[nog] DoS and DDoS mitigations

Marian Marinov mm at siteground.com
Thu Feb 21 17:38:22 EET 2019


Hi guys,

I'm trying to generate a good overview of the DoS/DDoS attacks that everyone of us is receiving, for my Network Security Courses in FMI Sofia.

So the information I'm searching for is, first the type of attacks and second, what mitigations you use for different types of attacks.

For example, we at SiteGround receive mainly two types of attacks:
- UDP floods (large pps)
- HTTP connection floods(connection exhaustion)

These days it is rear for us to receive a TCP Syn flood.

What we employ is basic iptables rules and linux sysctl controls, for attacks that do not exceed the capacity of the receiving machines and Radware for attacks that we can't mitigate.

In the cases, when the attacks are even above the capacity of the Radware we are null routing the IPs for a few hours, until the attack subsides.

So would you guys share your solutions?

Best regards,
Marian
-- 
Marian Marinov
Chief System Architect of SiteGround.com
Jabber/GTalk: hackman at jabber.org
ICQ: 7556201
IRC: hackman @ irc.freenode.net
Mobile: +359 886 660 270

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ludost.net/pipermail/nog/attachments/20190221/17b216ba/attachment.sig>


More information about the Nog mailing list