Quote:
Originally Posted by Malrubius
[You must be logged in to view images. Log in or Register.]
Isn't there front-end hardware (or I suppose software) that will help block this stuff? In other words, there is the ability to block the stuff (i.e. repeated spam attacks, etc.) *before* it gets to the server, but without having to have the ISP/host/carriers do it - true?
|
An inline Intrusion Prevention System (IPS) does this, as can some firewalls. They detect stuff like Syn floods or excessive traffic and a bunch of other stuff and can automatically drop that traffic. That costs money though. You can get older hardware off ebay semi-cheap, but to licence it for the latest signatures and to licence the server software to manage it costs a bunch of money - several thousand/year.
Wait until they install the new server in the new data center and hopefulyl the new ISP/data center will be able to take care of the DDoS.