?
Solved

DDoS Protection services

Posted on 2014-04-07
4
Medium Priority
?
345 Views
Last Modified: 2014-04-09
Hi,

We have suffered a couple of serious Syn Flood attacks recently.  We thought we had put the right levels of protection on our server, but we are now seriously considering using a web based service (see list below).

What should we look out for with these services?

What should we expect to pay for the services?

Does anyone have any particular recommendations?

cloudflare.com
dosarrest.com
rivalhost.com
prolexic.com
incapsula.com

Many thanks
chris
0
Comment
Question by:Chris_Ryan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 25

Expert Comment

by:Tony Giangreco
ID: 39983166
hardware based firewall, it is probably being logged. I suggest reviewing those logs. I also suggest having those logs sent to a system admin by email as the log fills up so they can be reviewed anytime. Without sending those logs, the old logged events get  over written as new logs are created.

We use a Sonicwall firewall for this. It works very well. Cisco and other brands should work well also.

You might also try contacting your ISP, although most of the time, adding a firewall is the best first step.

Hope this helps.
0
 
LVL 26

Expert Comment

by:Blue Street Tech
ID: 39983728
How many users are in you protecting? What do you have in place currently?
0
 

Author Comment

by:Chris_Ryan
ID: 39983878
Hi Diverseit

We have six major domains and hundreds of sub-domains.

We have CSF in place with iptables

Thanks
Chris
0
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 2000 total points
ID: 39987157
You have to work with the ISP's to mitigate some of these large DDOS attacks, you can't do it yourself with hardware. If the pipe fills up, your RST packet's can't get through, and if they are redirected+amplified, you may cause harm to other networks. CloudFlare and others work with the ISP's, they don't have any magic other than that:
http://blog.cloudflare.com/the-ddos-that-knocked-spamhaus-offline-and-ho
You can't mitigate todays attacks of this magnitude without a special service, hardware doesn't cut it anymore.
-rich
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question