[CentOS-devel] CentOS services being DDoS'd
Karanbir Singh
mail-lists at karan.orgMon Aug 7 23:08:50 UTC 2017
- Previous message: [CentOS-devel] CentOS services being DDoS'd
- Next message: [CentOS-devel] CentOS services being DDoS'd
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 07/08/17 22:55, Laurentiu Pancescu wrote: > On 07/08/17 13:13, Karanbir Singh wrote: >> >> I had recommended and Fabian looked at mod-evasive, but has reservations >> around that. how do people these days typically handle flood >> situations ? >> > > That depends on the size and type of the attack - I think one can only > fend off small attacks. People facing DDoS probably host on a service > like OVH, which employ expensive hardware (e.g. from Arbor Networks) to > handle layer 3 attacks, or, for layer 7 attacks, hide behind an HTTP > reverse proxy like CloudFlare. There are also companies specialized in > preventing large-scale attacks (like Akamai or Level3), but they tend to > be quite expensive. AWS or Google Cloud won't go down either, but the > bandwidth bill would probably drive a small company into bankruptcy > really fast. > > If it's the same set of IPs, perhaps you could ask the upstream provider > to filter them. Is the attack still going on? all of our infra for edge stuff is hosted in similar facilities. So we have some umbrella, but even then the traffic making it through was huge. Fabian's done some great work today, and thanks to folks making recommendations we were able to close this off without any major impact. -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc
- Previous message: [CentOS-devel] CentOS services being DDoS'd
- Next message: [CentOS-devel] CentOS services being DDoS'd
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list