprised how good it actually was!