Quote:
Originally Posted by Theiron
[You must be logged in to view images. Log in or Register.]
I'm in the business and f5 hardware is very expensive. Maybe not for a $100M company but for personal use it is.
My curiosity comes when I ask is the server itself just on the public network with a public IP or does it have some sort of firewall in front of it? Based on the attacks and what not I'm going to assume it's completely open with a public IP.
Problem being that you'll need a some decent hardware to put in front of it to protect it and maintain the 400+ users it gets on a regular basis.
|
According to Rogean the abuse is from UDP traffic so it seems that simply rate limiting the traffic should be sufficient to block this, with sane thresholds on bitrate and packet size that would constitute and classify abuse appropriately.
Given that the server runs Windows you don't have
kernel level packet filtering functionality available so you'd want a solution available
at the switch level or before it arrives to the server.
Most co-location facility carriers provide this functionality, however you could easily use the same approach with a cheaply built unix based machine between drop-->server to
rate limit and meter UDP connections.
My 2 copper pieces, this sort of thing is my career outside of Norrath, it pains me dearly to see such an awesome project suffer from a few nerdragers and I'd be more than happy to donate my time and experience to help get us back on track if needed. Rogean, you know how to get in contact with me
[You must be logged in to view images. Log in or Register.]