[adrenalinup]

Cloudflare is only for HTTP and internet is more than just HTTP.

I had a irc server for my friends, one of not-so-friendly visitors told me that the server will get down, and it went down. I lost ping to my server, CPU & the bandwidth were all at 100%. The support told me that I should use another company. I went to a company that has DDoS protection http://www.online.net/

I find it unacceptable that you can be DDoSed so easily, it's like we're still in 90'.. DDoS protection should be something ubiquitous for small power servers like VPS, otherwise it's trivial to get them down.

[nwh]

> I find it unacceptable that you can be DDoSed so easily, it's like we're still in 90'..

You can't stop resource exhaustion attacks no matter what you do. There's always someone with a bigger pipe. I'm still baffled that it's 2014 and I can't flush my gumboots down my toilet yet, shouldn't we have solved that already?

> I went to a company that has DDoS protection

What exactly does that entail, technically? Smells like snake oil to me.

[larsmak]

OVH got a pretty good write-up on their blog[1], well worth a read. It looks as if their solution should be able to mitigate layer 3/4 attacks. From the blog: "Our surplus network has a capacity over 2 Tbps. We have three VAC in production, so we can manage up to 480 Gbps/480 Mpps." Cloud-flare took on the larges DDoS ever seen not to long ago, I think it peaked around 400Gbps.

1) http://www.ovh.com/us/blog/a1171.protection-anti-ddos-servic...

[adrenalinup]

>There's always someone with a bigger pipe. I'm speaking here about a small size DDoS (<1GB/s) and not the CloudFlare 40GB/s flood.

>What exactly does that entail, technically? Smells like snake oil to me. At least the simple SYN flood and UDP flood. The atacker in question couldn't have anything sophisticated.