My thoughts on DDoS Mitigation

Discussion in 'Server & Community Management' started by CCT, Jun 29, 2013.

  1. CCT

    CCT
    Supporter

    A grain of salt from your fellow potato:
    As you can see in this image [www.imgur.com/v8h90EY.jpg] I deal with a significant amount of botnet-owning script kiddies.

    I have seen many threads recently regarding DDoS attacks/mitigation and if I feel obligated to share some of my input on the matter, primarily because 99% of the thoughts I have read here about anything related to DDoS attacks are brainless (to put it as nice as I can).

    Staminus is my current provider for DDoS mitigation (along with hosting). I am generally unaffected by "large" DDoS attacks, however every once in a while someone comes along who can interrupt my servers (such as the 23gbps attack in the image, as an interesting note I was actually not null routed nor heavily affected during that attack although the chart says I was).

    After some consideration, my thoughts on the most effective way of mitigating DDoS attacks put simply is as follows: Get several proxies from Javapipe and use a round robin DNS (CloudFlare or DNSMadeEasy) - subsequently the attacker will have to split their attack and still have a lot to bring you down. Most botnets don't have much, if any capability to attack multiple hosts. Put the pieces together and you would end up with as many heavily protected IP addresses you need and, no matter how fast the attack, an attacker could rarely ever bring down more than a fraction of your server. Javapipe's mitigation is very real and I have seen them protect services far above their limits as long as the attack doesn't last very long. This concludes my thoughts
     
    #1 CCT, Jun 29, 2013
    Last edited: Jun 29, 2013
    • Disagree Disagree x 2
  2. Ash

    Ash

    Javapipe can not handle more then 400 user's without derping out from what i hear :(
     
  3. Wazez

    Patron

    Staminus provides attack logs and graphs?
     
  4. PhanaticD

    Patron

    If you get a dedicated protection, not shared, but dont quote me on that
     
  5. joehot200

    Supporter

    He is talking about multiple JavaPipes - if you had, say, 400 players accross 4 JavaPipe's, thats about 100 players per JavaPipe.
     
  6. Off topic but what server is yours?
     
  7. CCT

    CCT
    Supporter

    kyllingman2 If you're talking to me I own Minetime. The IP is minetime.com
     
  8. Was talking to you:) now it makes more sense with the 23gbps attack...
     
    • Disagree Disagree x 1
  9. Ash

    Ash

    Unless javapipe gives you a really good deal that would cost alot. and anyways if you need that much protection and can pay alot can't you just buy a box at cnservers? that is if you are really big :p