Staying away from packet flooders

Portal Home > Knowledgebase > Articles Database > Staying away from packet flooders

Posted by Morfi, 08-26-2013, 09:45 PM
Hello. I assume that I can't do much to solve my issue but I feel so hopeless that it makes me create this thread anyway. I am running NP voip service since years which helped hundreds thousands users already. This is stricte pro bono. I didn't take out a penny from this while it cost me round 30-40 euro a month for the server. I have been target of some minor attacks in the past but that was never a serious threat. Since couple months I receive 500-1000Mbps attacks on my poor, budget VPS. I have been kicked out from two companies already. I hold no grudge against them since I understand that they don't need ddos magnet for 30 euro a month. Eventually I found some small company in the netherlands where the owner supports the idea of providing this service and he declared to help me with this. Despite his good intentions server's still dying quite often and I see those attacks affects his homepage too so I presume that sooner or later he will delegate me too. I sometimes wonder why I insist so much on keeping this service alive. I put my time, time of the people who help me (admins), money and have to deal with ******** who consistently try to ruin this. I think I'm doing this since I would regret closing that after so many years as whole effort I put into it would be a waste. Thinking of who might have interest in putting this down I can only think of companies who sell similar services for money. They try to get rid of major free-of-charge servers so eventually people will be left with no option but to come to them and pay. So unfair. Getting back to meritum. What could possibly be done to help this situation. Simply swallow it and hope one day it'll stop or fight against it. But how can I fight against it with so limited budget? I can't put (much)more cash into this nonprofit idea :/ Thanks in advance for any tips, pats and hugs Mike Last edited by Morfi; 08-26-2013 at 09:54 PM.
Posted by JustinAY, 08-27-2013, 02:27 AM
You will need to find a host that will routinely block these attacks for you, or go for a high bandwidth host that will (hopefully, probably not) absorb these attacks without giving you the stink eye. The problem with this is somebody has to pay for the attack. What kind of packets are they and how long do these 500mbps-1gbps floods last?
Posted by Morfi, 08-27-2013, 04:03 AM
They are UDP packets. Usually provicer cut out the network in order to handle the attack and it's back after ~10 min. First major attack was nearly 600Mbps, last one almost 900Mbps. So basically you say that I would need 10Gbps port in order to be able to handle those. Still, assuming that I do, I usually have some limit like 10TB/month, wouldn't such constant attacks eat it up within couple days?
Posted by JustinAY, 08-27-2013, 05:08 PM
It depends on how long the attack runs. Unfortunately unless you can find somebody who will willingly invite attacks into their network for your price point, there isn't much you can do here.
Posted by Steven, 08-27-2013, 05:26 PM
You just need to host with a provider that offers real ddos mitigation, it prices more than a typical vps will cost. Example: http://www.blacklotus.net/host/cloud-servers 10Gbit of protection, 6 Million PPS 10TB of 'clean' traffic.

Add to Favourites Print this Article