Server rentals :: NFOservers.com

I would normally bring this to a support ticket but after the amount of times this happens, it gets a bit old.

So, normally whenever our Garrysmod server get's Ddos'd, we open a ticket with a support person and try to figured out. But everytime it happens, it's usually too late by the time they respond and the server has been crashed for a while and we lose all our players.

Why can't NFO really give us better Ddos protection? As much as I know that switching to a VDS or something similar which can provide it, it still sucks when you are on a strict budget and have to use a game server.

NFO, is there anyway we can provide better Ddos protection to the basic game servers? That would be great!

Much love!

Attacks often cannot be filtered ahead of time, or we would already have it filtered. The problem is that some attacks need the data to be looked at closely so that a proper filter can be put in place that does not filter legit traffic, but blocks the attack traffic.

A good example is two different Garrysmod servers at the Dallas location that reported attacks today. Both of them were hit with DRDoS attacks, which we talk about here: viewtopic.php?f=25&t=4960

Filtering an attack like this without blocking traffic from other players requires a very specific and advanced filter, one that cannot be applied to all servers, and one that requires detailed data on the traffic.

Long story short, the reason better protection than what we already have isn't automatically in place is because the situation is far more complicated than that.

_________________
TimeX

I would also like to add that what can be filtered heavily depends on the location you are at, the OS your server is being run on and the type of attack.

In locations where we run routers we have already proactively blocked some of the most common attacks and ones from your cookie-cutter Dos/DDos tools.

_________________
<@TimeX-NFo> Hey, we used to have to carry our packets to the servers.
<@TimeX-NFo> And it was upstream, both ways.

<@TimeX-NFo|away> You're asking the old dude for help?????
<@Kraze^NFo> Yes

So pretty much it's like the Flu? Everytime it happens you need to develop something new to prevent it for a while?

In some cases, yes. What usually ends up happening with some of our customers if they get attacked constantly and to a point where the attacker is constantly changing vectors..etc making it physically impossible to block the attack without taking some drastic measures.

Not to mention that blocking attacks is not only hard it is very time consuming in some cases. There are good reasons why companies that specialize in DDos protection/mitigation charge upwards of $10,000+ to block attacks.

_________________
<@TimeX-NFo> Hey, we used to have to carry our packets to the servers.
<@TimeX-NFo> And it was upstream, both ways.

<@TimeX-NFo|away> You're asking the old dude for help?????
<@Kraze^NFo> Yes

For maximum attack mitigation potential, choose a managed VDS at our LA location -- the router and VDS both have advanced firewalls that we can use to help. These firewalls come with default rules that block many common attacks by default; other filters could be created as needed to try to filter different kinds of attacks, once they have been identified.

If you ever think your server is being attacked, use the Firewall page to capture some traffic while the attack is going on. You can then either use the filtering tool to potentially block some of the traffic, or ask us to examine it and try to build rules for you -- it will be recorded there for us to look at.

We talk more about DoS attacks and how we handle them here: viewtopic.php?f=25&t=4931