In my opinion, One way you can defend against DDoS attacks is to get more bandwidth than the combined bandwidth used by DDoS attack and wear out the attacker. Often it is tough because typically we deploy just enough bandwidth. Sometimes, if you have enough network bandwidth, the number of requests will overwhelm the equipment with higher CPU/memory utilizations.
Once you pay, Attacker understands that your site is important and will try to exploit again and again.
In your case You can also contact your ISP and they can put filters in the their upstream routers against this traffic but then no one can access your site and attacker kind of wins the battle without losing lot of his horse power.
_________________________
Nham Kandala
www.keane.com
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of auto13925 (at) hushmail (dot) com [email concealed]
Sent: Tuesday, July 31, 2007 2:47 PM
To: realcases (at) securityfocus (dot) com [email concealed]
Subject: Advise on DDoS attck
I have a small, members only forum with about 150 members. It is
hosted on a third party server. A few days ago I received an email
demanding $500 to be paid into an e-gold account, otherwise attacks
would start. I did not reply and last 3 days my domain/forum has
been under DDoS attack. Attacks are not very effective in that due
to small amount of members there is not too much activity and we
can occasionally access to read/post the latest. However, they are
annoying and we would like to defend against it if we can. I am
looking for some advice from anybody who can spare some time to
write a reply. Thanks.
--
Start providing for your family by becoming a paralegal. Click Now.
Once you pay, Attacker understands that your site is important and will try to exploit again and again.
In your case You can also contact your ISP and they can put filters in the their upstream routers against this traffic but then no one can access your site and attacker kind of wins the battle without losing lot of his horse power.
_________________________
Nham Kandala
www.keane.com
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of auto13925 (at) hushmail (dot) com [email concealed]
Sent: Tuesday, July 31, 2007 2:47 PM
To: realcases (at) securityfocus (dot) com [email concealed]
Subject: Advise on DDoS attck
I have a small, members only forum with about 150 members. It is
hosted on a third party server. A few days ago I received an email
demanding $500 to be paid into an e-gold account, otherwise attacks
would start. I did not reply and last 3 days my domain/forum has
been under DDoS attack. Attacks are not very effective in that due
to small amount of members there is not too much activity and we
can occasionally access to read/post the latest. However, they are
annoying and we would like to defend against it if we can. I am
looking for some advice from anybody who can spare some time to
write a reply. Thanks.
--
Start providing for your family by becoming a paralegal. Click Now.
http://tagline.hushmail.com/fc/Ioyw6h4ek5luP2QXE8sDN5iWmsaUY5zunKzNBGD0M
kUq99rS9qOLDW/
[ reply ]