d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Ddos Protection
Add Reply New Topic New Poll
Member
Posts: 1,358
Joined: Dec 30 2012
Gold: 0.10
Jul 9 2013 03:27am
Alright so basically I'm setting up a linux home server. As an employee of a hosting company I have a free shared hosting account through my work. Once I get my home server up and running I plan on pointing my hosting to it.

So... I was wondering how I would go about writing some kind of ddos protection software to put on my home server.

I understand how a ddos attack works but probably not enough to write protection software for it.

So from my understanding I'd need to write something that monitored the amount of traffic coming into the server and if an above normal amount is detected then the server would be put in some kind of offline mode? idk

Even if there is already ddos protection software available out there, I'd like to code my own just for the learning experience.

If anyone could point me in the right direction or provide some insight it would be appreciated.

This post was edited by SelfTaught on Jul 9 2013 03:28am
Member
Posts: 3,386
Joined: May 4 2013
Gold: 1,780.00
Jul 9 2013 04:24am
There is no such thing as ddos protection software that you run on a server you're trying to protect. ddos protection runs at higher tier network than yours and basically filters the traffic that hits your server - so it's more of a specialized firewall. And most of the time it's specialized hardware ASIC or FPGA designed specifically for this task, since the required computing power is so high for bigger ddos. Those are hardware designed specifically for one task and one task only, and they're many times faster than normal processors.

Quote
server would be put in some kind of offline mode


so basically... do exactly the same thing ddos does?

what you can do is sign up for cloudflare free account and use that. they will protect you from ddos since your server's real ip won't be shown, so no one will know what to ddos, and good luck ddosing cloudflare.


Maybe one more word: some of DDoS attacks rely on your server to respond. That can be actually filtered without problems, there are syn flood attacks etc, and every half decent firewall will easily deal with it. That's not the point: most deadly DDoS attacks will simply fill 100% of your bandwidth for 100% of the time, rendering it impossible to reach for legit people.

This post was edited by nuvo on Jul 9 2013 04:28am
Member
Posts: 13,425
Joined: Sep 29 2007
Gold: 0.00
Warn: 20%
Jul 9 2013 10:58am
Quote (nuvo @ Jul 9 2013 06:24am)
There is no such thing as ddos protection software that you run on a server you're trying to protect. ddos protection runs at higher tier network than yours and basically filters the traffic that hits your server - so it's more of a specialized firewall. And most of the time it's specialized hardware ASIC or FPGA designed specifically for this task, since the required computing power is so high for bigger ddos. Those are hardware designed specifically for one task and one task only, and they're many times faster than normal processors.



so basically... do exactly the same thing ddos does?

what you can do is sign up for cloudflare free account and use that. they will protect you from ddos since your server's real ip won't be shown, so no one will know what to ddos, and good luck ddosing cloudflare.


Maybe one more word: some of DDoS attacks rely on your server to respond. That can be actually filtered without problems, there are syn flood attacks etc, and every half decent firewall will easily deal with it. That's not the point: most deadly DDoS attacks will simply fill 100% of your bandwidth for 100% of the time, rendering it impossible to reach for legit people.


this. sort of.

there are ways to pull server ips from behind cloudfare. most of them rely on the hosts inability to properly configure their servers and cloudfare. one of them i discovered a while ago is that most people dont cloudfare their outgoing POP3 data thus resulting in the boxes ip in the email headers.

as for the DDos attacsk rely on your server to respond this is half true and half false. udp attacks do not needs a response, and syn attacks dont either. rather i dont think any attack needs a response from the server, as long as the server processes it there will be a problem (aka filling up all the available bandwidth as mentioned)

how ddos protection works is to have bigger tubes upstream that filters out bad traffic.

bigger tubes as in this one company that offers solutions for banks has 30-60gbps of tubes.

This post was edited by AbDuCt on Jul 9 2013 11:02am
Member
Posts: 1,358
Joined: Dec 30 2012
Gold: 0.10
Jul 9 2013 01:47pm
Ah alright that makes a lot more sense.

I guess what I'll do then is use CloudFlare, since that seems to be the only choice in my case. I was planning on using it anyways since it can potentially improve load times for people visiting my website.

Thanks for the replies and clarification.



Go Back To Programming & Development Topic List
Add Reply New Topic New Poll