We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Protection against attacks


oles@ovh.net
10-02-2010, 10:36 AM
Hello,
This week we have started the migration system
for load balancing on our shared hosting packages to
a newer infrastructure. The 1000gp has been successfully
migrated. The other plans will be migrated
during the week.

In addition to the new load balancing system, we will be
testing a new system to protect against attacks.
It will be located on the upstream of the load distribution and allows
for the blocking of all embryonic packets (Synflood) and will better
manage the timeout(s) on all real connections. This will help
avoid congestion due to DDoS. Thus, any purge
will be on the upstream of the load distribution which will see
all real connections.

The funny thing(if you will) about this is that this morning the 1000gp
was attacked by 1200 IP's from around the
world, creating more than 15,000 simultaneous connections.

Session # sh ipv4 dest-port 6969 | i Total Sessions
Total Sessions: 15,704

The protection was successful on the operations and we have seen no
impact on the service:

Session # sh ipv4 dest-port 80 | i Total Sessions
Total Sessions: 1405

We will continue with the testing of the protection system
to work against attacks. The goal is to provide
Protection against attacks without requiring you to change
your infrastructure. OVH can provide an
IP firewall against the attacks, which will serve the
bad packets and return the legitimate packets only
to the IP of your dedicated server. Even if you do
not have server with OVH. To avail of the protection
you should note that nothing will change except in the DNS
A field ... that's it. Concrete example, the site
http://www.hadopi.fr that is not hosted at OVH and
is down due to attacks, we could easily
order an IP firewall to protect against attacks
without having to move it to OVH. Such protection
is activated within 5 minutes ... Simple, fast and very effective.

Regards
Octave