

Ask YC: DDOS Protection? - e1ven

Some friends of mine have been running into an issue with massive DDOS attacks, primarily massive junk UDP traffic.<p>Right now, they're shunning IP ranges as fast as we can, but things change quickly, and often at night.<p>I saw the discussion at  http://news.ycombinator.com/item?id=106020 , which took place just under a year ago, but I'd love any advice.<p>I know that there are companies such as prolexic and Gigenet can offer substantial improvements, if I understand correctly, by re-routing our traffic through them, and then on to us.<p>Are there any companies that HN readers have worked with? What sort of pricing were you hit with? One quote I found online had suggested $400/Mbps/month.<p>Are there any programmatic solutions to maintaining a shun list? I could script something to blindly telnet in, but it seems like there's got to be boxed solutions for this.<p>The problem with most inspection techniques is by the time we accept the packet and start examining it, it's too late, and we start to get overloaded.<p>Any advice would be appreciated.
======
lazyant
If you are running Linux then iptables (netfilter) can be your friend. Look
into the --limit option.

The banning can be made automatically with a script like
<http://deflate.medialayer.com/>

Also they should be able to talk to the hosting company / data center; they
may be able to provide the service filtering the DoD traffic right there.

