OVH Community, your new community space.

VAC system - Enable?


macole111
06-09-2013, 20:07
But you can't find anything

-macole111

Tz-OVH
06-09-2013, 19:50
v3 IMHO works the best and is the most stable. It does everything I need and its got the cleanest UI.

ricktza
06-09-2013, 17:32
Quote Originally Posted by JakeMS
I believe OVH plan to add this to the managerv6 (the one with the "available soon" messages everywhere). I think I remember reading this somewhere.

But I reserve the right to be wrong so don't quote me on this .
I thought the highest was v3 :|

It's what i've been using, v4 is non existent, but v5 works.


V5 looks much better compared to what i've been using :P

Express
03-09-2013, 12:44
Quote Originally Posted by Andy
I don't get why OVH don't provide something in the manager for this. Not everyone is a programmer, some people are just server admins where no coding knowledge is really needed.
Exactly the position I am in, I'm the Server Admin for benjwilkins' server and he is actually the one learning properly how to use the API, I mean he's the PHP coder so I'd guess it makes more sense to him by marginal amounts but I can say we were both very confused when we looked at it initially.

I still need to figure out what I'm doing with it, I asked in one of our tickets if anything will be added to the manager and I got a response with a sentence to the effect of: "We're working on it."

Trapper
31-08-2013, 17:07
Quote Originally Posted by Andy
Still, it's not very intuitive. It would work much better if it were in the manager in an easy to use way.
+1

~Trap

LinuxGam
31-08-2013, 11:35
Quote Originally Posted by JakeMS
Correct.

If the network is flooded, it does not matter what you do on the server side of things.

You could have the worlds most powerful server, that could very easily handle the extra load.

However, if it's network interface is flooded, and has no more room to move, it will still fall over sadly.

If the flood is the same as your actual up/down speed it could still flood it as that is just it, it's the "limit" you hit that limit, game over no more connections.

Best case scenario would be your server still responds, but very slowly.
Thanks, confirmed my thoughts.

LinuxGam
31-08-2013, 11:34
Quote Originally Posted by macole111
I would say that the NIC would be flooded anyway, it still has to deal with all the packets even if it isn't fully processing them at the application layer. I bet it would still make your apps respond a lot slower anyway.

-macole111
I am guessing you are right, or people wouldn't spend 1000's on hardware firewalls. I also have a feeling that it wouldn't be as bad as if the server was processing the data on that port. But I am not 100% sure either way.

JakeMS
31-08-2013, 11:33
Quote Originally Posted by macole111
I would say that the NIC would be flooded anyway, it still has to deal with all the packets even if it isn't fully processing them at the application layer. I bet it would still make your apps respond a lot slower anyway.

-macole111
Correct.

If the network is flooded, it does not matter what you do on the server side of things.

You could have the worlds most powerful server, that could very easily handle the extra load.

However, if it's network interface is flooded, and has no more room to move, it will still fall over sadly.

If the flood is the same as your actual up/down speed it could still flood it as that is just it, it's the "limit" you hit that limit, game over no more connections.

Best case scenario would be your server still responds, but very slowly.

macole111
31-08-2013, 11:28
I would say that the NIC would be flooded anyway, it still has to deal with all the packets even if it isn't fully processing them at the application layer. I bet it would still make your apps respond a lot slower anyway.

-macole111

LinuxGam
31-08-2013, 11:08
I have a question on DDOS, if there are any firewall experts out there. Say someone did a distributed attack with say 200mb/sec of data in large chunks to your NIC and you dropped every packet with a software firewall.

Would a 200mb/sec connection be totally flooded or does it just read the header and drop it without bothering with the data packets? Or does the fact you have the traffic coming down the line flood it regardless of how the NIC handles it?

Andy
31-08-2013, 10:48
Still, it's not very intuitive. It would work much better if it were in the manager in an easy to use way.

JakeMS
31-08-2013, 10:46
Quote Originally Posted by Andy
I don't get why OVH don't provide something in the manager for this. Not everyone is a programmer, some people are just server admins where no coding knowledge is really needed.
I believe OVH plan to add this to the managerv6 (the one with the "available soon" messages everywhere). I think I remember reading this somewhere.

But I reserve the right to be wrong so don't quote me on this .

jonlewi5
31-08-2013, 10:44
Quote Originally Posted by Andy
I don't get why OVH don't provide something in the manager for this. Not everyone is a programmer, some people are just server admins where no coding knowledge is really needed.
Agree'd.
im dangerous with any kind of coding.

LinuxGam
31-08-2013, 10:43
Quote Originally Posted by Andy
I don't get why OVH don't provide something in the manager for this. Not everyone is a programmer, some people are just server admins where no coding knowledge is really needed.
I think you can just use the Web API page manually as well. They have given a FORM for every function.

Andy
31-08-2013, 10:41
I don't get why OVH don't provide something in the manager for this. Not everyone is a programmer, some people are just server admins where no coding knowledge is really needed.

LinuxGam
31-08-2013, 10:39
Quote Originally Posted by LawsHosting
Documentation wouldn't go a miss! What are we supposed to do? Set all IPs up?
I get the impression that it automatically blocks attacks it knows are attacks, but you also can add IP's manually.

It wouldn't be too hard to write something in Python that you can quickly run a script from the command line to add IP's. Or if you wanna be clever, you can scan your syslog for IPtables packet drops and auto-ban IP's that show up a certain amount of time in a certain period or potentially web request logs if that's where it is hitting you.

LawsHosting
31-08-2013, 10:21
Quote Originally Posted by Trapper
https://api.ovh.com/console/#/ip
...as this will take you to the (not obvious) IP section where the settings are made.
Documentation wouldn't go a miss! What are we supposed to do? Set all IPs up?

Trapper
31-08-2013, 00:26
Quote Originally Posted by Neil
Hello

When you attacked you are automatically protected by the system, and if your server is not attacked then it is not routed through the system, you can manage it via the APi, see https://api.ovh.com/
A better link maybe:

https://api.ovh.com/console/#/ip

...as this will take you to the (not obvious) IP section where the settings are made.

As I have mentioned to others, join the mainling list at: ddos-subscribe@ml.ovh.net

Mostly French, but if you ask in English, the replies will be English...

~Trap

Neil
30-08-2013, 18:05
Hello

When you attacked you are automatically protected by the system, and if your server is not attacked then it is not routed through the system, you can manage it via the APi, see https://api.ovh.com/

Mac
30-08-2013, 17:35
They are rolling our their VAC system in mid september and as of now it seems to be a test service.

Andy
30-08-2013, 16:27
End of September I think it's going to be enabled for all, but you won't go through it all the time. It'll only activate if done manually or if it detects at attack I believe.

Tz-OVH
30-08-2013, 16:25
I thought everyone was being protected by default now

benjwilkins
30-08-2013, 15:24
Hi, I have been getting attacks on my server about every 6 hours, they only last a small time, but enough to knock all my gameservers and webserver offline.

I have asked OVH to put me in the VAC system, and I was for the past 5-6 hours, and I had no problems, but now I just did a traceroute and it no longer goes through the VAC systems.

Does anyone know about this? Can I permanatly have all my data go through the VAC. What is the point of protecting me after an attack when I have already lost connection. They said I should use API, but I added and I could not connect to anything, it seemed all ports were closed, and the Rules didnt work.