06-29-2020, 12:47 PM
As the title says, what do you think about anti-DDos protection?
Does your VPS (standard paid plan or sponsored) have it?
Did you ever experience an attack? How did you handle it?
These are simple questions that, if you own a VPS, you will face someday. There is nothing to hide, I have experience it, at least 3 time with different systems.
As for my experience I can say that publishing your RAW IP address on the big internet is very dangerous.
These are a lot of attacks that can target you:
When it will happen?
Well there isn't a specific moment, as soon as you publish something on the WEB you are in danger. There are services such as CDN that helps you hiding your real IP address but there are some exceptions:
You can only prevent the leak of your IP address. If it has leaked and an attack is performed there are very few chance that you, as a VPS's provider customer, can handle it. You can shutdown your VPS but the traffic will always reach your provider's network.
Speaking of what action you can do:
I am just a user, I am not aware of how complex is to setup such protection on providers'end. I am very curious, so if any provider read this, let us know what mean to setup a anti-ddos protection!
Does your VPS (standard paid plan or sponsored) have it?
Did you ever experience an attack? How did you handle it?
These are simple questions that, if you own a VPS, you will face someday. There is nothing to hide, I have experience it, at least 3 time with different systems.
As for my experience I can say that publishing your RAW IP address on the big internet is very dangerous.
These are a lot of attacks that can target you:
- HTTP attack
- SYN attack
- NTP attack
- SSH brute force
- ICMP attack
- Minecraft's sever attack (I am not joking, they flood the sever with ad-hoc simulated login requests)
- ect...
When it will happen?
Well there isn't a specific moment, as soon as you publish something on the WEB you are in danger. There are services such as CDN that helps you hiding your real IP address but there are some exceptions:
- To use SSH you need to access via the real IP address, CDN can't forward SSH.
- When you want to host a game server you need to publish your real ip, CDN can't forward game traffic.
- Free CDN services are limited, for example they cover only the 3rd level domain, if you need some nested domain you are naked.
- Service such as mail servers, torrents are ignored by CDN, you are naked.
You can only prevent the leak of your IP address. If it has leaked and an attack is performed there are very few chance that you, as a VPS's provider customer, can handle it. You can shutdown your VPS but the traffic will always reach your provider's network.
Speaking of what action you can do:
- Shutdown whatever is not necessary at that moment;
- DON'T REJECT THE TRAFFIC, you let it be dropped with a HUGE timeout, so you can slow down the criminal
- Be sure to use a CDN service which provides minimal protection
- Hardware firewall
- Blackhole where redirect criminals' traffic
- Proper IP filtering systems
I am just a user, I am not aware of how complex is to setup such protection on providers'end. I am very curious, so if any provider read this, let us know what mean to setup a anti-ddos protection!