-1

I live in an open community.. I run a game on a dedicated server and have no idea about ddos security, I am trying to stop concurrent attacks against my game server but have no idea where to make my first movie, its like I am checkmated in an intense game of chess, do I use another hosts protection? do I build my own kind of protection.. what is the best wya to go here. I am looking to protect my game from http attacks and tcp attacks.

Josh Hallow
  • 44
  • 1
  • 6

2 Answers2

6

DDOS protection is a process where you plan for, put things ready, act when needed and learn lessons from past incidents.

The whole has to be made to measure to fit your needs and possibilities.

Some ideas:

  • DDOS is used as an attack by the bad guys for typically two reasons:

    1. to make your service unavailable
    2. to demand money for protection from the perps themselves (maffia technique)

  • The amount of traffic even a wannabe perpetrator could send you is typically enough to saturate any incoming connection money can buy. The reason is that "botnets" can be rented real cheap and their combined output bandwidth by far exceeds any incoming bandwidth one could afford continuously (or for most even as a one-off). This means that if it comes to a "mine is larger than yours" situation: the victim always looses.

  • You can do things up front:

    1. make sure to be "mobile": Be ready to swiftly change where your service is located (e.g.: make sure to use relative small caching times (time to live) for DNS names, so you can quickly and nimbly switch servers for genuine users each time side-stepping the ongoing attack)
    2. have fallback servers ready: if you need to sidestep an attack, it really helps to have servers idling that can take over the real users at any time. CDNs can help here too, but make sure they won't abandon you or charge you excessive amount if you're under attack. This might well mean you want to replicate e.g. (crucial) (parts of) your databases on an ongoing basis as to make sure the alternate servers have the data they need.
    3. explore contracts up front: if you need to negotiate, your downtime will be longer. The important parts are to mitigate your costs while under attack for e.g. incoming bandwidth that you cannot control. Similarly that they won't drop you as a customer because you're under attack. For your alternate servers, you might want to minimise costs while not under attack. Etc.
    4. prioritise: What services do you really need while under attack ? Have smaller, lighter versions of your service ready to react on overload. For added bonus: make your services aware of "current" load and overload conditions and adapt the service accordingly automatically.
    5. low impact services: the less impact a visitor has on your server resources, the harder it is to take you out (or the les effect there is). e.g. Make sure the costly services are for authenticated users only, not for public consumption. (that way you can lock out abusive users more easily)
    6. Have communication plans made up: determine what is going to be communicated by whom (to whom) over what medium up front. Don't worry too much about info you give to your attacker: they know already if they're a tiny bit smart. You need to inform your regular customers/users and gain a bit of PR back for a diminished service/quality you're able to provide under the difficult circumstances.
    7. Make sure every decision maker agrees to have a policy to NEVER EVER pay for the attack to stop, as it will only come back worse. If you're a likely target, make this policy public.
1

I see a lot of websites using CloudFlare to protect from DDOS

https://www.cloudflare.com/case-studies-eurovision/

If you were interested in learning how to stop it all by yourself though this is probably a good place to start your learning journey: https://en.wikipedia.org/wiki/Denial-of-service_attack#Defense_techniques

Albert Renshaw
  • 17,282
  • 18
  • 107
  • 195
  • Thanks for your answer, although I am looking for a cheaper solution than $200 monthly (Cloudflares business plan) – Josh Hallow Nov 02 '15 at 00:29
  • 2
    @JoshHallow Wow that is more expensive than I'd think it would be, but I'm just curious, why are you worried about DDoS, it seems incredibly unlikely for someone to attack the servers of a company who can't even afford $200/month. I'm not trying to be offensive I'm just saying you don't seem like a potential target. Are you worried because of an imminent threat? I would assume most people don't set up DDoS security (in 2015) until after their first DDoS attack. I'm not sure you should be worried about this at this stage in your development. But I don't know all the details of course.. – Albert Renshaw Nov 02 '15 at 01:00
  • I am worried because previous projects have been ddosed, its the community I live in, the gaming community. Theres a lot of very childish people out there these days, and I have already received a threat from someone in the hands of a very large botnet. I currently pay $500 monthly for my dedicated server, and don't have 100% confidence in throwing money at services I haven't heard much about, and especially with services I haven't used myself. – Josh Hallow Nov 02 '15 at 01:09