08-25-2010, 11:16 PM
(This post was last modified: 09-14-2010, 02:37 PM by Omniscient.)
Slowloris is more complicated than simple get commands. It opens the HTTP connection but doesn't ever close it. What you describe is simple httpd flood which is easily blocked mostly.
Syn floods are normally easy to stop too if you have a capable sys admin. 99% of attacks I have seen had a pattern that was recognizable enough for me to block them at server level.
UDP/Ping are funny since these are services you can normally just turn off or reroute. You can just do DNS mirrors or round-robin DNS to avoid large botnet attacks. DNS service can easily be moved to a host offering good DDOS protection at a fairly reasonable price too.
Ping flood is just a complete waste of everyones time.
Everything can be stopped at router level but the risk of false positives grows. Best to use all 3 protection layers appropriately.
Syn floods are normally easy to stop too if you have a capable sys admin. 99% of attacks I have seen had a pattern that was recognizable enough for me to block them at server level.
UDP/Ping are funny since these are services you can normally just turn off or reroute. You can just do DNS mirrors or round-robin DNS to avoid large botnet attacks. DNS service can easily be moved to a host offering good DDOS protection at a fairly reasonable price too.
Ping flood is just a complete waste of everyones time.
Everything can be stopped at router level but the risk of false positives grows. Best to use all 3 protection layers appropriately.
I am here to rescue you.This is Support Forums not Support PMs. Do not PM me for support unless it's private and site related.