Server Down

[President]

Quote:

Originally Posted by Vyal [You must be logged in to view images. Log in or Register.]

Linux can't compete with anything windows can do the windows server are sooo much more trust worthy and the security is better.

Sorry I don't want to get into that with you alot of hard heads out there like linux but i'm not one of them.

The rest of your post showed you have no idea what you are talking about as well.

[President]

Quote:

Originally Posted by Malrubius [You must be logged in to view images. Log in or Register.]

Isn't there front-end hardware (or I suppose software) that will help block this stuff? In other words, there is the ability to block the stuff (i.e. repeated spam attacks, etc.) *before* it gets to the server, but without having to have the ISP/host/carriers do it - true?

To an extent. It's all about how its set up and how much bandwidth he is being provided. They are moving the server next week to a better hosting company which should *hopefully* deter this, but if the server stays up but through DDoS uses MAD bandwidth the bill is going to be enormous. Even if you toss in a firewall or other hardware between the server and the uplink it still depends on the bandwidth between them. It might help, but even doing discards, blocks, reroutes, etc. still uses resources, and if the DDoS is large enough it will use up all the resources doing discards etc.

The server was already moved once to a place that had some sort of DDoS protection, but thats the problem with DDoS, if its large enough, it's GOING to cause a problem.

[Poww]

Quote:

Originally Posted by Malrubius [You must be logged in to view images. Log in or Register.]

Isn't there front-end hardware (or I suppose software) that will help block this stuff? In other words, there is the ability to block the stuff (i.e. repeated spam attacks, etc.) *before* it gets to the server, but without having to have the ISP/host/carriers do it - true?

What president said is right.. I'm guessing its an issue with going over bandwidth, which usually ends up in costing big bucks. You have a certain commited rate and should you go over that, expect fees.

I actually work for the most expensive datacentre outsourcer in North America, so I'm not sure how the lower budget ones work, but we will not filter traffic on our side of the network.. Your traffic is your traffic. This is seen as good and bad, obviously it's good because you will never have issues with us filtering any legitimate traffic.. but then you have issues with DDoS.. Again though, if you get DDoS you use more bandwidth, which raises your 95th percentile, which means you will most likely be paying. Of course if someone if havign a real bad problem and it goes on for a few days we will intervene, offer assistance, or just offer to shut the port to save them some money.

Getting back to the point, if traffic is getting to your network, you can filter it all you want, but its still using bandwidth which you pay for, if it hits the server or fills the pipe, you of course get the lag we were getting.

[bionicbadger]

Quote:

Originally Posted by Malrubius [You must be logged in to view images. Log in or Register.]

Isn't there front-end hardware (or I suppose software) that will help block this stuff? In other words, there is the ability to block the stuff (i.e. repeated spam attacks, etc.) *before* it gets to the server, but without having to have the ISP/host/carriers do it - true?

An inline Intrusion Prevention System (IPS) does this, as can some firewalls. They detect stuff like Syn floods or excessive traffic and a bunch of other stuff and can automatically drop that traffic. That costs money though. You can get older hardware off ebay semi-cheap, but to licence it for the latest signatures and to licence the server software to manage it costs a bunch of money - several thousand/year.

Wait until they install the new server in the new data center and hopefulyl the new ISP/data center will be able to take care of the DDoS.

[Caere]

Quote:

Originally Posted by Bones [You must be logged in to view images. Log in or Register.]

Please... enlighten us.

Bro got banned and butthurt.
see 3rd post down here: http://forum.shardsofdalaya.com/show...t=17059&page=2

u mad?

[Zilo]

Glad i looted my corpse with the Mistwalker on it, thought it would be safer to cut my 90% exp rez lose.....boy am i glad i did that =P


Zilo lvl 50 Ranger of IB-MAIN

Suffer lvl 37 Shadow Knight-alt

Mugwy lvl 50 Paladin of IB- Relative alt

[Modal]

Quote:

Originally Posted by Malrubius [You must be logged in to view images. Log in or Register.]

Isn't there front-end hardware (or I suppose software) that will help block this stuff?

According the hosts website, they already employ it. From http://www.nocster.com/network.shtml

"The network is protected from Distributed Denial of Service (DDOS) attacks via Cisco Guard™ protection systems."

This brings to mind 2 points:

1) The CG appliance can run in two distinct modes, one of which requires specific user intervention in order to reroute the traffic when a DoS attack is detected. I've seen companies contract out the configuration of this appliance, then fail to read the post-setup documentation explaining the steps to actually use it when it's needed, essentially turning it into a several thousand dollar bottleneck.

2) How the heck is it not stopping this? I've seen those little machines kill absolutely brutal attacks in no time flat, which leads me to believe that the P1999 server is either outside of a configured zone or Nocster isn't real clear on how to set the machine up.

Oh, and the pictures there are kinda scary too. Looks like a bunch of PCs on aluminum shelving. I've got a couple of empty HP racks in my garage if they need any.

[Bones]

Quote:

Originally Posted by Caere [You must be logged in to view images. Log in or Register.]

Bro got banned and butthurt.
see 3rd post down here: http://forum.shardsofdalaya.com/show...t=17059&page=2

u mad?

Ohhhh lol. All makes sense. [You must be logged in to view images. Log in or Register.]

[Bugaman]

How Large of a community donation would it take us to be protected from the DDoSer? Im being serious when I say this, I dont mind giving a lump sum to end this problem. Thanks and plz respond with a real answer GMs, If there is one, I dont know. Thats why Im asking.

[Vyal]

Honestly I don't think it's even a ddos attack more then likely some f'd code someplace creating weird server sided loops killing the CPU.

After reading about the servers he has there just isn't anyway. Lies made up bs lies is all I see here.