|
|
|
|
|
|
by carlosfvp
3586 days ago
|
|
|
There are many services for HTTP protection, but when you have a custom protocol for a RT service like a game, you are kind of screwed. It's even worst if your game is UDP based. I used to get attacked huge a load of corrupt UDP packets for a few seconds and that used to hang the main server, wich in 1 or 2 minutes disconnected all my players. Solution: separate your UDP services from your TCP services in separate applications and servers, also use different type of protection services for each. The attack still hanged the UDP services, so I started thinking about making a plugin for snort to analyse the traffic and only allow legit protocol packets. I haven't done any of this last idea because the attackers stopped since they noticed that no one was being disconnected. BTW, for TCP and HTTP I just used any tiny service that protects me from SYN Flood, like Voxility resellers. |
|
|
If you have custom protocols, you have to get a full /24 mitigation and so far nobody can beat Arbor into it. Very expensive, but works well if you have BGP.