+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: General Chat (https://post4vps.com/Forum-General-Chat)
+--- Forum: Offtopic (https://post4vps.com/Forum-Offtopic)
+--- Thread: Ever wondered about OVH? (/Thread-Ever-wondered-about-OVH)
Ever wondered about OVH? - Manal - 01-13-2019
Have you ever wondered how OVH's anti-ddos mechanism works? I have seen some booter's owner trying to attack me with attacks going as hard as 6 GB/sec on OVH's server but still, the server didn't went down(it lagged a bit and maybe because some packets weren't filtered but it lagged soo less that no one would even doubt if that lagged).
They've explained how it works. How the mitigation starts and what not in their anti ddos mitigation solution webpage. But still, I'm much more curious about how do they work.
They may have big machines backing off the power? But in TBs? How can even a big floor sized server protect a TB attack?
How does its VAC work? If anyone have any idea with its deep explanation of its mitigation mechanism and how does/may it look? Has anyone ever wondered about that?
RE: Ever wondered about OVH? - chanalku91 - 01-14-2019
It's just that 6GB / s is an attack by BOTNET!
I Think You Must Install Firewall + NIDS to prevent it from happening again!
RE: Ever wondered about OVH? - deanhills - 01-14-2019
(01-13-2019, 06:27 PM)Manal Wrote: Have you ever wondered how OVH's anti-ddos mechanism works? I have seen some booter's owner trying to attack me with attacks going as hard as 6 GB/sec on OVH's server but still, the server didn't went down(it lagged a bit and maybe because some packets weren't filtered but it lagged soo less that no one would even doubt if that lagged).We're experiencing the same at Gigarocket Manal. We've been using OVH for a while for our VPSs. OVH does it with what they called anti-DdoS protection. Powerful scripts to protect their servers. They've got a write-up about exactly how it works at the link below:
https://www.ovh.com/world/anti-ddos/
In a nut-shell it is the following:
Quote:Our anti-DDoS solution is composed of several different internally-built hardware components and technologies. It is present in all OVH points of presence worldwide, so that it can absorb all attacks via the mitigation technique. We are able to mitigate attacks due to a three-step solution, which consists of analyzing traffic, then vacuuming it in order to mitigate it. At OVH, mitigation uses a combination of internal technologies that are collectively called a VAC.
The VAC is a combination of different technologies developed by OVH, and designed to mitigate DDoS attacks. With its unique composition, it can filter incoming traffic so that only legitimate data packets pass through and reach your servers, while illegitimate traffic is blocked. The VAC notably includes a pre-firewall, the Firewall Network and Shield and Armor components.
RE: Ever wondered about OVH? - rudra - 01-14-2019
i think manal knows about these pages and read it already. he wants to know if anyone around here has more in depth knowledge on what goes on behind the scene in that anti-ddos setup.
may be hr knows better.
i can just hazard some guesses. they have terabyte scale capacity
at the backbone.
i guess they sample data packets.. say one in every 2000 or some such using highly parallel processing systems
using specialised processors (not general purpose ones..for better speed and efficiency).
now ddos attacks are mostly dumb. like same or similar kind of connection/page requests without further interactions with that requested page. so if the system sees lots of similar and repeated requests from zillions of different ips then it can start dropping the packets from those source ips and thus kill the flood even from entering the Gbps and Mbps scale networks.
i dunno
RE: Ever wondered about OVH? - Manal - 01-17-2019
(01-14-2019, 12:40 PM)rudra Wrote: i think manal knows about these pages and read it already. he wants to know if anyone around here has more in depth knowledge on what goes on behind the scene in that anti-ddos setup.
may be hr knows better.
i can just hazard some guesses. they have terabyte scale capacity
at the backbone.
i guess they sample data packets.. say one in every 2000 or some such using highly parallel processing systems
using specialised processors (not general purpose ones..for better speed and efficiency).
now ddos attacks are mostly dumb. like same or similar kind of connection/page requests without further interactions with that requested page. so if the system sees lots of similar and repeated requests from zillions of different ips then it can start dropping the packets from those source ips and thus kill the flood even from entering the Gbps and Mbps scale networks.
i dunno
Agreed with you @rudra. I have read the article but still, they haven't mentioned exactly how they tackle the attacks. Your predictions might be true with what you say.