April 10th, 2007 [by Doug Alder]
Distributed Denial of Service(DDoS) attacks have become the scourge of the Internet. It used to be simply a Denial of Service (DoS) attack coming from a single IP aimed at some home user. Typically a result of someone on IRC trying to kick someone else off line and easy to block if you knew what you were doing. A nuisance but not terribly harmful. That, however, was the past. Today the typical DDoS attack is a component of online criminal activity with organized crime gangs using them for extortion as well as disrupting the competition for their illegal activities (such as control of a lot of online gambling sites.) Whereas in the past a DoS attack would be in the range of a megabit or two per second or two in size, DDoS attacks are now multi Gigabit (Gbps) per second in size.Most data centers are at a loss on how to deal with such attacks. Because these attacks are distributed it means they are coming from multiple IPs, that number depending on how many zombie computers on his botnet a botnet owner wants to dedicate to it. As many botnets have tens of thousands of compromised computers in them you can begin to see the problem in blocking the attacks. It will only get worse.RackForce instituted a state of the art DDoS protection system that has proven itself against multi Gigabit per second attacks (sorry details are for obvious reasons extremely confidential). The result? Great network uptime. (Click here for stats.) Here’s what one customer has to say about it:
After these DDoS attacks, we moved FDB to bomb-proof webhosting on Rackforce, who advertise that their system is impervious to DDoS attacks. Since moving FDB to Rackforce, we’ve been hit with DDoS attacks several more times- but we at FDB would never have known about them if Rackforce Support hadn’t clued us in. Rackforce are able to divert attack traffic and move the IP of our server with just a few mouseclicks, keeping us ‘on the air’ seamlessly since we signed on.
How much is that protection worth to your online operation? $5/mo, $25/mo, $100/mo? Well at RackForce we include that protection at no extra cost on all accounts. Now that’s valueWhile we certainly appreciate the compliment from our customer I would like to point out that no data center can ever claim to be “bullet proof“, “bomb proof” or impervious to attacks. However as you can see from this customer’s enthusiasm RackForce has done an exceptional job of implementing systems and processes that prevent or dramatically limit the impact of such attacks.Like any other malicious activity DDoS technology and strategies are constantly evolving and so prevention and mitigation techniques must evolve too. In the process of this “cat and mouse” game some attacks will temporarily make it through, so while RackForce’s solution is not a guarantee against successful DDoS attacks it is nevertheless a very strong defense, and one that applies to all our customers at no extra charge despite the cost of many thousands of dollars per month for us to provide this coverage. Why do we do it then? Well here are a few reasons:
- DDoS attacks use up our bandwidth and thus cost us money
- Athough RackForce does do its best to protect individual customers against DDoS attacks, or any attacks for that matter, the priority is in protecting the overall network and all the customers.
- We don’t like to see the bad guys win, ever, for any reason
RackForce is committed to giving its customers the best service for the price and we are continuously upgrading our network and our offerings to meet that commitment. Stay tuned.
You can follow any responses to this entry through the RSS 2.0 feed.
Posted in Security | Comments Off
Both comments and pings are currently closed.
