arrow_upward

Pages (2):
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Should Anti-DDoS protection be a included feature?
#1
As the title says, what do you think about anti-DDos protection?
Does your VPS (standard paid plan or sponsored) have it?
Did you ever experience an attack? How did you handle it?

These are simple questions that, if you own a VPS, you will face someday. There is nothing to hide, I have experience it, at least 3 time with different systems.
As for my experience I can say that publishing your RAW IP address on the big internet is very dangerous.
These are a lot of attacks that can target you:
  • HTTP attack
  • SYN attack
  • NTP attack
  • SSH brute force
  • ICMP attack
  • Minecraft's sever attack (I am not joking, they flood the sever with ad-hoc simulated login requests)
  • ect...
The criminals just need your IP address, with simple software such as NMAP they can scan your entire port set and know what are you using.

When it will happen?
Well there isn't a specific moment, as soon as you publish something on the WEB you are in danger. There are services such as CDN that helps you hiding your real IP address but there are some exceptions:
  • To use SSH you need to access via the real IP address, CDN can't forward SSH.
  • When you want to host a game server you need to publish your real ip, CDN can't forward game traffic.
  • Free CDN services are limited, for example they cover only the 3rd level domain, if you need some nested domain you are naked.
  • Service such as mail servers, torrents are ignored by CDN, you are naked.
What you can do to protect yourself?
You can only prevent the leak of your IP address. If it has leaked and an attack is performed there are very few chance that you, as a VPS's provider customer, can handle it. You can shutdown your VPS but the traffic will always reach your provider's network.
Speaking of what action you can do:
  • Shutdown whatever is not necessary at that moment;
  • DON'T REJECT THE TRAFFIC, you let it be dropped with a HUGE timeout, so you can slow down the criminal
  • Be sure to use a CDN service which provides minimal protection
All I have said util now is useful when your own a VPS without a anti-ddos protection, when you have such protection mostly of the attack will be handled by experts and proper hardware thanks to the providers, we are speaking of:
  • Hardware firewall
  • Blackhole where redirect criminals' traffic
  • Proper IP filtering systems
So, let's end this little talk: after reading such things and how easy is to get targeted, what do you think? Should anti-ddos protection be a must-have for every VPS? Should be a paid or included service?

I am just a user, I am not aware of how complex is to setup such protection on providers'end. I am very curious, so if any provider read this, let us know what mean to setup a anti-ddos protection! Smile
Thanks to Post4VPS and Bladenodefor VPS 14
#2
DDOS Protection, a protection from distributed Denial Of Service attacks!
This protection is very important if you are running a server, because if there is a DOS / DDOS attack, this system protects your server from the negative effects of this DDOS attack!

I have 1 VPS with DDOS protection, but sometimes it's not effective!

I have experienced this many times at least 5 times a week!
The way I complete this attack is,
1. Using VPS with large bandwidth with high port speed!
2. If a DDOS attack occurs, I usually analyze the attack and then block the attacker's IP!
But if the attack uses Proxy / Botnet I have prepared a Weapon that makes the attack go down significantly!
I only allow Non-Anonymity Traffic from Indonesia!
3. If the DDOS attack continues, I usually contact the VPS provider to notify them to investigate this attack as soon as possible!
Terminal
Solo Developer
#3
(06-29-2020, 01:42 PM)chanalku91 Wrote: DDOS Protection, a protection from distributed Denial Of Service attacks!
This protection is very important if you are running a server, because if there is a DOS / DDOS attack, this system protects your server from the negative effects of this DDOS attack!

I have 1 VPS with DDOS protection, but sometimes it's not effective!

I have experienced this many times at least 5 times a week!
The way I complete this attack is,
1. Using VPS with large bandwidth with high port speed!
2. If a DDOS attack occurs, I usually analyze the attack and then block the attacker's IP!
But if the attack uses Proxy / Botnet I have prepared a Weapon that makes the attack go down significantly!
I only allow Non-Anonymity Traffic from Indonesia!
3. If the DDOS attack continues, I usually contact the VPS provider to notify them to investigate this attack as soon as possible!
My first experience lasted for an entire week and literally killed my little raspberry, I was hosting a little public service using a dedicated network. It was very massive and various, it was not a simple type. That time I was not aware of the exposing IP problem, so it likely scared me a lot. After that I read a lot of article regarding attacks and mitigations, but never had the chance to try them during an on-going attack.

My latest experience lasted for an entire month! I tried so much to handle and contain the attack but it has been all useless. Nothing I could do from my end helped to stop them.
Regarding your points, I have some questions:
  1. Regarding this, an user can't do nothing, the bandwith is fixed and it depends on the "contract" you signed with your provider, maybe you can ask for an increase of bandwith but nothing more;
  2. I tried shutting down the VPS, but the traffic still reached the provider's network and caused problems, well the VPS was uncovered by any protection and they detected an abnormal traffic;
  3. This is the only thing that I experience working so far;
Thanks to Post4VPS and Bladenodefor VPS 14
#4
i always try to hide behind Cloudflare where possible. also routing it through HE ipv6 tunnel is another way I like doing things. I just love them and hope they keep the service long. we still don't have ipv6 here in most of the networks.

I have a very simple question ... why do you say "anti-DDoS protection" ? it sounds like saying 'vip security protection' ... weird !

you say theft protection... meaning protection against theft...
not anti-theft protection.

anti-ddos measures/services .... fine !

please don't get offended or turned off. i am no authority on proper usage of English. I do make tons of mistakes that i fail to catch I'm sure. (corrections from the pov of standard British English is always welcome). This is something that kept bothering me for a long time. so I wrote here.
Sincere Thanks to VirMach for my VPS9. Also many thanks to Shadow Hosting and cubedata for the experiences I had with their VPSs.
#5
While in past I remember when I was using vps1 which doesnt have ddos protection and I supposed to use game servers on that vps1 mta server got ddos and vps came to down ,we were in doubt why this happened so it was actually a ddos attack which led bandwidth overload and vps was suspended ,so having a ddos protection really must be get a vps which have a better ddos protection so that your vps can't be ddos attack victim I seen evolution host vps which have advance dados protection which is really strong and better for game servers so having ddos protection must be for vps and ahvinf cloud fare for website is another think to protect the host website
thank you post4vps and  racknerd for wonderful vps3  Heart
 
#6
@LightDestory  Excellent opening post!  Cool

Is it possible to explain exactly what DDoS protection you have in mind?  Because as far as I know the real protection can only happen at the Data Center, and has to be part of a special package that the host negotiates with the DataCenter.  It usually comes with a price tag and may vary in price depending on the package that is negotiated.

What DDoS protection package do you have in mind?

Also, is this an attack on the VPS, or an attack on the IP?

For me, since VPS DDoS protection comes from the very top and may be expensive, this would be an issue for the VPS to be cheap and affordable.  So one is likely to find genuine DDoS Protection offered for a premium price on top of the VPS price. Virmach for example offers specific DDoS protected IPs at the additional price of $5 per month. Considering that an additional IP is usually approx 1-2$/m $5/m is quite a big charge for a DDoS protected IP.

Cloudflare I understand does provide some protection, but for me it would be logical that it would be limited.  The real DDoS protection can only happen through the top at the DataCentre down.
Terminal
Thank you to Post4VPS and VirMach for my awesome VPS 9!  
#7
In my experience I have experienced some attacks from chinese ips(sorry to say, but most of the ips are from chinese) to login to ssh port. Simply changing port had stopped those attacks. Mainly these attacks occur when we are using an ip shared on the public domain. DDOS protection is a treatment while our own actions may can prevent the server from attackers. As deanhills said having DDOS Protected server may cost a bit higher. I use cloudflare to hide ips and avoid leaking services maximum.


Thank you  Sweet



#8
In my game servers experience, I had to close my gaming community for a while due to DDoS Attacks. I usually received DDoS from booters free and paid both and the IP's were usually from China, I tried blocking them but before the firewall would drop it would already saturate my internet connection. For VPS, I straightly went for OVH and it is keeping me well up for now.
A question i would like to ask everyone
I'm receiving DDOS Attacks on my VPS, I receive notifcation your IP is under attack and all. But only my TeamSpeak3 server goes down, VPS works fine, Internet speed is fine, No RAM or CPU saturated. What i can do about this?
Thanks to ReadyDedis and Post4VPS for the amazing VPS 7!

#9
(06-29-2020, 02:06 PM)LightDestory Wrote: My first experience lasted for an entire week and literally killed my little raspberry, I was hosting a little public service using a dedicated network. It was very massive and various, it was not a simple type. That time I was not aware of the exposing IP problem, so it likely scared me a lot. After that I read a lot of article regarding attacks and mitigations, but never had the chance to try them during an on-going attack.

My latest experience lasted for an entire month! I tried so much to handle and contain the attack but it has been all useless. Nothing I could do from my end helped to stop them.
Regarding your points, I have some questions:
  1. Regarding this, an user can't do nothing, the bandwith is fixed and it depends on the "contract" you signed with your provider, maybe you can ask for an increase of bandwith but nothing more;
  2. I tried shutting down the VPS, but the traffic still reached the provider's network and caused problems, well the VPS was uncovered by any protection and they detected an abnormal traffic;
  3. This is the only thing that I experience working so far;

1. Look for a provider that provides very large bandwidth, contacting them to increase bandwidth will only waste money!
2. Use a DDOS attack detection system that will notify you if something goes wrong on your network, and immediately contact the service provider to notify the provider that you are being attacked by a distributed Denial of service, they will immediately take action on their network!
If your VPS doesn't turn on, Attacks can still reach the Service Provider Router!
Terminal
Solo Developer
#10
(06-29-2020, 12:47 PM)LightDestory Wrote: As the title says, what do you think about anti-DDos protection?
Does your VPS (standard paid plan or sponsored) have it?
Did you ever experience an attack? How did you handle it?

These are simple questions that, if you own a VPS, you will face someday. There is nothing to hide, I have experience it, at least 3 time with different systems.
As for my experience I can say that publishing your RAW IP address on the big internet is very dangerous.
These are a lot of attacks that can target you:
  • HTTP attack
  • SYN attack
  • NTP attack
  • SSH brute force
  • ICMP attack
  • Minecraft's sever attack (I am not joking, they flood the sever with ad-hoc simulated login requests)
  • ect...
The criminals just need your IP address, with simple software such as NMAP they can scan your entire port set and know what are you using.

When it will happen?
Well there isn't a specific moment, as soon as you publish something on the WEB you are in danger. There are services such as CDN that helps you hiding your real IP address but there are some exceptions:
  • To use SSH you need to access via the real IP address, CDN can't forward SSH.
  • When you want to host a game server you need to publish your real ip, CDN can't forward game traffic.
  • Free CDN services are limited, for example they cover only the 3rd level domain, if you need some nested domain you are naked.
  • Service such as mail servers, torrents are ignored by CDN, you are naked.
What you can do to protect yourself?
You can only prevent the leak of your IP address. If it has leaked and an attack is performed there are very few chance that you, as a VPS's provider customer, can handle it. You can shutdown your VPS but the traffic will always reach your provider's network.
Speaking of what action you can do:
  • Shutdown whatever is not necessary at that moment;
  • DON'T REJECT THE TRAFFIC, you let it be dropped with a HUGE timeout, so you can slow down the criminal
  • Be sure to use a CDN service which provides minimal protection
All I have said util now is useful when your own a VPS without a anti-ddos protection, when you have such protection mostly of the attack will be handled by experts and proper hardware thanks to the providers, we are speaking of:
  • Hardware firewall
  • Blackhole where redirect criminals' traffic
  • Proper IP filtering systems
So, let's end this little talk: after reading such things and how easy is to get targeted, what do you think? Should anti-ddos protection be a must-have for every VPS? Should be a paid or included service?

I am just a user, I am not aware of how complex is to setup such protection on providers'end. I am very curious, so if any provider read this, let us know what mean to setup a anti-ddos protection! Smile

The short answer would be: sort off

The long answer:

It really depends on your use-case. 

If you’re running something that’s not so important, or something that won’t need to have any decent uptime, then DDoS protection would be the least of your concerns. So no point in even worrying about it being included in whatever plan you’re using.

On the other hand, if what you’re running requires good uptime and/or is of significant importance, then having DDoS protection included with your existing plan would be much appreciated.

However, DDoS protection does come at a cost with most providers (simply because it costs them money as well to offer it for you!). So even if it’s included in your plan, that could mean that plans would shoot up in price. So even though you’re not paying for at as an extra addon, you’re now paying for it as part of your recurring billing plan. So it won’t save you anything cost-wise in most cases. And doing so this way would either mean that people who don’t want it are paying for it, or having separate non-protected plans, which defeats the purpose.

Hence, offering it as an addon is the winner here. Reduces the confusion, keeps things simple and straightforward and is simply the most advantageous for both the provider and client.
Thank you Post4VPS and VirMach for providing me with VPS9! But now it’s time to say farewell due to my studies.
Pages (2):
lockThread Closed 


person_pin_circle Users browsing this thread: 1 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting