Questions? Start a Support Ticket
User Registration
Customer Login

Knowledgebase

Portal Home > Knowledgebase > Articles Database > 80GB/s Heavy Port Flood +Synflood Ddos attacks & Firewall Not Works?! I need help


80GB/s Heavy Port Flood +Synflood Ddos attacks & Firewall Not Works?! I need help




Posted by NikiPink, 05-03-2013, 03:32 AM
Hi all My Server is under 80GB/s Heavy Port Flood +Synflood Ddos attacks. These attacks are in the order of 80GB/s, and a Cisco firewall can cover only till 10GB/s attacks I can't buy a very expensive firewall. Server is down now , Please help me , How can i do ? Thanks a lot ♥
Posted by NikiPink, 05-03-2013, 04:12 AM
it is not one or ten ip , it is 300,000 _ 400,000 Online
Posted by DDoSDefend, 05-03-2013, 04:15 AM
Who provided you with this figure? Have they provided you with graphs? 80Gbps attacks still remain fairly rare. I would be skeptical that the attack you are receiving is this large. On the off chance it is, there's no escaping the fact that you're going to need quite a large budget in order to find the appropriate filtering.
Posted by mahdy_sharifi, 05-03-2013, 05:26 AM
Hi : This is our server (This topic starter is my friend). Not provide any doc or graph yet , but our support server tell us about this rate , I see till 1Gb/s from server and when rate fly over 1G server completely down and we force disable network so I can't see exact rate myself.
Posted by DDoSDefend, 05-03-2013, 05:42 AM
I would recommend finding another provider willing to measure the attack and verify the real attack size. The attack may in reality be significantly smaller.
Posted by ClearDDoS, 05-06-2013, 10:06 AM
I think your concern is not firewall but the bandwidth. Seek for DDoS protection provider solution will be most effective and cost saving.
Posted by Server Management, 05-06-2013, 10:16 AM
Obtain the IP's who are attacking you and report them based on size, Once you knock off the heavy hitters things might stable out more for you.
Posted by reto, 05-06-2013, 11:13 AM
There's not much you can do yourself if you're being hit with attacks of that magnitude. As someone said, you can try and get real IP's for the port attack, however I seriously doubt the bulk of the flood is generated on L7. Most probably, The SYN (and possibly UDP) flood is what's eating up the bandwidth here and unfortunately, most of this kind of attacks are with spoofed IP's in source, so getting a list of them won't help at all.
Posted by Server Management, 05-06-2013, 12:22 PM
Nothing wrong with getting a list and giving the IP's a once over spoofed or not IP address inspection and report any that you can is a worth while measure to help narrow down the attack fairly quick without stumping out tons of cash, Just a few hours of time and maybe the help of a DC tech, etc
Posted by Intreppid_Jonathan, 05-06-2013, 01:27 PM
If you are being attacked with 80gbps of spoofed ips: Blocking ip's wont matter, they will change the ips and hit you again. 80 GBps is huge, I highly doubt that is the number you are getting hit with. Never take a providers word for anything unless they have specific numbers or reporting systems that provide it. Them simply saying you are being hit with X amount with no proof means to me that they are trying to scam you, or trying to kick you off the network. If their network is getting slammed with 80gbps, they would be offline most likely, there are very little networks out there that can handle 80gbps of traffic. Getting a list of millions of spoofed ips to block is a waste of your time and the isp's time. The only true way to mitigate ddos is through protection provided by ddos mitigation providers. Blocking spoofed ip's won't do much good.
Posted by Mr Ras, 05-06-2013, 10:28 PM
Expensive but good protection would be cloudflare They help protect my site against massive attacks from a few gb/s. A cheaper option would be to setup a reverse proxy vps on a ddos protected network or just get a reverse proxy with ddos protection
Posted by Cltcam, 05-06-2013, 10:39 PM
I recommend Cloudflare too. By purchasing one of Cloudflare's paid solutions, you would get a lot of tools beneficial to your website as well.
Posted by mummy, 05-07-2013, 11:07 AM
CF will probably mitigate your L3-4 floods, but when it comes to L7, they're not that great.


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
Help! Need trusted service. (Views: 696)
nagios installation on cpanel (Views: 689)
Can't see transmitting traffic with any tools (Views: 779)
Support for users (Views: 710)
Becoming a web host/ supplier (Views: 728)


Language:

Our Services

Client Menu

Legal

Terms of Service | Privacy Policy | Refund Policy | Affiliates
Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.