OVH Community, your new community space.

Feedback on the scans and some thoughts


Myatu
04-06-2010, 13:04
(Well, this post disappeared for a moment... As I was saying...

Admittedly, SSH brute force attempts dropped drastically. So the scanning certainly has been reduced. I do like the idea of protecting UDP as well - 1 is reasonable, IMO, since it isn't likely needed for all your IPs.

Oles
04-06-2010, 12:44
Hello

This week, we have put in place protections on
our network on ICMP (against Smurf attacks) and TCP/SYN
(against synflood attack ). At our level, we see a marked decrease in
level of attacks but there was a decrease
of ... scans. Both the SSH and HTTP. It still exists, but -90% or less ...

Do you find also fewer scans?

In any case, these protections are enjoyed by all and
are activated by default for all our customers: shared
hosting, the RPS, dedicated servers and housing. Level
TCP and ICMP.

We're thinking to offer you a protection service on the UDP
layer but as it depends on what you do with the server
we can not activate it by default and for all and in addition,
you must choose the type of protection. In fact, you protect it
differently whether it's a game server, a DNS server or
a VPN server or asterisk server.

We're thinking to offer different protection in different cases.
For this service there may be a charge to be paid, just to limit
the resources of our routers, i.e. the number of IP that
we will protect. For example 1/month/IP.... a ridiculous price
for the service given (have your site UP not the price).

What do you think about it?

Regards
Octave