Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


A DDOS magnet is coming my way.
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

A DDOS magnet is coming my way.

So we just reeled in a new client which is great. My problem is, they'll be a DDOS target for sure. We're developing their website and backbend and since we established a great relationship business wise they want us to handle the hosting as well. We're running some nodes with protection for ease of mind but have never been hit so far. Basically I don't want to stick them on a node hosting the average Joe's small website.

As their current host knows they're moving as soon as we finished up they're not really cooperating by giving more details about past attacks and so on. My best guess is they're on ovh/sys but they stuck the domain on Cloudflare so I can't be sure. Could temporarily remove cloudflare as soon as we got control to collect data but it'll leave their website vulnerable for a small time.

We need a dedicated server with good DDOS protection. EU preferred but US will work as well. Minimal specs would be 8GB ram, storage not that much (SSD / HDD , 2 drives preferred), and about 500GB -1TB transfer. Important to us is that the host is ok with a regular DDOS coming their way and is willing to work with us if shit hits the fan. Not looking for offers just suggestions on where to look. Budget not set but up to $100 a month I guess. Any thoughts of where to look avoiding the obvious? What's your experience with regularly being attacked? By the way, the client is 100% legal. It's a small law firm specialised in cybercrime hence they'll attrack some attacks :)

«1

Comments

  • randvegetarandvegeta Member, Host Rep

    Hello.

    We offer DDoS protected servers in Lithuania. Protection is from DDoS Guard and in theory can handle upto 1.5Tbps in attack traffic. We have records of attacks well exceeding 100Gbit and the protection held up fine for the server.

    What are your hardware requirements?

    We have DDoS Protected VPS (XEN) from as little as US$10 /month for 512MB RAM and 20GB HDD. We can do a dedicated server for <$100 /month depending on your hardware requirements.

  • randvegetarandvegeta Member, Host Rep

    Saragoldfarb said: Not looking for offers just suggestions on where to look

    Sorry for making the offer above.

    What's wrong with using CloudFlare if I may ask?

  • @randvegeta, CloudFlare is not a comprehensive solution and there's already a number of uncloaking tools.

  • hawchawc Moderator, LIR

    Speak to @Ishaq about what BudgetNode could offer.

    Thanked by 2Saragoldfarb GCat
  • @BeardyUnixGuy said:
    @randvegeta, CloudFlare is not a comprehensive solution and there's already a number of uncloaking tools.

    Uncloaking tools? Only if you're a noob.

  • ZareZare Member, Host Rep

    Check our London offerings, all DDoS protected and within budget; https://zare.com/dedicated-servers

    Thanked by 1Saragoldfarb
  • Speak to @francisco // perhaps he can work out a deal for ya in the LV DC (Not sure)

  • jh_aurologicjh_aurologic Member, Patron Provider

    Hi,

    we provide ddos mitigation in Frankfurt, Germany. Every OSI Layer is protected due to our self built multilayer mitigation solution which has proven over the years. We are dealing with around 80 attacks per day for multiple customers without manual investigation.

    Especially attacks on Layer7 (like http request floods) are our speciality ;-)

  • Just go with OVH/SYS

  • pbgbenpbgben Member, Host Rep

    @tr1cky said:

    @BeardyUnixGuy said:
    @randvegeta, CloudFlare is not a comprehensive solution and there's already a number of uncloaking tools.

    Uncloaking tools? Only if you're a noob.

    Easiest way I know is to check email server location, that and sometimes the spf will tell you where the site is hosted. I never need to find info so not privy to the best way of finding out.

    If they're a dos magnet then cloudflare is a good start, but application layer is going to be the biggest problem. You'll need to distribute the site across a few servers to handle the traffic.

  • @randvegeta said:

    Saragoldfarb said: Not looking for offers just suggestions on where to look

    Sorry for making the offer above.

    >

    No worries. Good to get some insight on pricing anyway. It's just I don't particularly care about the costs at this point. We don't make money on the server itself. Just pass on the bill :)

  • @pbgben said:
    If they're a dos magnet then cloudflare is a good start, but application layer is going to be the biggest problem. You'll need to distribute the site across a few servers to handle the traffic.

    Good point. Will consider using multiple servers.

  • @pbgben / @tr1cky, there are various ways to work around CloudFlare. My point was simply that any simpleton can just use one of these uncloaker tools.

  • @Zare said:
    Check our London offerings, all DDoS protected and within budget; https://zare.com/dedicated-servers

    Noticed you'll be offering in AMS in a couple of weeks. What DC will you be using?

  • joerijoeri Member, Host Rep, LIR

    @Saragoldfarb

    I can offer you the next server in NL

    Supermicro - Intel Xeon E3 1270v3 - 32GB DDR3 - 2x240GB SSD - 20TB traffic

    For €100 each month

  • edited October 2016
    Thanked by 2Foul Francisco
  • classyclassy Member
    edited October 2016

    Saragoldfarb said: We don't make money on the server itself. Just pass on the bill :)

    I would strongly advice you adding 15% on top of the bill as you'll be the contact between your client and the host, handle financial details, etc. That takes time and thus costs money too.

    Edit: Not to mention, it's industry standard.

  • @classy said:

    Saragoldfarb said: We don't make money on the server itself. Just pass on the bill :)

    I would strongly advice you adding 15% on top of the bill as you'll be the contact between your client and the host, handle financial details, etc. That takes time and thus costs money too.

    Edit: Not to mention, it's industry standard.

    Yes, 15% is the standard. Unless of course you have a separate maintenance contract with the client that would also cover the time that you'd spend on managing their server and sorting their billing related stuff. After all, time really is money.

  • @classy said:

    Saragoldfarb said: We don't make money on the server itself. Just pass on the bill :)

    I would strongly advice you adding 15% on top of the bill as you'll be the contact between your client and the host, handle financial details, etc. That takes time and thus costs money too.

    Edit: Not to mention, it's industry standard.

    I know. But we don't want to move that direction. Time/money is already accounted for in the quote we give on website development/management. This avoids the discussion with less technical clients who just notice you bill $100 for a server they can rent themselve for $70. We always make sure we pick the host we're dealing with. We're always 100% transparent about who we use and what the costs are for us. If a client feels they're better of renting their own hardware, feel free but then you're not for us. We're not a hosting company. Not a server management company either so I don't want to deal with the crappy servers clients rent :). Sure, we as well use budget services at times but when we do so we're fully aware of the services limitations and know what we can, and more important, cannot use it for.

    Eversince we went this route support requests dropped over 40% :)

    Thanked by 1MikePT
  • ClouviderClouvider Member, Patron Provider

    Thanks for recommending @Ympker ! :)

    Thanked by 1Ympker
  • MikeAMikeA Member, Patron Provider
    edited October 2016

    OP I'd recommend contacting Psychz and asking for something within your budget, it'll probably work perfectly fine long term.

    @pbgben said:

    @tr1cky said:

    @BeardyUnixGuy said:
    @randvegeta, CloudFlare is not a comprehensive solution and there's already a number of uncloaking tools.

    Uncloaking tools? Only if you're a noob.

    Easiest way I know is to check email server location, that and sometimes the spf will tell you where the site is hosted. I never need to find info so not privy to the best way of finding out.

    If they're a dos magnet then cloudflare is a good start, but application layer is going to be the biggest problem. You'll need to distribute the site across a few servers to handle the traffic.

    I think that was his point of saying noob. CloudFlare works great for protection if the person uses a remote mail server / hosted service separately, and delete all of the pointless default rules from some panels.

  • MikeA said: I think that was his point of saying noob. CloudFlare works great for protection if the person uses a remote mail server / hosted service separately, and delete all of the pointless default rules from some panels.

    Yup, also disable any remote upload features on e.g. forums or wordpress.

    CloudFlare is great if you know how to use it. There's a reason why even hosts who advertise ddos protection host their main site behind CloudFlare, e.g. RamNode does so.

  • AndreixAndreix Member, Host Rep

    Hello there,

    We can offer you Dedicated Servers in over 30 datacenters around the world (mostly europe).

    A list with all major DCs we have infrastructure in: https://www.hetnix.com/hetnix/hetnix-now-offering-dedicated-servers-30-datacenters-around-world.xml

    A list with our pre-made Dedicated Servers plans: https://www.hetnix.com/dedicated-servers.xml

    If you have any questions or need more information about our services, please feel free to contact us at office -a.t- hetnix.com.

    Thank you.

  • SplitIceSplitIce Member, Host Rep
    edited October 2016

    We offer services in the US and Europe with all attacks protected (including Layer 7) up to the thresholds purchased and Live (Web) & Weekly (PDF) Reporting in most locations.

    With us you can continue using your current preferred host and integrate with the remote protection options.

  • Thanks all for your offers and suggestions. Next week we'll complete the site transfer. We were offered a temporary solution by a host to collect some data on the DDOS attacks. Once we have more info on what we're gonna be dealing with we'll decide where to take our client in the long run. Thanks again!

  • raindog308raindog308 Administrator, Veteran

    Just curious: what makes them a DDOS magnet? I realize you dont want to identify the client but what kind of site/content is it?

  • raindog308 said: I realize you dont want to identify the client but what kind of site/content is it?

    Saragoldfarb said: It's a small law firm specialised in cybercrime hence they'll attrack some attacks :)

    most likely krebsonsecurity ;-)

  • @Falzo said:

    raindog308 said: I realize you dont want to identify the client but what kind of site/content is it?

    Saragoldfarb said: It's a small law firm specialised in cybercrime hence they'll attrack some attacks :)

    most likely krebsonsecurity ;-)

    I wish :)

  • @raindog308 said:
    Just curious: what makes them a DDOS magnet? I realize you dont want to identify the client but what kind of site/content is it?

    It's for a small law firm who takes action against all kinds of internet abusers. Their main focus is to take down anything illegal in their geographical jurisdiction. Copyright offenders, spammers, illegal distribution of software, that kind of things. Hence the fact they attract the occasional DDOS.

    I don't always agree with them as I like my "Linux distros" but they're quite hands on and have taken down quite some sites distributing content released by independent artists. Anyway, this seems to piss off the occasional script kiddy who feels the need to launch an attack.

Sign In or Register to comment.