OVH Community, your new community space.

DDoS Attack


Crownable
05-11-2014, 12:15
Quote Originally Posted by Dani
Hi

SYS:
DDOS protection is set to automatic. It will activate itself upon an attack being detected.

OVH
DDOS protection is set to automatic. It will activate itself upon an attack being detected.
You can change the protection from automatic to permanent from the OVH manager.
You also have an network level firewall where you can set up rules to block request prior to it arriving to your server.

For both SYS and OVH servers, there is also the option of an Cisco firewall.

Danny
Well, that's great and all. But i need some certainty here. I need to be able to filter out these attacks. If it can take down a 250mbps server, then the Cisco router with a maximum port speed of 100mbps will be blown out the window.

Kinda desperate here.

Dani
04-11-2014, 12:16
Hi

SYS:
DDOS protection is set to automatic. It will activate itself upon an attack being detected.

OVH
DDOS protection is set to automatic. It will activate itself upon an attack being detected.
You can change the protection from automatic to permanent from the OVH manager.
You also have an network level firewall where you can set up rules to block request prior to it arriving to your server.

For both SYS and OVH servers, there is also the option of an Cisco firewall.

Danny

Criot
04-11-2014, 09:15
Quote Originally Posted by Crownable
Bollocks, I know they also protect against UDP floods.

It's just that some aren't detected.. And it's putting the server down.
From what others have said and own experience OVH don't seem to block Layer 4 attacks *currently* - Whether they will in future, who knows.

Your options will either to be to buy the hardware firewall, use a software firewall or go to Anti DDoS PRO so that you can setup custom rules in their firewall in the VAC in order to block certain ports.

EDIT: Look here: http://www.soyoustart.com/en/anti-ddos.xml - This confirms that blocking UDP attacks is currently custom to the Game Range.

Crownable
04-11-2014, 08:25
Quote Originally Posted by Maki187
OVH protection also do not protect u against UDP attacks (maby a little), they protect u from TCP attacks usualy.
Bollocks, I know they also protect against UDP floods.

It's just that some aren't detected.. And it's putting the server down.

Maki187
03-11-2014, 22:49
You can't actualy complain on DDoS protection, as OVH is only one who offers it for free, if u look anywhere else, u will get poor ddos protection for 300 eur monthly... OVH protects u, and only difference between OVH Anti DDoS Pro and normal OVH anti ddos pro is that with SYS u do not have pernament protection, just automatic.
And belive me, pernmanet isn't much better, as I have server with SYS and OVH, and I'm 24/7 under attacks. So, do not spend much money on it.
OVH protection also do not protect u against UDP attacks (maby a little), they protect u from TCP attacks usualy.

heise
03-11-2014, 20:46
Well, with OVH you have antiddos-pro, which should give you - as I read but didn't try out - some extra configuration options, to manually fight those DDoS attacks. You can get a OVH cloud vps and route your traffic through it, to try antiddos-pro.

I assume, that they are constantly improving their antiddos technology. As you can read in this forum, it's not perfect. They won't fix any issues you should have.

Crownable
03-11-2014, 19:51
Quote Originally Posted by heise
Don't count 100% on antiddos. it's good but does not work 100% as you can see from former posts. Software firewall is all you are left with. If you need more, you will need to pay for ovh with antiddos-pro.
They have the exact same VAC. So how do I know it will work.

Anyway, I would rather just have them fix this issue rather me paying a lot more..

heise
03-11-2014, 08:37
Don't count 100% on antiddos. it's good but does not work 100% as you can see from former posts. Software firewall is all you are left with. If you need more, you will need to pay for ovh with antiddos-pro.

Crownable
03-11-2014, 08:10
Quote Originally Posted by heise
Setup iptables and customize according your needs.
I have blocked all ports except the ones i need.

However, it makes sense that this doesn't matter. Simply because it's a software firewall. The udp packets have already been received by then. The VAC should have filtered it out already.

heise
03-11-2014, 01:47
Setup iptables and customize according your needs.

Crownable
03-11-2014, 00:24
Hello,

Our server is getting DDoSed quite hard. Yet the VAC isn't filtering it..

How can I protect against this?