|
|
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
2007-06-08, 07:00 AM | #1 |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
DDOS attacks, is there such thing as a hosting company invincible to them?
Anyone know of any hosting companies (with reasonable prices) that are invincible to DDOS attacks? If that is even possible?
I've been getting attacked for the 2nd time in about a month Please help thanks |
2007-06-08, 08:47 AM | #2 |
Banned
Join Date: Aug 2003
Location: Mohawk, New York
Posts: 19,477
|
I don't think preventing them is possible but Sparky does a good job with anything that comes around.
http://www.colo-cation.com |
2007-06-08, 02:26 PM | #3 |
Jim? I heard he's a dirty pornographer.
Join Date: Aug 2003
Location: Washington, DC
Posts: 2,706
|
Yeah, just like it's impossible for a system to shave and monkeys fly out of my butt
Since DOS attacks often use new exploits no one is completely impenetrable. Jim mentions a company that has a good reputation and I'm certainly happy with http://mojohost.com |
2007-06-08, 02:52 PM | #4 |
NYC Boy That Moved To The Island
|
the most important thing is to have GOOD 24/7 tech support
you should test your hosting company once in awhile get in at 4 am sunday morning pick up the phone and dial the number and see if someone picks up or if it goes to voice mail
__________________
Accepting New partners |
2007-06-08, 03:21 PM | #5 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Happened to one of my servers and Sparky made the issue go away within 15 minutes.
|
2007-06-08, 11:44 PM | #6 | |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
Quote:
LOL, trust me, i am VERY happy to be moving away from my current hosting company........... same thing happend last month on my last DDOS attack Last edited by jscott; 2007-06-08 at 11:46 PM.. |
|
2007-06-11, 01:06 PM | #7 |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
Hello JScott,
Well http://www.caro.net would certainly like the opportunity to earn your business. Hit me up directly and I would be happy to discuss this further with you. In the meantime good luck with your search. |
2007-06-20, 12:50 PM | #8 |
Internet! Is that thing still around?
Join Date: Apr 2006
Posts: 2
|
evrything is proventable when it comes to ps security but have you ever thoguth that some ppl or companies want this to happen so they can find a way to scam you or take soemthign from you and then use ddos attacks and stuff to cover the stealing. Only way to prevent is to set up a proper firewall and keep an eye outfor suspecious events on your server its as simple as that. also its important to keep patches and system upto date.
also The Isps take care of some of the ddos attacks only ddos attack that gets through isp is the behaviour based one meaning ddos base on the actions of the victim. Last edited by Irnesto; 2007-06-20 at 12:52 PM.. |
2007-06-20, 12:53 PM | #9 |
Internet! Is that thing still around?
Join Date: Apr 2006
Posts: 2
|
Surviving attacks
The easiest way to survive an attack is to have planned for the attack. Having a separate emergency block of IP addresses for critical servers with a separate route can be invaluable. A separate route (perhaps a DSL) is not that extravagant, and it can be used for load balancing or sharing under normal circumstances and switched to emergency mode in the event of an attack. Filtering is often ineffective, as the route to the filter will normally be swamped so only a trickle of traffic will survive. However, by using an extremely resilient stateful packet filter that will inexpensively[12] drop any unwanted packets, surviving a DDoS attack becomes much easier. When such a high performance packet filtering server is attached to an ultra high bandwidth connection (preferably an Internet backbone), communication with the outside world will be unimpaired so long as not all of the available bandwidth is saturated, and performance behind the packet filter will remain normal as long as the packet filter drops all DDoS packets.[13] It should be noted however, that in this case the victim of the DDoS attack still would need to pay for the excessive bandwidth. The price of service unavailability thus needs to be weighed against the price of truly exorbitant bandwidth/traffic. [edit] SYN Cookies SYN cookies modify the TCP protocol handling of the server by delaying allocation of resources until the client address has been verified. This seems to be the most powerful defense against SyN attacks. There are Solaris and Linux implementations. The Linux implementation can be turned on during runtime of the Linux kernel. [edit] Firewalls Firewalls have simple rules such as to allow or deny protocols, ports or IP addresses. Some DoS attacks are too complex for today's firewalls, e.g. if there is an attack on port 80 (web service), firewalls cannot prevent that attack because they cannot distinguish good traffic from DoS attack traffic. Additionally, firewalls are too deep in the network hierarchy. Your router may be affected even before the firewall gets the traffic. Nonetheless, firewalls can effectively prevent users from launching simple flooding type attacks from machines behind the firewall. Modern stateful firewalls like Check Point FW1 NGX & Cisco PIX have a built-in capability to differentiate good traffic from DoS attack traffic. This capability is known as a "Defender", as it confirms TCP connections are valid before proxying TCP packets to service networks (including border routers). A similar ability is present in OpenBSD's pF, which is available for other BSDs as well. In that context, it is called "synproxy". [edit] Switches Most switches have some rate-limiting and ACL capability. Some switches provide automatic and or system-wide rate limiting, traffic shaping, delayed binding (TCP splicing), deep packet inspection and Bogon filtering (bogus IP filtering) to detect and remediate denial of service attacks through automatic rate filtering and WAN Link failover and balancing. These schemes will work as long as the DoS attacks are something that can be prevented using them. For example SYN flood can be prevented using delayed binding or TCP splicing. Similarly content based DoS can be prevented using deep packet inspection. Attacks originating from dark addresses or going to dark addresses can be prevented using Bogon filtering. Automatic rate filtering can work as long as you have set rate-thresholds correctly and granularly. Wan-link failover will work as long as both links have DoS/DDoS prevention mechanism. [edit] Routers Similar to switches, routers have some rate-limiting and ACL capability. They, too, are manually set. Most routers can be easily overwhelmed under DoS attack. If you add rules to take flow statistics out of the router during the DoS attacks, they further slow down and complicate the matter. Cisco IOS has features that prevents flooding, i.e. example settings [14]. [edit] Application front end hardware Application front end hardware is intelligent hardware placed on the network before traffic reaches the servers. It can be used on networks in conjunction with routers and switches. Application front end hardware analyzes data packets as they enter the system, and then identifies them as priority, regular, or dangerous. There are more than 25 bandwidth management vendors. Hardware acceleration is key to bandwidth management. Look for granularity of bandwidth management, hardware acceleration, and automation while selecting an appliance. [edit] IPS based prevention Intrusion-prevention systems are effective if the attacks have signatures associated with them. However, the trend among the attacks is to have legitimate content but bad intent. IPSs which work on content recognition cannot block behavior based DoS attacks. An ASIC based IPS can detect and block denial of service attacks because they have the processing power and the granularity to analyze the attacks and act like a circuit breaker in an automated way. A rate-based IPS (RBIPS) must analyze traffic granularly and continuously monitor the traffic pattern and determine if there is traffic anomaly. It must let the legitimate traffic flow while blocking the DoS attack traffic. |
2007-06-20, 05:29 PM | #10 |
If something goes wrong at the plant, blame the guy who can't speak English
Join Date: Mar 2005
Posts: 34
|
It's impossible to be 100% anything on the internet but you can get really close.
|
2007-06-21, 10:52 AM | #11 | |
I'm going to the backseat of my car with the woman I love, and I won't be back for TEN MINUTES
Join Date: Nov 2006
Posts: 81
|
Quote:
That leaves us to relying on the hosting company to help. Some hosts are much better than others. Using webair now and know that if I get to Mike, he will move mountains to resolve problems. They are also 24/7. I've tallked to 'em in the middle of the night and middle of the day. First step is to realize that you have an active problem. Anyone have comments on hosting companies better than others or what the smaller webmaster can do would be appreciated.
__________________
Thunder-Ball.net - Member |
|
2007-06-26, 03:33 PM | #12 |
Aw, Dad, you've done a lot of great things, but you're a very old man, and old people are useless
|
I usually just restart the server and they go away
|
2007-06-27, 04:55 AM | #13 |
Trying is the first step towards failure
Join Date: Oct 2004
Posts: 128
|
If you're looking to topnotch security I can recommend that you talk to Dweeks at swiftwill.com - don't look at the prices on their site - they are not updated for years, since they don't search for new customers, but is recommended mouth to mouth.
|
2007-07-01, 09:51 AM | #14 |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
Irnesto, thanks for your info man, i'm reading it all now
Gasper, lol, are you totally sure that you've been DDoS'd? pussyserver, i totally agree with you man, most of us dont have funds like a Google or MSN might have to help keep our sites up during an attack, the server company i'm moving away from couldnt handle shit, he said i just need to wait til the attacks stop, and i said "so if he never stops then my sites will never be online?" he replied with "yes" and that said to myself i NEED to get the fuck away from them, moving to JupiterHosting now |
2007-07-01, 09:58 AM | #15 |
Aw, Dad, you've done a lot of great things, but you're a very old man, and old people are useless
|
jscott, was just kiddin'. But a restart helps when you get your site on passwords lists. Seems they automatically check every second or so if the password is still valid so if I restart the server, they delete the user/pass.
|
2007-07-01, 10:21 AM | #16 | |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
Quote:
btw, nice site, pls hit me up if you'd like to promote your site on my leg webmasters community 130321510 |
|
2007-07-02, 03:36 PM | #17 | |
Internet! Is that thing still around?
Join Date: Jul 2007
Posts: 2
|
Quote:
|
|
2007-07-02, 07:05 PM | #18 |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
To have really good protection against DDOS attacks generally means having
seperate hardware sitting in front of the server filtering the attacks. This hardware can be expensive. Howver, simple things like syn cookies can often do the job. First, though, a few questions. Are you REALLY sure it's a DDOS attack as opposed to a dictionary attack or brute force attack? I see dictionary attacks far more often than I see DDOS on porn sites and they can have similar effects but a different reponse is required in each case. Secondly, if it is a DDOS attack, why are they attacking you? Generally noone has anything to gain from a DDOS attack, so if someone is DOS attacking you you must have really pissed them off. Are you a spammer, content thief, etc? If so, the best response is to stop being an asshole and pissing people off. The people who need to hear this may have a hard time understanding it, so I'm going to repeat. If you are doing something slimy that causes people to want to attack you, cut that shit out! It REALLY does work better to play fair. This is coming from someone who has been ful time in this business from over a decade, so I speak from experience, not from some moral theory. If it is a DDOS and you're not a slimeball, you long has this been going on. Quite likely whoever is pissed at you will find someone new to be pissed at tommorrow and you don't have to worry about it anymore. Provided the above conditions are met, you're sure it's a DDOS, you're not a slimeball, and it continues for a long time, Swiftwill and Phatservers would be good to talk to. Swiftwill is extremely security consious, so they may know a lot about these types of attacks and be able to help you. Phatservers just kicks ass all around. They know what they are doing with anything having to do with a server and their customer support is ridiculously good. They aren't specifically targetted at security like Swiftwill is. |
2007-07-02, 08:47 PM | #19 |
Kodak Ghosts Run Amok
Join Date: Apr 2003
Location: Hobbs End
Posts: 1,718
|
well, for what its worth. i have to vote for sparky at colo-cation.com. if you are not hosting with them you are prolly gay
|
2007-07-03, 07:48 AM | #20 |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
Hey Ray (raymor), i had 2 separate managed hosting and both confirmed it was DDOS
and, I have also been in this biz for about a decade. and 2. i list all my sites right out there on the front for everyone/anyone to see www.jscottcash.com/traffic.php, i'm not afraid to show anyone all my sites, and all my operations, i build quality sites, i HATE skim, popups, spam, etc etc, everything that general majority of surfers hate, i also hate, and i dont sell out to put that bullshit on my sites i hate skim, popups, exits, sloppyness, broken links, virus's, torrents, zango, content thiefs (i'm a soon to be exclusive paysite owner myself). etc etc i even hold back from making more $ on my sites because i dont want to squish a bunch of ugly ads all over my pages and only other thing could be if i'm an asshole, and i am FAR FAR from an asshole, i've been brought up by a great family, i am generally a nice guy, i like to drink, i dont cause trouble, sometimes i am too honest on public boards i think (about sponsor conversions etc and sponors giving no aff support) i have only ONE known enemy that was from that enemy DDoS attacking a friend of mine sites, i talked shit to him saying he is a piece of shit on every thread i could so people would be aware of him, HE is the guy i think was doing the attacks (if not him, then i think 100% random attack) |
2007-07-03, 09:53 AM | #21 |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
Sounds like you've pretty well nailed it down, the jscott.
I should be clear I wasn't suggesting that you were a slimeball in any way. That was just one of several questions a person should ask themselves when they are being attacked in order to determine the best course of action to take. Sometimes people get attacked because they piss people off, sometimes people get attacked because they look like an easy target, and sometimes just because the attacker is evil. It helps to know which one when you're trying to figure out how to stop it. |
2007-07-03, 11:05 AM | #22 |
I saw weird stuff in that place last night. Weird, strange, sick, twisted, eerie, godless, evil stuff. And I want in
|
Raymor, understood! thanks man i figured thats how you meant it, i just wanted to make sure everyone knew my status, that i'm not involved in anything deemed as bad online, except for the fact that i do adult sites, and only softcore sites at that hehe
|
|
|