• retrowave

    With great difficulty. I run a small website that got DDoS'd a little while ago. Not only did they take down my site, but everyone else on my provider's network.

    Being such a small provider with no capacity to handle such a large DDoS, their solution was to kick me off their network entirely. Effectively they gave me 6 hours to backup my stuff and hit the road.

    For mitigating websites, services such as CloudFlare work with limited success. They have their servers sit "in front" of your own, sort of acting like a proxy or gateway. Traffic is inspected and only legitmate users are let through.

    Higher capacity networks, such as those owned by ISPs, can employ more complex methods of distinguishing 'real' from 'fake' traffic, and passing that through. However, a DDoSer can very quickly change their attack method to adapt, so it becomes a really annoying game of cat and mouse.

    Honestly, the best method is to just add more capacity. Throw in more servers to adapt. Load balance the end-point that's getting hit. Re-route to higher capacity networks... The list goes on and is very environment-specific. Adding capacity requires time and money and is only really vialbe to companies that can afford it.

    For thesavagemonk's game servers above – it looks to be an automated system set up by the hosting provider. Probably a combination of the methods I described above.

    • thesavagemonk

      We actually switched server hosts due in part to issues like those you describe. On our old host, their "solution" to DDoSing was to "null-route" our IPs, meaning any traffic directed to our game servers, website, VOIP server, etc. would be directed to nothing for 8 hours. As you can imagine, being DDoS'd was absolutely devastating to us.

      We pay a relatively high amount of money for the dedicated servers we use now, but it's absolutely worth it. Many of the events listed in the picture above weren't even noticeable to us. For those that were, it was usually no more than a minute or two of slowness before the automated system fixed it. I had my friend go into detail in this comment about how exactly they handle DDoS mitigation.

      • retrowave

        That's awesome! It's a really good feeling when you find a reliable ISP. Not having to deal with these issues is why you pay them for the service.

        A null-route is not a goddamn solution grumble grumble. Excellent info from your friend. I definitely learnt something today!

    • potateHoe

      Thank you! That sounds really hectic to have to deal with because of the cat and mousing. It also makes it more remarkable when you hear about Blizzard's or Microsoft's servers getting DDOSed to the point of failing. Pretty neat stuff :)