# DDoS Protection Sites?



## Derpec (Aug 5, 2014)

Yes, I was just wondering how do people make these DDOS Protection Sites that just offer protection, etc.


----------



## Enterprisevpssolutions (Aug 5, 2014)

Are you talking about the reason they are offering the protection or the technology behind it?


----------



## DomainBop (Aug 5, 2014)

http://blogs.verisigninc.com/blog/entry/ddos_blog_series_1_4


----------



## Derpec (Aug 5, 2014)

Enterprisevpssolutions said:


> Are you talking about the reason they are offering the protection or the technology behind it?


I'm talking about offering it? like what do they use to create the DDoS Packages, etc.


----------



## DomainBop (Aug 5, 2014)

Derpec said:


> I'm talking about offering it? like what do they use to create the DDoS Packages, etc.


If you want to setup your own DDoS protection business (as opposed to reselling someone else's DDoS protection service which is what the vast majority of "DDoS Protection" services do) then you should be prepared to spend a few million on DDoS mitigation equipment and have a ton of available bandwidth.


----------



## Schultz (Aug 5, 2014)

DomainBop said:


> If you want to setup your own DDoS protection business (as opposed to reselling someone else's DDoS protection service which is what the vast majority of "DDoS Protection" services do) then you should be prepared to spend a few million on DDoS mitigation equipment and have a ton of available bandwidth.


Not to mention having staff 24/7/365 to handle mitigation as heuristic systems dont always engage or work fast enough


----------



## Kruno (Aug 5, 2014)

DomainBop said:


> If you want to setup your own DDoS protection business (as opposed to reselling someone else's DDoS protection service which is what the vast majority of "DDoS Protection" services do) then you should be prepared to spend a few million on DDoS mitigation equipment and have a ton of available bandwidth.


Not necessary. Having a good network provider with big network who can do ACLs on the core network plus a few 10GE servers is enough to handle up-to 100gbps of UDP and 10M pps of SYN if you know what you are doing. Investment < 1000eur/mo. 

Remember, incoming bandwidth is not billed. Big networks pay what they use more, and it's just outgoing in most cases.

The easiest way is to buy Staminus 10GE and 2M pps for $800/mo or CNServers for a bit less of course. Works well and it is recommended if you are unable to deploy your own systems.


----------



## Derpec (Aug 5, 2014)

Thanks for the positive answers, I don't think I will be going with this "area" I was just wondering on how people make these type of things, etc.


----------



## Idler (Aug 6, 2014)

There are some hardwares and some protocol configurations with ip filtering  im not pretty sure how but i know those 2 for sure


----------



## MonsteR (Aug 13, 2014)

Collocate somewhere nice, Get a fibre cross connect to a DDoS Mitigation providers you would need to do research before you collocate but that is the way to get started after you get going it would be best to invest in your own DDoS protection or Mitigation systems and network infrastructure.


----------



## Profuse-Jim (Aug 13, 2014)

DDoS Mitigation hardware isn't cheap.

You can look into GRE tunnels.


----------



## MonsteR (Aug 13, 2014)

Profuse-Jim said:


> DDoS Mitigation hardware isn't cheap.
> 
> You can look into GRE tunnels.


Only issue with GRE Tunnels is general speaking the latency, but sometimes its bearable.


----------



## drmike (Jun 10, 2015)

MonsteR said:


> Only issue with GRE Tunnels is general speaking the latency, but sometimes its bearable.


There is less latency when you steal other provider's GRE tunnel doc...

Link: http://www.raptornode.com/client/knowledgebase.php?action=displayarticle&id=32

In such it says:

*"A RaptorNode filtered IP ($3.00/m per IP. 209.141.38.x & 209.141.39.x are the current filtered subnets)"*

Those IPs are BuyVM's and so is that doc.  Tssk.

PS: and you stole their IPSEC doc:

http://www.raptornode.com/client/knowledgebase.php?action=displayarticle&id=44

vs.

http://wiki.buyvm.net/doku.php/ipsec

Kids in this industry...


----------



## Francisco (Jun 10, 2015)

Francisco


----------



## TheLinuxBug (Jun 11, 2015)

> Posted Yesterday, 11:56 PM
> 
> 
> 
> Francisco



Did you even read that wall of text they put in that LET blurb.  LOL.

Sad they were too lazy to write up their own docs and just 'borrowed' yours.


----------



## Francisco (Jun 11, 2015)

TheLinuxBug said:


> Did you even read that wall of text they put in that LET blurb.  LOL.
> 
> Sad they were too lazy to write up their own docs and just 'borrowed' yours.


I guess he never removed it or his investigation never saw an issue with it.

Francisco


----------

