dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
556
share rss forum feed


tomkb
Premium
join:2000-11-15
Tampa, FL
kudos:5
Reviews:
·Verizon FiOS

DDOS prevention question

Hi Group,

We are customers of a data center. Twice in the last 2 weeks one of the data centers other customers has received DDOS attacks. The problem is, these attacks are not taking down just this customer, but all customers in the data center.

In both cases, the data center was able to mitigate the attack within 15 minutes by blackholing the route. The data center has sent out a report of the incident to all customers in each case.

Our company has servers in 4 other data centers around the country and this has never happened before to any of the other locations, just this one location twice now in 2 weeks.

My question is, is it reasonable to assume that a DDOS attack against one customer in a data center can have repercussions for other customers?


VVSneakEh

join:2003-02-17
Toronto, ON
It has to be shared infrastructure, eventually. Perhaps the other DCs have more robust routers etc, that can mitigate the load.

I don't know if i'd stick around though, this customer seems like a magnet for evil traffic.

HELLFIRE
Premium
join:2009-11-25
kudos:18
reply to tomkb
said by tomkb:

My question is, is it reasonable to assume that a DDOS attack against one customer in a data center can have repercussions for other customers?

Without knowing HOW the infrastructure in the data center is setup, it's hard to answer this question.
If there's shared infrastruture, then yes, it can -- typically'd it'd start with the pipe coming into the
data center that said customer (and everyone else) is coming in / going out of.

Regards


norwegian
Premium
join:2005-02-15
Outback

1 recommendation

reply to tomkb

Look up ISP black hole filtering. This should be implemented by a good ISP to look after clients, more so for business clients than general public, and a good safeguard for this type of attack should include response from providers higher up the chain.
Hence why it may have taken 15 minutes to resolve. The ISP may have had to make a phone call to their provider and then a support tech check and subsequent blocks and filters put in place, to allow the ISP traffic again, not just you as a user.

Just my 2 cents.
--
The only thing necessary for the triumph of evil is for good men to do nothing - Edmund Burke

Expand your moderator at work