I'm looking at how to try and prevent DDOS attacks before I launch a website as I will expect lots of online 'booters' to attack the server.
I've read through lots of threads on here and stackoverflow and realised that at my own server its not worth setting anything up as the damage is already being done.
This means I can either have a reverse proxy or try and work with my hosting provider.
What i'm trying to understand is how null routing traffic is effective.
Lets say that I have been able to identify the pattern of an attack and know which packets are from the attack, If I tell my hosting provider this and they decide to black hole these packets, isn't this still impacting their infrastructure?
Because the bandwidth is still be used in order for the attacker to send the packet in the first place, they can keep sending them regardless of receiving no response so all the hosting provider is doing is keeping my service up but still taking the damage?
Is this meant to make the attacker give up on the attack since the intended targets service is still up?
And finally, is the only actual solution to ddosing by having more bandwidth than the attacker?
No comments:
Post a Comment