OVH Community, your new community space.

DDOS protection


ctype_alnum
20-12-2013, 14:12
Ditto
RikT
20-12-2013, 13:20
Alex why do you keep double posting your profanities in loads of threads its very annoying much like yourself i would guess, if services are so bad then leave simple answer if they are not then please just shut up!!!
alex
20-12-2013, 07:59
once again proof that the OVH network or DDOS protection is sucks, I have terminated myself the DDOS better than f*cking your DDOS protection, see example of DDOS:



for people who don't know how terminate:
1) go to new control panel
2) check the stats per IP address
3) find most active one (more packets)
4) go to add firewall rules
6) create rule and refuse all connections as OVH network is sucks to filter attack!
rickyday
16-09-2013, 16:14
Good stuff thanks for the update Neil
Neil
16-09-2013, 13:02
Hi

You can now manage it from the new manager, see https://www.ovh.com/manager/dedicated/index.html - click on the server you can manage the DDOS and Firewall rules at the bottom.
LawsHosting
11-09-2013, 18:47
Quote Originally Posted by macole111
To the point where important changes to IP addresses are mentioned with no details, on an unrelated mailing list no-one looks at.
I'm subscribed, but I have to get GMail to translate every post! Frenglish isn't my strong point. I do try though.
rickyday
11-09-2013, 16:40
Quote Originally Posted by macole111
To the point where important changes to IP addresses are mentioned with no details, on an unrelated mailing list no-one looks at...

-macole111
and on Twitter where there are some nice photographs of the kit involved
macole111
11-09-2013, 16:34
Quote Originally Posted by rickyday
no wonder Oles is soo excited about this protection.
To the point where important changes to IP addresses are mentioned with no details, on an unrelated mailing list no-one looks at...

-macole111
rickyday
11-09-2013, 16:26
Quote Originally Posted by alex
wow, after activation of the DDOS protection I can see the result, see graph:
I am no expert on DDOS attacks but that % reduction looks particularly impressive, no wonder Oles is soo excited about this protection.
alex
11-09-2013, 10:21
wow, after activation of the DDOS protection I can see the result, see graph:
Tz-OVH
10-09-2013, 17:00
incorrect post, pls ignore this
alex
10-09-2013, 15:47
Found how to activate the firewall and DDOS protection.

1) Need to enter the IP address into firewall
2) Activate migration
alex
10-09-2013, 15:34
Quote Originally Posted by Neil
Not yet, very shortly in the panel, for now just via the API.
Any English manual how to activate or how to use API, please? Have you got any positions in your company? as it seems to me the basic of communication is gone, I will be happy to take position of Communication Manager and roll out better services and ideas/plans for customers.
Tz-OVH
10-09-2013, 12:27
This whole API thing is confusing to those of us who don't use APIs...especially since these are personal servers.
AndyS
10-09-2013, 12:04
Quote Originally Posted by TheBritoid
I activated it on a Kimsufi server and it worked for me. I tried it on a FO IP though.
I get the result below whet using get object

{
ipOnMitigation: "188.165.234.xxx"
forced: true
state: "ok"
}

With the response:
Forbidden (403)
{ "message": "This ip is currently under attack" }

If i try to remove the IP from mitigation.

But at the same time, the trace gives:

12 20 ms * * ldn-5-6k.uk.eu [94.23.122.201]
13 23 ms 24 ms 24 ms rbx-g2-a9.fr.eu [91.121.128.167]
14 23 ms * 23 ms vss-3-6k.fr.eu [213.251.130.77]
15 23 ms 23 ms 23 ms ks214xxx.kimsufi.com [188.165.234.xxx]

Which is confusing me.
TheBritoid
10-09-2013, 11:14
Quote Originally Posted by AndyS
For me the API constantly says the VAC is active, but a traceroute reveals

Code:
 12     *        *        *     Request timed out.
 13    24 ms    24 ms    24 ms  rbx-g2-a9.fr.eu [91.121.128.167]
 14    23 ms     *       23 ms  vss-3-6k.fr.eu [213.251.130.77]
 15    24 ms    23 ms    23 ms  ks214xxx.kimsufi.com [188.165.234.xxx]

Trace complete.
This didn't change during 2 extended attacks yesterday that maxed out the bandwidth for about an hour.

Is it the case that the api is not functional for kimsufi servers and if so what is the criteria for an attack that activates it?

I activated it on a Kimsufi server and it worked for me. I tried it on a FO IP though.
AndyS
10-09-2013, 10:07
For me the API constantly says the VAC is active, but a traceroute reveals

Code:
 12     *        *        *     Request timed out.
 13    24 ms    24 ms    24 ms  rbx-g2-a9.fr.eu [91.121.128.167]
 14    23 ms     *       23 ms  vss-3-6k.fr.eu [213.251.130.77]
 15    24 ms    23 ms    23 ms  ks214xxx.kimsufi.com [188.165.234.xxx]

Trace complete.
This didn't change during 2 extended attacks yesterday that maxed out the bandwidth for about an hour.

Is it the case that the api is not functional for kimsufi servers and if so what is the criteria for an attack that activates it?
Neil
09-09-2013, 14:58
Quote Originally Posted by alex
According to the pictures:
http://www.ovh.co.uk/anti-ddos/firewall-network.xml
and my manager at the following UR:
https://www.ovh.com/manager/dedicated/login.html
the service is not available but I was charged for it - to me it's undelivered service and misleading service.
Quote Originally Posted by alex
According to your images, every customer can manage every IP address:
http://www.ovh.co.uk/anti-ddos/firewall-network.xml
According to my control panel - nothing able to do:
Not yet, very shortly in the panel, for now just via the API.
alex
09-09-2013, 14:46
Quote Originally Posted by Neil
Slow down please

The DDOS Protection is for everyone, but as explained in the pictures it is only routed through the system when you are attacked.

Currently you can only manage it via the API at https://api.ovh.com/ and shortly via the OVH Manager, you can test it via adding your IP to the API then doing a traceroute you will then see it.
According to your images, every customer can manage every IP address:
http://www.ovh.co.uk/anti-ddos/firewall-network.xml
According to my control panel - nothing able to do:
Trapper
09-09-2013, 14:40
Quote Originally Posted by Neil
...but as explained in the pictures it is only routed through the system when you are attacked....
Actually Neil, I did not find those clear. Probably because it show "with" and "without" protection, so people will think they are "without". If there was something to indicate the detector, then it may make more sense.

~Trap
Trapper
09-09-2013, 14:37
Only trying to be helpful:

You will not see any trace of VAC unless you are currently protected. Something in the network detects an attack, then the routing is changed so that you are protected. Once the attack is over, there is a cool-down period, after which you will be removed again.

HTH

~Trap
Neil
09-09-2013, 14:28
Quote Originally Posted by alex
According to the pictures:
http://www.ovh.co.uk/anti-ddos/firewall-network.xml
and my manager at the following UR:
https://www.ovh.com/manager/dedicated/login.html
the service is not available but I was charged for it - to me it's undelivered service and misleading service.
Slow down please

The DDOS Protection is for everyone, but as explained in the pictures it is only routed through the system when you are attacked.

Currently you can only manage it via the API at https://api.ovh.com/ and shortly via the OVH Manager, you can test it via adding your IP to the API then doing a traceroute you will then see it.
alex
09-09-2013, 14:21
According to the pictures:
http://www.ovh.co.uk/anti-ddos/firewall-network.xml
and my manager at the following UR:
https://www.ovh.com/manager/dedicated/login.html
the service is not available but I was charged for it - to me it's undelivered service and misleading service.
Tz-OVH
09-09-2013, 12:58
Quote Originally Posted by K.Kode
They are placed under VAC once an 'attack' is detected (also possibly via API).
Exactly what I thought as well, based upon the many posts here about VAC.
alex
09-09-2013, 12:44
Quote Originally Posted by K.Kode
They are placed under VAC once an 'attack' is detected (also possibly via API).
Based on the plan:
http://www.ovh.co.uk/anti-ddos/anti-ddos-principle.xml

it should be VAC appear in traceroute.
K.Kode
09-09-2013, 12:27
They are placed under VAC once an 'attack' is detected (also possibly via API).
alex
09-09-2013, 11:51
I have a several servers in RBX, but for uknown to me reason I can't see any VAC or DDOS protection in tracert. I have paid a new price and still don't have the service, it seems to me this is misleading!!!

what about your server? is it enabled on your server? or as usual the OVH mislead or new way to charge customers more for not implementing the service?