[Discussion]Ways to avoid DDos

[FighterBoss]

Hello maxcheaters :D

 

 Well,nowadays there is in "fashion"(lol) to ddos lineageII servers/communities/websites which are dedicated.So now,you can't buy a dedicate without having something to avoid ddos protection or to get protected.So i made some searches and i keep searching for ways to be protected.You know,dedicate server with ddos protection i think that should be our last choise because they cost a lot!So i'm trying to find something more simple but effective.They are saying that there is no foolproof method to stop 100% of all attacks, but there are ways to protect your servers by applying firewall rules, and detecting and banning attacking IPs.

 

------------

 

I "heard" some ways that might be usefull like to makes use of the APF, BFD, DDoS Deflate and RootKit to detect and protect your server from denial-of-service type attacks.These you can use it to your dedicate server but i don't really know if they are usefull/work.

 

Other says that linux have a usefull firewall or something(?) but i don't have any clue about it.

 

Others using a kind o trick with ips but neither with this i have any clue.

 

I heard also about a program that can help you out.Dos_Deflate is a shell program  that can ban the ips that have reached the specific amount of connections you specified and also they will be banned until the time you have specified in the configuration of Dos_deflate shell program.

 

-------

 

So here it is the topic that will help the guys who don't know nothing about how to protect their server and let the experience guys tell us their opinion.

We all need to know!

 

Thanks and keep your replys into topic.

 

[sparkling]

how to ddos anyways?

[nikarasprotos]

ddos is iligal anyway ;)

[FighterBoss]

ddos is iligal anyway ;)

I know but if all think like that,ddos protection no need....(?)

You find out the responsible for this and do lawsuit

-.-

 

I mean ok it's illegal,but you need a sollution because is not so easy to find out the e-creminal.

Yeah,these guys can't called hackers but e-creminals.

[nikarasprotos]

no but i dont think its is right to lern guys how to attack servers/sites etc...What do you think ?

 

[JoeDaFlow]

DDOS Protection my ass.

Firstly, let me clarify what a DDOS attack means in simply English.

DDOS means, you're getting millions of packets, from a load of different IPs.

 

 

Firstly, no firewall can save you from getting DDOSed, just forget this case.

Why's that, firstly, firewalls are very low in the network hierarchy. Which means, you can get your connection hurt, much before into getting the software.

 

A good DDOS attack, usually exceeds 3 Gps, which means ~your home upload connection * 3000.

In this case, if you have a software firewall, it'll try to migrate good from bad packets, which means your CPU must migrate millions of packets. Just do not fool your self, your CPU won't migrate even 1% of these attacks. So your CPU will get an over-flow, so you'll just get your machine "out of work", which means you'll get a downtime.

About Linux firewalls, they'll just do better the job, cause Linux OS are faster and lighter.

 

That's why your software firewall is totally useless.

 

Now, what firewalls do.

Basically, imagine Firewall software like a police man. Firewall, checks good from bad protection.

If an IP tries to send a bad packet, firewall adds it to the "black-list". If the packet's sender, is on the "black-list", firewall rejects it without even checking it, so you save some CPU cycles this way, if the attacker, sends you many packets, firewall won't able even to inspect them, so you'll get the same result.

 

 

Regarding hardware protection, yeah, hardware -protection-.

Routers, will work the way your firewall would, just that routers are dedicated in doing this job, your router, will work like a CPU that will filter the incoming packets. By the time, it works this way, it can be brought down this way too. Believe me, routers that your ISP provides you won't be strong enough.

 

 

So let's see what can we do:

 

---

 

Well, we can pay.

We can pay a good datacenter with a decent computing-validity router, that will protect us from such DDOS attacks. And this is the best choice, for sure. I'll explain why.

 

Case 1

 

I'll name the first case migration.

Have you can see a diagram.

 

 

So, all the packets get filtered from the basic router of the datacenter, and they allow only clear packets to get into the inner network.

 

E.g: If for example, if a lot of packets come to IP of PC 7, a DDOS attack, router has to migrate it all, so all the rest of the machines have no probs with their connections. So it's just impossible you getting a DDOS attack cause others will have problems too.

 

 

Case 2

 

I'll name the second case hardware-protection.

The diagram is the following.

 

 

So, they just give you a router in front of your server, and then it's up to the router.

If router can handle the attack, then you're protected, if not you're down.

 

E.g: If PC 2 gets a DDOS attack, firewall will just let all the incoming traffic get into, and then your firewall has to fight them.

 

 

 

Another way, is to "hide" your real IP.

Some datacenters, offer a network mask, which will hide your IP.

You just leave your servers just unprotected, state the IP that the company gave to you. The client will send the packets to their server(s), they will send them to you back filtered. Basically, it's the same thing, just it's getting done "remotely".

There are limits there too, if the attack exceeds some Gps, they'll let the packets flow to your server.

 

 

So comparing case Migration with case Hardware-protection, Migration wins.

So, where can I find such datacenters? Hm, I've been good enough today.

[Lucky Dice]

DDOS Protection my ass.

Firstly, let me clarify what a DDOS attack means in simply English.

DDOS means, you're getting millions of packets, from a load of different IPs.

 

 

Firstly, no firewall can save you from getting DDOSed, just forget this case.

Why's that, firstly, firewalls are very low in the network hierarchy. Which means, you can get your connection hurt, much before into getting the software.

 

A good DDOS attack, usually exceeds 3 Gps, which means ~your home upload connection * 3000.

In this case, if you have a software firewall, it'll try to migrate good from bad packets, which means your CPU must migrate millions of packets. Just do not fool your self, your CPU won't migrate even 1% of these attacks. So your CPU will get an over-flow, so you'll just get your machine "out of work", which means you'll get a downtime.

About Linux firewalls, they'll just do better the job, cause Linux OS are faster and lighter.

 

That's why your software firewall is totally useless.

 

Now, what firewalls do.

Basically, imagine Firewall software like a police man. Firewall, checks good from bad protection.

If an IP tries to send a bad packet, firewall adds it to the "black-list". If the packet's sender, is on the "black-list", firewall rejects it without even checking it, so you save some CPU cycles this way, if the attacker, sends you many packets, firewall won't able even to inspect them, so you'll get the same result.

 

 

Regarding hardware protection, yeah, hardware -protection-.

Routers, will work the way your firewall would, just that routers are dedicated in doing this job, your router, will work like a CPU that will filter the incoming packets. By the time, it works this way, it can be brought down this way too. Believe me, routers that your ISP provides you won't be strong enough.

 

 

So let's see what can we do:

 

---

 

Well, we can pay.

We can pay a good datacenter with a decent computing-validity router, that will protect us from such DDOS attacks. And this is the best choice, for sure. I'll explain why.

 

Case 1

 

I'll name the first case migration.

Have you can see a diagram.

 

 

So, all the packets get filtered from the basic router of the datacenter, and they allow only clear packets to get into the inner network.

 

E.g: If for example, if a lot of packets come to IP of PC 7, a DDOS attack, router has to migrate it all, so all the rest of the machines have no probs with their connections. So it's just impossible you getting a DDOS attack cause others will have problems too.

 

 

Case 2

 

I'll name the second case hardware-protection.

The diagram is the following.

 

 

So, they just give you a router in front of your server, and then it's up to the router.

If router can handle the attack, then you're protected, if not you're down.

 

E.g: If PC 2 gets a DDOS attack, firewall will just let all the incoming traffic get into, and then your firewall has to fight them.

 

 

 

Another way, is to "hide" your real IP.

Some datacenters, offer a network mask, which will hide your IP.

You just leave your servers just unprotected, state the IP that the company gave to you. The client will send the packets to their server(s), they will send them to you back filtered. Basically, it's the same thing, just it's getting done "remotely".

There are limits there too, if the attack exceeds some Gps, they'll let the packets flow to your server.

 

 

So comparing case Migration with case Hardware-protection, Migration wins.

So, where can I find such datacenters? Hm, I've been good enough today.

stop copy pasting from other forums to be smard kiddo.

[JoeDaFlow]

Cause, I knew that smart ass lamers like you would claim that I C/Ped this little "enlightenment" answer, I intentionally drawn the diagrams' background color to fit the one of the forum.

 

You are also free to google any phrase I used on this topic, you'll find absolutely nothing.