While talking on the telephone today with a partner I was asked what I would recommend as a good utility to mitigate a
DDOS.
First I must say that I do not think that anything - software and/or hardware will be 100%, however it is wise to have something in place.
Generally a
Dos attack is about resource starvation - in where a DDos is about not only eating up the resources of the server being attacked but also filling the pipe that server uses to the interent.
First you must understand that although a Firewall is a great utility - it does not take place of an anti-DDOS device. A good firewall can help when a Dos comes into play - but when a DDOS (distributed attack) comes in - a firewall gets lost and sends most all routing into Space along with the moon and stars... cheap firewalls generally do not inspect the amount of data being traversed nor inspect the payload itself, with a few exceptions such as Cisco's feature called TCP Inspection or Syn Cookies, (*note - Checkpoint and Netscreen have similar functions...)
Some higher-end firewalls will perform SPI (Deep Packet Inspection) however.
In this posting you will see a few links to explain what DDOS are - as well as some links to articles to talk about some hardware / software to assist with mitigation.
- Riverhead neworks - (now Cisco)
- Captus Networks
- FortInet
- Juniper Networks (routers and NetScreen Appliances)
- Foundry Networks
- Tipping Point
- TopLayer
A list of some providers that offer this service with their hosting is as follows:
Cybercon
Website:
http://www.cybercon.com/
Comment: Based out of St. Louis, Missouri, USA. Expensive, but these folks have the knowledge in dealing with attacks.
DDoSProtection
Website:
http://www.ddosprotection.com/
Comment: Our company is aimed at helping small-to-medium online businesses to protect themselves from DDOS attacks and other security vulnerabilities.
EV1Servers
Website:
http://www.ev1servers.net/
Comment: All IPs on all servers at both EV1 data centers are now protected by FireSlayer, a combination of EV1-developed and commercially available anti Denial of Service (DoS) technologies. This service is 100% automatic and 100% free.
GigeSERVERS
Website:
http://www.gigeservers.com/
Comment: Based out of Chicago, Illinois, USA. Eight years of experience in DoS/DDoS attacks.
RackSpace
Website:
http://www.rackspace.com/
Comment: The Rackspace network has been engineered from the ground up to accommodate the high-availability demands of our customers' mission-critical Web applications. Our Cisco-powered, Zero-Downtime Network™ has unique self-healing attributes that allow us to deliver on our 100% infrastructure availability guarantee.
Staminus
Website:
http://www.staminus.net/
Comment: We offer a wide array of dedicated server hosting solutions so please feel free to navigate our site or sitemap. Our dedicated servers come with a 99.9% network uptime guarantee so you can have peace of mind..
The Planet
Website:
http://www.theplanet.com/
Comment: Based out of Dallas, Texas, USA. They use the Savvis Data Center. 19Gbps available bandwidth.
of course this is not all inclusive.
Beware of those providers that state they offer this service - but cannot back up their claims. Remember if a network states 99% uptime that means they allow for up to 1% of downtime or 72 hours per month !!!