Will floodguard help?

ServerMatrix look incredible, but i'm getting DDOS'ed daily, and i'm going out of business soon.... (obviously something that upsets me greatly).

The person is apparently spoofing a lot of IP's.

Jon

FloodGuard requires a training period (I think it is, 7 days? Might be 14 days) where it receives your normal traffic without DDoS attacks. If you can't do that, you may be able to get ServerMatrix to configure it manually for you, but they will of course charge money for that.

Contact ServerMatrix and ask them if they can hook you up... You may also want to consider a TotalControl box from ThePlanet (ServerMatrix's parent company), as they're more likely to be willing to do something like this.

Do you know why you are attack daily ? I believe that Floodguard can help but it is not like something you need to rely on exclusively. If you know you are perpetually singled out to be DDoS attack, you need to know who and why you are being attack and either make peace with the attacking party or have the issue addressed by a law enforcement agency.

Floodguard should be used to mitigate floods and it is not a cure for it.

What are you hosting anyways ? And why are you being targetted ?

I own a joke ID card company, lots of people wanting to be 'James Bond', or 'Al Coholic' Etc.

The cards look quite real, but there are disclaimers on the reverse stating the card isn't real, etc...

I fear it's some group believing our cards can be mis-used etc, when they clearly can't! (They are totally made up imaginary cards with disclaimers on the reverse..)

I have no idea who is doing the attack.

Jon

http://www.theplanet.com/control/pro/p2800...00_details.html

2000 bandwidth, floodguard + dosevasive and other things, - the best option for me?

Cheers guys - your help is appreciated tons!

Jon

add a hardware firewall and also email theplanet because even with all of that they may not be able to do any thing

If you have not rented the server as yet, it might be prudent to email sales[at]servermatrix.com and mentioned your particular situation and see what they could advise you. I believe it is better that way rather than have us customers who have no authority over your machine and what you can or cannot do try to advise you.

That and the fact that "law enforcement" agencies are a joke when concerning the net. So you cant expect any help from there.

you could also think about haveing a cluster of servers to handel more traffic/flood that way the flood is spread around 2 or 3 servers with 1000GB of traffic each but you have to email sales about this from day 1 to configure it and add a firewall
i also belive as long you can pay for it there are always answers to any problem

ServerMatrix is getting ZEUS load balancing as an option for servers (49$/mth).

It seems to me that your solution to this problem is a combination of a hardware firewall(s), FloodGuard, and enough load balanced servers to handle whatever gets past the first wo.

FloodGuard might help you - its worth a shot if you are considering moving to the planet anyway. What I have read about FloodGuard is wishy washy, they claim it is a great product but I haven't seen any tests to prove it. Part of the terms of using FloodGuard are that you are not allowed to invoke an attack against your own server.

I used to have some DDOS problems (upwards of 90mbit TCP SYN floods), and then after moving to The Planet w/ FloodGuard, I haven't seen them anymore. But I have no idea if Floodguard actually is stopping anything, or if my attackers got bored and stopped flooding.

A hardware firewall may be a good idea, but an attacker can still flood your switch port so that legitimate traffic cannot get through, then you need to block it further upstream, etc. If your hardware firewall is connected to a 100mbps fastE port, even if you block all "bad" traffic w/ the firewall, an attacker can still saturate that port so you will see nothing but bad traffic.