DDos attack null route.

Ask questions about dedicated servers here and we and other users will do our best to answer them. Please also refer to the self-help section for tutorials and answers to the most commonly asked questions.
User avatar
kraze
Former staff
Former staff
Posts: 4362
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Fri Sep 17, 2010 9:06 am
Location: California

Re: DDos attack null route.

Post by kraze »

rd1981 wrote:You could try requesting a second ip that isnt getting targeted and use that for the time being nfo ddos ability is limited they can only handle upto 40Gbps in seattle the other locations are less.
This actually isn't correct. While Seattle's total capacity if 40Gbps we can generally handle much more due to ACL's and upstream filtering.
@Kraze^NFo> Juski has a very valid point
@Juski> Got my new signature, thanks!
@Kraze^NFo> Out of context!
@Juski> Doesn't matter!
@Juski> You said I had a valid point! You can't take it back now! It's out there!
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: DDos attack null route.

Post by Edge100x »

rd1981 wrote:I would like to add that null routing the servers ips for 8 to 16 hours successfully achieves the goal intended also and take the server down for hours.
Yes, and the fact that the attacker is rewarded is one reason why we really, really, really don't like null-routes and consider them an absolute last-resort measure. Only applied when the entire location is impacted as an emergency measure, always carefully reviewed for accuracy, always followed-up by appropriate further mitigation steps whenever possible. The article that I wrote talks more about this.

Many other providers null-route at the drop of a hat for even small attacks, and don't try filters or other DDoS mitigation measures. That has never been our policy. We don't call ourselves a DDoS mitigation host, but we have put tremendous time and money into protecting our customers as much as possible, and we are well-known for it.
preben
A regular
A regular
Posts: 33
Joined: Fri Dec 05, 2014 2:14 pm

Re: DDos attack null route.

Post by preben »

Spending this much money on firewall / filters that doesn't have any effect on large ddos attacks like these is unfortunate.

I get targeted and null routed everyday.
Image
User avatar
rymax99
This is my homepage
This is my homepage
Posts: 143
Joined: Sun Feb 02, 2014 2:08 pm
Location: Florida
Contact:

Re: DDos attack null route.

Post by rymax99 »

rd1981 wrote:You could try requesting a second ip that isnt getting targeted and use that for the time being nfo ddos ability is limited they can only handle upto 40Gbps in seattle the other locations are less.
Only? You're gonna be hard pressed to find another host that offers what NFO does in terms of DDoS protection without them being a host marked for DDoS mitigation and charging a hefty price for it.
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: DDos attack null route.

Post by Edge100x »

preben wrote:Spending this much money on firewall / filters that doesn't have any effect on large ddos attacks like these is unfortunate.
Our firewalls are highly effective, actually. You may not realize this because we work so hard to neutralize the attacks, with so many that we block not noticed by anyone and others just having a small footnote in the control panel, but we block hundreds of attacks per day, large and small.

Attacks are always magnified over the holidays when bored, unsupervised kids are working full-time to compromise more machines and launch larger and larger ones. Witness that even the "big guys" -- Sony and Microsoft, with a lot more money at stake and a lot more to apply to the problem -- can't take them right now. As always, I've been working straight through my holidays helping customers like you, trying to stop the unusually large attacks that you're attracting.
User avatar
TacTicToe
This is my homepage
This is my homepage
Posts: 848
Joined: Fri Feb 18, 2011 1:08 pm
Location: USA
Contact:

Re: DDos attack null route.

Post by TacTicToe »

How bout you approach this from a different angle.

Why are you being targeted? Do you know by who? Is it the game itself that attracts the attacks? The popularity of your server? A pissed off ex member?

If you know who or why perhaps you can reason with them to get them to stop.

I would suggest the following. Remove your game server from gametracker and create your own banner. Your servers integrity and being online is more important than ranking. The reality is you will probably receive less than 1% of your servers traffic from gametracker. However it is a very easy way for attackers to find someone to go after. Get rid of it. I only keep a handful of our servers on GT, more for SEO purposes than anything. I have created our own server banners, with the info needed for advertising.

Something like this...

Image

Just a thought.

Code: Select all

[img]http://www.tkcdl.com/lgsl/lgsl_files/lgsl_image.php?s=39[/img]
If you wish to use it.
preben
A regular
A regular
Posts: 33
Joined: Fri Dec 05, 2014 2:14 pm

Re: DDos attack null route.

Post by preben »

I'm not attracting these attacks on purpose.
Image
User avatar
Edge100x
Founder
Founder
Posts: 12945
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:

Re: DDos attack null route.

Post by Edge100x »

I realize that you do not mean to attract them and I don't see them as being your fault.
theRadAleks
This is my homepage
This is my homepage
Posts: 200
Joined: Wed Feb 19, 2014 6:07 pm
Location: Dallas, TX

Re: DDos attack null route.

Post by theRadAleks »

You could try switching to another location that has a bigger network capacity and can handle larger attacks. Seeing that your servers hosted in New York, you could switch over to Chicago its pretty close and the only people that would see any ping difference would most likely be overseas players.
.=QUACK=.Major.Pain
This is my homepage
This is my homepage
Posts: 1573
Joined: Sun Jun 26, 2011 8:03 am

Re: DDos attack null route.

Post by .=QUACK=.Major.Pain »

Chicago has the same nightly thing. Won't fix anything.
Visit gspreviews.com And Rate & Review Your Old & Current GSP's
Find Your GSP Coupons at gspreviews.com/coupons/
theRadAleks
This is my homepage
This is my homepage
Posts: 200
Joined: Wed Feb 19, 2014 6:07 pm
Location: Dallas, TX

Re: DDos attack null route.

Post by theRadAleks »

Well Chicago is has 10 more GB/s and as kraze said "we can generally handle much more due to ACL's and upstream filtering." He would have better protection against DDoS attacks in Chicago.
.=QUACK=.Major.Pain
This is my homepage
This is my homepage
Posts: 1573
Joined: Sun Jun 26, 2011 8:03 am

Re: DDos attack null route.

Post by .=QUACK=.Major.Pain »

Well I Know ours in Chicago is bad enough on our TS3 that we for the most part can't use it and everyone gets off and goes to other clan TS3 servers that we have permission to use. The choppiness in the past week or more has been horrible. But it only seems to last an hour or so, but it's at the time the everyone is on in the evening.
Visit gspreviews.com And Rate & Review Your Old & Current GSP's
Find Your GSP Coupons at gspreviews.com/coupons/
User avatar
TacTicToe
This is my homepage
This is my homepage
Posts: 848
Joined: Fri Feb 18, 2011 1:08 pm
Location: USA
Contact:

Re: DDos attack null route.

Post by TacTicToe »

Quite honestly, it has been my experience that Chicago area, regardless of the GSP, is one of the most attacked/tagrgeted locations there are. Not sure why, but it seems most attacks are always there. IMO if you want to be central NA, youre better off going with the Dallas datacenter. Still central and seems to get less attacks. For me I go with Atlanta, because it seems to fly under the radar, still gives a great ping for anyone in NA, and our EU players get a most playable game as well. And since I am in Florida and pay for the box, well you know....

@MP If you need some TS3 space, let me know. We have 500 slots and I have all bandwdth codecs maxxed out. I can put a private channel on there for you to use and set you up with admin privileges.

ts3.thekillingcrew.com if you want to test it out. Won't help with your gaming issues though.
theRadAleks
This is my homepage
This is my homepage
Posts: 200
Joined: Wed Feb 19, 2014 6:07 pm
Location: Dallas, TX

Re: DDos attack null route.

Post by theRadAleks »

It's not that Chicago is targeted, its just that the majority of communities host there servers in Chicago because its in the center and everyone around the US gets good ping to it.
Post Reply