|
|
|
|
|
|
by kyrra
4473 days ago
|
|
|
Probably. Mitigating a DDOS (from my understanding) has two important things that need to happen. (1) You need a larger incoming pipe than the data being sent to you. (2) you need to ignore invalid requests so you don't flood your outgoing pipe as well. Properly ignoring invalid requests can be a challenge, the process of doing so will depend on the type of attack being used. SYN floods can difficult since the src IP is most likely invalid. The attacks we've seen with DNS and NTP amplification are difficult as the attack isn't trying to get your servers to respond, they are just flooding your incoming pipe with data. If they are trying to abuse some page within your application you can more easily mitigate it as you'll know the source IP of the request so it can be blacklisted. EDIT: a few more details: SYN flood: http://en.wikipedia.org/wiki/SYN_flood DNS Amplification: http://blog.cloudflare.com/deep-inside-a-dns-amplification-d... As for mitigation, while we hear about Cloudflare a lot, AT&T and other large providers can provide DDOS protection for leased lines[0]. Basically what happens, before the data gets to your leased lines, traffic headed to you will go through AT&T's DDOS detection/prevention systems that attempts to filter bad traffic. This type of service would apply more to companies like Linode or possibly the datacenter that they are housed in. [0] http://www.business.att.com/enterprise/Service/network-secur... |
|
|