[CentOS-devel] CentOS services being DDoS'd

Mon Aug 7 21:55:10 UTC 2017
Laurentiu Pancescu <lpancescu at centosproject.org>

On 07/08/17 13:13, Karanbir Singh wrote:
> 
> I had recommended and Fabian looked at mod-evasive, but has reservations
> around that.  how do people these days typically handle flood situations ?
> 

That depends on the size and type of the attack - I think one can only 
fend off small attacks.  People facing DDoS probably host on a service 
like OVH, which employ expensive hardware (e.g. from Arbor Networks) to 
handle layer 3 attacks, or, for layer 7 attacks, hide behind an HTTP 
reverse proxy like CloudFlare.  There are also companies specialized in 
preventing large-scale attacks (like Akamai or Level3), but they tend to 
be quite expensive.  AWS or Google Cloud won't go down either, but the 
bandwidth bill would probably drive a small company into bankruptcy 
really fast.

If it's the same set of IPs, perhaps you could ask the upstream provider 
to filter them.  Is the attack still going on?

Regards,
Laurențiu