Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Ask Slashdot: Experience Handling DDoS Attacks On a Mid-Tier Site?

Ryan Amos Pay your protection money (197 comments)

To most of the commenters: WTF? You have obviously never been involved in a DDOS attack. Here is why:

1) A typical DDOS attack in 2012 will send traffic measured in hundreds of MBPS/GBPS down your pipe. Not only is this a massive volume of traffic, but almost all of it is in the form of SYN/ACK packets (which are exponentially more difficult for your frontend servers to handle; especially when they are never followed by a FIN.) This is many orders of magnitude more difficult to deal with than what most sites are scoped for. You cannot just "handle it," we're talking about something that is often 7-8 standard deviations away from your "normal" peak traffic levels. In other words, your infrastructure cannot handle it. Because if you overbuilt your infrastructure to those levels, you are an idiot. DDoS protection services cost a fraction of what it would cost you to build a network that could handle that.
2) Your normal DDOS doesn't come from one "large user." (hence, the first D in DDoS.) It comes from thousands (or hundreds of thousands) of IP addresses, all at once. Botnets? Yeah, they are real things, and they can be really destructive. And bad people control them, and you may have fired their mother at one point. Who knows why they have it in for you, but they probably will at some point.
3) Even if your infrastructure could handle an amount of legitimate traffic equal to the volume the DDoS will produce over the span of 6-12 hours, you would then have to pay for it. I promise you, you don't want to be in that position. Most hosting providers probably won't make you pay for all of it, but they will become real interested in what you're hosting that would make someone want to DDoS you in the first place. And your boss will probably make you find a proxy solution to solve the problem; so why not be proactive about it so you can say "Yeah, those /b/tards decided to DDoS us, but I took care of it 3 months ago."

TL;DR: DDoS proxy services like CloudFlare exist for a reason: it's simply not economically feasible to overbuild your infrastructure to the point where you could survive such an attack. Pay the man, keep your site up, and ignore the punks smashing cars in the street because you have insurance, so fuck em.

more than 2 years ago
top

What Would You Want In a Large-Scale Monitoring System?

Ryan Amos Re:OpenNMS (342 comments)

Mod parent up, OpenNMS rules.

more than 5 years ago
top

Copper Thieves Jeopardize US Infrastructure

Ryan Amos Re:Plumbing out of house stolen (578 comments)

Not when copper prices fall through the floor thanks to the implosion of the construction boom. If there's no demand for the stuff, the price goes way down.

more than 5 years ago

Submissions

Ryan Amos hasn't submitted any stories.

Journals

Ryan Amos has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?