Hi all, i am looking for some advice.

We have had to change hosts 4 times so far this year as we are getting DOS attacked by a couple of diferent people. We run an internet community based around 2 online games, we have over 2000 members and 3000 players. We are non-profit making and rely on donations coming through the site to pay for our hosting. Unfortunatly there are people who do not want to see us succeed and are intent on taking us offline.

We have tried using a bigger hosts and a smaller hosts, with each knowing at some point we will be attacked, unfortunatly none have been able to protect us and keep us online, we have just had another dos attack and our host has told us they are taking down the site and wont host for us again.

I do not know if there is such a thing, but if we were to sign up to Powweb, would they be able to protect us and give us some form of guarentee that should we be attacked again that they can keep us online?

Well, if you know the IP address(es) of the people heading up the DOS, using an .htaccess file you can block those IP addresses.

block 10,000 randomly spoofed ip addresses per attack?


i am sorry dude, but you completely avoided my question, can this company here protect us and keep us online during an attack? are they willing to do what is needed or would they bin us like the rest have done?


thats all i need to know

i dont want to have to worry about getting taken offline, i have enough volentary work to do when the site is up as it is.

In a shared hosting environment, admitting that you are a target of dos attacks won't make you very popular, with the administrators or the other users in this forum. And in general, web hosting companies won't help you too much with this.

This isn't because the hosting companies don't want your business, or they don't care about their customers, because, by and large they do. It is because when that attack comes it not only effects you, but everyone else on that server as well.

In the past Powweb has worked with users to block these types of attacks, but if the ip addresses of the attacks keeps changing there isn't much you can do, and I would expect that your site wouldn't be around for very long.

I know, it doesn't seem fair to you, it is not cool, but that is the downfall to a shared hosting enviromenment and it the responsibility of the PW administrators to look out for the good of the masses. If your site has that many problems and requires that amount of attention by the administrators, maybe you should consider dedicated hosting. I know it would be more expensive that 7.77 a month, but do you really expect to get someone guarenteeing your site not geting hacked for that price?

Being that you didn't provide thorough information regarding the DOS attacks, I answered your post with a good solution.

Personally, I don't know know how it's possible to spoof IP addresses. Spoofing mail headers and email addresses is simple, but I'm unaware that it was possible to spoof an IP address. Not saying it's impossible, just that I'm not sure how.

In order to be fully guaranteed of a hosting solution, running your own server would be the biggest guarantee. Companies like PowWeb in the shared hosting business have to protect the majority. If that means telling a customer that they need to find another hosting company, they'll do it.

Originally posted by tbonekkt
Personally, I don't know know how it's possible to spoof IP addresses. Spoofing mail headers and email addresses is simple, but I'm unaware that it was possible to spoof an IP address. Not saying it's impossible, just that I'm not sure how.
It's actually rather easy - if all you're trying to do is generate a denial-of-service attack (you don't need to (or want to) get responses back from the server).

Real DDOS attacks (like riz posts about) are a real issue that can't be simply blocked with an .htaccess file (what most people post to these forums as 'DOS Attacks' aren't).

Riz: lukeski's answer is a good one. Powweb's rice of $7.77/mo means that they can't do want you'd want them to do - or they'd run out of money and be out of business. At this price point, hosts depend on the fact that most customers don't cost that much to support and that there aren't many costing them more then their hosting fee.

Your only real option is to go with a dedicated server or co-location package and hope that they can handle a DDOS attack.

Originally posted by RocketJeff
It's actually rather easy - if all you're trying to do is generate a denial-of-service attack (you don't need to (or want to) get responses back from the server).

Real DDOS attacks (like riz posts about) are a real issue that can't be simply blocked with an .htaccess file (what most people post to these forums as 'DOS Attacks' aren't). Very interesting. I never knew it was possible to spoof an IP address. See - ya learn something everyday :)

admitting that you are a target of dos attacks won't make you very popular,

ok thanks guys. i am now understanding a bit more about the shared hosting. we do understand that the dos attacks effect the whole network'sbandwidth and server loads. we are not so self absorbed not to know the effect and work put in by the hosts, the smallest host we used was the one who did make the most effort to help us.


we are advising each host we have been with that we will get targeted, we have been totally up front with them.


In the past Powweb has worked with users to block these types of attacks, but if the ip addresses of the attacks keeps changing there isn't much you can do, and I would expect that your site wouldn't be around for very long.

we need to be around, unfortuantly if it means changing hosts every time we get attacked then we will continue to do so, we have lasted 1 year and are not about to give in to the cheaters/script kiddies who are so desperate to "win"


I know, it doesn't seem fair to you, it is not cool, but that is the downfall to a shared hosting enviromenment and it the responsibility of the PW administrators to look out for the good of the masses. If your site has that many problems and requires that amount of attention by the administrators, maybe you should consider dedicated hosting. I know it would be more expensive that 7.77 a month, but do you really expect to get someone guarenteeing your site not geting hacked for that price?



agreed, it sux bigtime when all we wanna do is help ppl :(

we are currently surviving and paying for hosting through donations and we are halfway to the point of raising enough to buy our own dedicated server and haveing it colocated somewhere but its out of our reach just now.

we dont expect to get much for 7.77 per month, but to be honest we do not know how much to expect to pay that is why i am doing the rounds looking for advice and hoping to get some info on what it is i actually need, then i can look at prices to see how affordable they are.


luke, thank u for your advice it has been taken on board



tbonekkt

my question was this.

I do not know if there is such a thing, but if we were to sign up to Powweb, would they be able to protect us and give us some form of guarentee that should we be attacked again that they can keep us online?

your reply being

Well, if you know the IP address(es) of the people heading up the DOS, using an .htaccess file you can block those IP addresses.


has absolutly nothing to do with me asking if this company has can protect us or not, dont u think that out of 4 hosts one of them might just have had enough computer knowledge to know how to do something that simple instead of kicking us off their servers?

as for your second reply

i couldnt give a rats *** if u know about ip spoofing or not ( if u dont and want to be a smart *** i suggest u go start asking google). If we were able buy and host our own server, dont u think we would have tried that by now? tell me tho, how it can be a guarentee that we could stop ourselves from being attacked is beyond me though.

are u a mod on this site or do u just post useless comments for no reason wherever u go?

Originally posted by RocketJeff
Your only real option is to go with a dedicated server or co-location package and hope that they can handle a DDOS attack. [/B]


is it posible to rent a dedicated server as opposed to buying one and having it colocated?

do u know of any respectable companies that offer such a service?

Originally posted by riz
tbonekkt

my question was this.

I do not know if there is such a thing, but if we were to sign up to Powweb, would they be able to protect us and give us some form of guarentee that should we be attacked again that they can keep us online?

your reply being

Well, if you know the IP address(es) of the people heading up the DOS, using an .htaccess file you can block those IP addresses.


has absolutly nothing to do with me asking if this company has can protect us or not, dont u think that out of 4 hosts one of them might just have had enough computer knowledge to know how to do something that simple instead of kicking us off their servers?

as for your second reply

i couldnt give a rats *** if u know about ip spoofing or not ( if u dont and want to be a smart *** i suggest u go start asking google). If we were able buy and host our own server, dont u think we would have tried that by now? tell me tho, how it can be a guarentee that we could stop ourselves from being attacked is beyond me though.

are u a mod on this site or do u just post useless comments for no reason wherever u go? As RocketJeff pointed out, most users here refer to DOS when not actually being DOS attacks. In those situations, my reply of using an htaccess file works just fine. If you had explained the extent of the attacks against your site, I wouldn't have even suggested it since it would be an ineffective method.

Don't chastise for giving opinions. This is the Open Discussions forum.

And yes, I am a mod at these forums (Email & Domains/DNS) - an honor I take seriously and objectively.

Originally posted by riz
is it posible to rent a dedicated server as opposed to buying one and having it colocated?

do u know of any respectable companies that offer such a service? There are many companies that offer these types of services. If you PM me, I'll give you the name of one that my employer uses.

Just be aware that these services don't come cheap.

PowWeb doesn't appreciate advertising other web hosting companies in their community.

I'm curious, what kind of DOS are we talking about? Is it just an ICMP flood, or is it a half-open tcp flood on port 80, or what? I'm just curious. :D

What kind of site are you running to attrack that kind of persistent attention from the attacker?

Have you tried to change domain names?
Have your tired moving to a deticated IP?
Also look for hosting that uses the latest Cisco software with their routers.
Most smart filtering in the new cisco firmware will just block IP's making 1000 requests every 30 seconds.

and most DOS attacks come from unsuspecting ppl infected with a DOS trojan that's pre-programmed to attack a specific Domain or IP.
So its not really IP spoofing

Originally posted by riz
if we were to sign up to Powweb, would they be able to protect us and give us some form of guarentee that should we be attacked again that they can keep us online? I can give you a definitive answer on this: absolutely not.

What you are asking for is someone to take on your problem as their own, and bear the brunt, responsibility and cost of "protecting" you from attacks that you know are going to come regularly.

An attack on an unsuspecting site is one thing, and we try to work with the victims of such attacks as much as possible when they occur (not often), but when you know it is coming, that's not the same thing. That is just asking for trouble.

Someone else suggested changing your domain name, and I think that's the best advice you could get.