Refund or free Sub Time for DDoS NOW

[YouMayNot]

Yeah, yeah. It’s not the servers. You have no idea how any of that works, clearly.

Neither do you, I can buy a DDoS-resistant server on Amazon easily. They cheaped out and bought the cheap servers that aren't resistant.

Chloe

[Themarvin]

Neither do you, I can buy a DDoS-resistant server on Amazon easily. They cheaped out and bought the cheap servers that aren't resistant.

Chloe

Not really, you can't really ward against it whenever it get to it, and some uimportant server like that as you mention, most likely will not be targetted at all, it is an entire different scale you need to look at, and who can be doing this, it looks more like hybrid war on the scale NA is targetted currently, a couple of places in the world has greater interest in irritating people like this, and since the NA Hubs are so large, it is the perfect test ground as well, before they hit other targets.

Also you should read up on DDoS on the internet, it will provide you all the information you need also it would or could tell you about how it is so difficult to ward against for pretty much anything big out there.

[Titania40]

Neither do you, I can buy a DDoS-resistant server on Amazon easily. They cheaped out and bought the cheap servers that aren't resistant.

Chloe

Really? A DDOS resistant server from Amazon, huh? That seems like a really nice trick, considering when I just tried searching Amazon for such a thing it came up with server aprons for people in food service jobs (top options) and server hardware that does not claim to be resistant to DDOS attacks. In fact, I can find no information on such hardware even existing.

[GiR_Zippo]

Really? A DDOS resistant server from Amazon, huh? That seems like a really nice trick, considering when I just tried searching Amazon for such a thing it came up with server aprons for people in food service jobs (top options) and server hardware that does not claim to be resistant to DDOS attacks. In fact, I can find no information on such hardware even existing.

No there is no HW existing to prevent a DDoS, you can use a Firewall(cluster) to get rid of some background noise, but only working for ~4-10GB/s and no guarantee it's working for specialized attacks.
Normally DCs are routing your IPs to NULL if a limit of X-GB/s is exceeded. ¯\_(ツ)_/¯


I think Chloe is refering to the situation 10 years ago.
Amazon DCs were able to filter the backgroundnoise to real nice degree, but to get rid of bigger attacks you had to do your part:
- Setup a couple of EC2 proxy instances with the right ports exposed to the internet
- Bundle the addresses in your A record subdomain entry and use a TTL of 60
- Every EC2 has a vpn-tap to the gameservers (selfexplaining the IPs of these end-servers aren't publicly known) and some filter-rules

If you were using 10 instances the botnet had to do a DNS lookup and only seen one IP and every 60 seconds an other one.
If they started an attack, they attacked the current seen address, Amazon was routing the IP to NULL and the instance was down.
Now you can't move a botnet to a new destination real quick, so you have to wait ~5 minutes until they stopped attacking the current one and move to the new target from the DNS lookup.
If you are lucky they'll get the same address again and DDoS a dead instance or just refused to attack, cuz the IP was down.

That's basically what we did long time ago and it was working really nice 9/10 players loved this trick.
But this was never a complete server related thing, it's a mix of both routing and server (the server had the additional filter-rules) and you'll sacrifice one instance on purpose, when a DDoS happens.

But now you can't/woudn't do this anymore for some reasons:
- You'll pay Amazon money for every byte transmitted and a DDoS is getting expensive
- You have to scale the whole thing up to a certain point where it doesn't makes any sense from a cost perspective
- Since we have Cloudflare some Botnets are collecting the addresses of the A record
- Botnets are much better in targetting now, they are even capable of splitting the capacity to multiple targets


Or is Chloe refering to the optional Firewall setting from Amazon? But this option was only capable of filtering up to 2-4GB/s at this time.
Even a cheap botnet exceeded this capacity by a factor of 2 and this was enough to trigger the NULL rule of the DC.

[Annica]

Really? A DDOS resistant server from Amazon, huh? That seems like a really nice trick, considering when I just tried searching Amazon for such a thing it came up with server aprons for people in food service jobs (top options) and server hardware that does not claim to be resistant to DDOS attacks. In fact, I can find no information on such hardware even existing.

Don't act stupid. Amazon Web Services (AWS) is the biggest provider for Web Services, Cloud and other Server Related Stuff in the World. Has nothing to do with the online shop