# List of providers who offer DDoS protection.



## MannDude (Nov 11, 2014)

I see there is no list of this available to those who need it, so I figure I'll start one as a resource. Just respond with the required information and I'll add it to the list. Providers listed in alphabetical order and include link to website, filtering locations, and filtering price. I'm just adding the ones that I know and have used, feel free to respond with others and I'll add those too. Contact the provider for more information about their filtering options as this isn't going to be as complete as you may want to make an informed decision when shopping for protection.


BuyVM - Las Vegas / New Jersey - Filtered IP $3.00/mo extra
EnterpriseVPSsolutions - Tampa Florida / Dedicated Servers only(?) / "DDOS protection Up to 48 hours per month of 1Gbps DDOS protection for our dedicated server offers"
Limestone Networks - Dallas, Texas / "We offer both free and paid versions of DDoS protection. Free comes standard."
Prometeus/IWStack - Milan, Itally / "1. available as an add-on  2. not available on all Prometeus Milan offerings (they use SeFlow for DDoS protection)

http://www.prometeus...-protection.php "

Psychz Networks* - *LA / Dallas -- Free 2Gbps/750K PPS, paid starting at $49/mo for 6Gbps/6Mil pps
RamNode - NYC / Atlanta / Seattle / Amsterdam - Filtered IP $5/mo extra
Rivalhost - Kansas City / "Unsure if their own filtering or what."

Ready2Frag - Chicago / "We offer 4Gbps of mitigation as standard in our Chicago location. As of right now, it comes with all services except special/reduced-price dedicated servers."

RootLevelTech (URPad/Semoweb) - Los Angeles filtering via Blacklotus.

SecureDragon - Portland - No filtered IP addon for regular VPS, DDoS filtered plans start at $9.99/mo
SeFlow - Milan, Italy / "SeFlow dedis come with 500Mbps free protection, CloudFlow comes with 1 Gbps free protection - higher protection levels available for $$$

http://www.seflow.ne...dicati/ddos.php "

ZetServers - Romania(?) / See site for additional details.


Also, a slew of OVH resellers.


----------



## Nett (Nov 11, 2014)

Various OVH providers.


----------



## splitice (Nov 11, 2014)

Well I am not a VPS provider, but I am providing DDoS protection.


Buyvm uses staminus not cnservers.


----------



## Profuse-Jim (Nov 11, 2014)

We offer DDoS mitigation from Los Angeles, CA.

Dallas, TX is coming online within a few weeks where we'll offer DDoS mitigation from there as well.


----------



## HalfEatenPie (Nov 11, 2014)

splitice said:


> Buyvm uses staminus not cnservers.


They use both I believe?


----------



## Enterprisevpssolutions (Nov 11, 2014)

We offer DDOS protection Up to 48 hours per month of 1Gbps DDOS protection for our dedicated server offers at the moment we are working on a solution to start offering 10G filtering on all of our products within the coming months.


----------



## splitice (Nov 11, 2014)

HalfEatenPie said:


> They use both I believe?


Nope, Staminus Channel in all 2 (to be 3) locations.

Staminus L.A -> LV

Staminus NY -> NJ

Staminus NL -> LU


----------



## HalfEatenPie (Nov 11, 2014)

splitice said:


> Nope, Staminus Channel in all 2 (to be 3) locations.
> 
> Staminus L.A -> LV
> 
> ...


Huh. I guess you're right.

Odd, I thought they had both Staminus and CNServers.

Anyways, I know SecureDragon uses CN


----------



## KuJoe (Nov 12, 2014)

Yup, we host our Portland nodes in CNServers.


----------



## KuJoe (Nov 12, 2014)

Oh, and a nice little link for those needing something cheaper: https://securedragon.net/ddos/


(Can't edit on mobile. )


----------



## trewq (Nov 12, 2014)

@KuJoe you can, just tap on your post and more options will appear.


----------



## DomainBop (Nov 12, 2014)

SeFlow/CloudFlow/CloudOne- SeFlow dedis come with 500Mbps free protection, CloudFlow comes with 1 Gbps free protection - higher protection levels available for $$$

http://www.seflow.net/dedicati/ddos.php

Prometeus/IWStack in Milan - 1. available as an add-on  2. not available on all Prometeus Milan offerings (they use SeFlow for DDoS protection)

http://www.prometeus.net/site/ddos-protection.php

edited to add: they're not a VPS provider but Online.net also offers free basic DDoS protection ( higher protection levels are also available for reasonable fees)


----------



## KuJoe (Nov 12, 2014)

@trewq Thanks for that! 


Edit: I can edit!


----------



## Aldryic C'boas (Nov 12, 2014)

MannDude said:


> IFor example I'm pretty sure BuyVM uses CNServers in Las Vegas for filtering and Staminus in New Jersey,





HalfEatenPie said:


> They use both I believe?


Newp, Staminus for both. CNServers had a *TON* of issues, and a rather annoying tendency of 'solving' problems by telling us "Get rid of this client, they run a CN gameserver and we won't protect them".  Funny how many US/CA/UK/etc clients we had running Chinese games....

Also worth mentioning... Fran's hinted at it before, but coming _SoonTM_ we'll also be offering a second type of filtering - up to 100GB burst, purely for volumetric hits.  Pricing still to be determined... but you know us, it'll still be ridiculously affordable :3


----------



## drmike (Nov 12, 2014)

Not recommending any of these brands, mentioning them only:

Rivalhost -https://www.rivalhost.com/ddos-protected-vps.php  - offering out of Kansas City.  Unsure if their own filtering or what.

https://zetservers.com/ddos-protected-vps.php - Romania mentioned.

vpsflare.com - offers various filtering options from multiple locations.


----------



## rds100 (Nov 12, 2014)

I see many US based options and not so many EU based options.

Where are the OVH France based DDoS protected providers? Where are the voxility based DDoS protected Providers? And no, Voxility is not just in Romania (at least according to their website), they should also have Germany and other locations.


----------



## DomainBop (Nov 12, 2014)

rds100 said:


> Where are the OVH France based DDoS protected providers?


99.9% of them are probably in school right now and the other 0.1% will probably deadpool before I finish typing this post 

Since you mentioned OVH, Ginernet (a former OVH employee) uses OVH for filtering (via a GRE tunnel) of their VPS services in Spain.  Pricing is 3 € per IP.

https://ginernet.com/announcements.php?id=99


----------



## drmike (Nov 12, 2014)

rds100 said:


> I see many US based options and not so many EU based options.
> 
> Where are the OVH France based DDoS protected providers? Where are the voxility based DDoS protected Providers? And no, Voxility is not just in Romania (at least according to their website), they should also have Germany and other locations.


There aren't that many US options.  Just a half dozen or so DDoS filtering companies for real that have affordable visibility and most people just reselling that.  Surely there are others out there, probably ballooning prices though.

As for OVH, to see France offers probably are going to have to search in French language for them.  There are a few companies I saw in search, but unfamiliar with all of them and mega small so...

OVH only has provider visibility in North America because they are new still in Canada.  Providers with them aren't many and will likely see further reduction (similar to France non-visibility). Why?

It is hard to compete with OVH when they are tossing folks a 1GB VPS with protection @ $2.99 a month.  

Hell, even I'd give OVH a try on that, but they have that el crappy 100Mbps port speed which I just can't stand. Plus their whole cart signup thing drives me bat shit.


----------



## drmike (Nov 12, 2014)

DomainBop said:


> 99.9% of them are probably in school right now and the other 0.1% will probably deadpool before I finish typing this post


 opcorn:


----------



## HalfEatenPie (Nov 12, 2014)

Aldryic C said:


> Newp, Staminus for both. CNServers had a *TON* of issues, and a rather annoying tendency of 'solving' problems by telling us "Get rid of this client, they run a CN gameserver and we won't protect them".  Funny how many US/CA/UK/etc clients we had running Chinese games....
> 
> Also worth mentioning... Fran's hinted at it before, but coming _SoonTM_ we'll also be offering a second type of filtering - up to 100GB burst, purely for volumetric hits.  Pricing still to be determined... but you know us, it'll still be ridiculously affordable :3


http://www.youtube.com/watch?v=PTvTLvkiAbI


----------



## Francisco (Nov 12, 2014)

drmike said:


> It is hard to compete with OVH when they are tossing folks a 1GB VPS with protection @ $2.99 a month.


Especially when they're also throwing 18 months of free service into the mix as well.

I almost feel bad for all the OVH VPS providers that are going to get suckered by their own DC. I said almost because, really, it's OVH, you should've known better.

Francisco


----------



## LimestoneNetworks (Nov 12, 2014)

We offer both free and paid versions of DDoS protection. Free comes standard.


----------



## lbft (Nov 12, 2014)

For the sake of completeness:


AlienVPS has Awknet LA filtered IPs in their Las Vegas location Edit: apparently not any more, although it's still listed on their website
Root Level's brands in LA (Semoweb, URPad etc.) have Black Lotus filtering on all their IPs.
No idea what level of protection you get with either, but given my experience in the past (not related to DDoS, just service quality and support) I wouldn't want to depend on them.


----------



## Francisco (Nov 12, 2014)

LimestoneNetworks said:


> We offer both free and paid versions of DDoS protection. Free comes standard.


What does free cover?

Francisco


----------



## KuJoe (Nov 12, 2014)

I see a lot of "free DDOS protection" advertised on WHT but it ends up meaning "free automated nullrouting"... maybe we need to define DDOS protection in the first post just to be safe.


----------



## Nett (Nov 12, 2014)

KuJoe said:


> I see a lot of "free DDOS protection" advertised on WHT but it ends up meaning "free automated nullrouting"... maybe we need to define DDOS protection in the first post just to be safe.


One is protection, the other one is mitigation.


----------



## KuJoe (Nov 12, 2014)

@Nett How does making your VPS unrouteable count as protection or mitigation? Protecting other clients yes, but advertising it as protection to the buyer implies it protects the buyer.


----------



## Nick_A (Nov 13, 2014)

We're $3/mo in Seattle just to be specific. Good post MannDude.


----------



## OSTKCabal (Nov 17, 2014)

We offer 4Gbps of mitigation as standard in our Chicago location. As of right now, it comes with all services except special/reduced-price dedicated servers.


----------



## GIANT_CRAB (Nov 17, 2014)

Francisco said:


> What does free cover?
> 
> 
> Francisco


Basic Protection - Free

 

The basic protection that comes with all of our services is a mix of automated and manual detection in which a pre-defined set of rules is used to mitigate small attacks. If large attacks take place, we will disable the IP being attacked so that the rest of the IPs and services on your server continue to operate.

Extracted from: https://www.limestonenetworks.com/data-center/ddos-protection.html


----------



## beechtreellc (Nov 19, 2014)

We offer a complete IDS solution in front of our Virtual Data Centers, which includes DDoS protection, at no addtional cost.


----------



## MannDude (Nov 19, 2014)

Updated the original list to contain more than the original 3 I knew of. Will add more as they're provided.


----------



## dkstanson (Nov 28, 2014)

For price under 5$, DDoS protection is very important. Two of VPS gots suspended because they were compromised to send DDoS attack. So never host your important sites on cheap VPS


----------



## KuJoe (Nov 28, 2014)

dkstanson said:


> For price under 5$, DDoS protection is very important. Two of VPS gots suspended because they were compromised to send DDoS attack. So never host your important sites on cheap VPS


How does the price of a VPS affect your inability to secure it? Regardless if you pay $1 or $1000 for the VPS, if you do not take the appropriate steps to secure your own VPS you cannot fault the provider or the cost of the VPS. Also, DDOS protection does not protect against outbound attacks, that's something the client needs to do on their own.

Seriously, I am not sure if you are trolling or genuinely ignorant of technology.


----------



## HalfEatenPie (Nov 29, 2014)

dkstanson said:


> For price under 5$, DDoS protection is very important. Two of VPS gots suspended because they were compromised to send DDoS attack. So never host your important sites on cheap VPS


DDoS Protection is mostly protection from inbound connections.  

If your VPS were suspended because they were compromised and sending *OUT *a DoS attack then that means you've *failed to secure your VPS*.  If this is an unmanaged service (most likely), then this is the customer's responsibility, not the provider. 

Here's a good start: https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps

Like what @KuJoe said, the price doesn't matter if you don't take proactive measures to secure it.


----------



## Husky (Nov 29, 2014)

dkstanson said:


> For price under 5$, DDoS protection is very important. Two of VPS gots suspended because they were compromised to send DDoS attack. So never host your important sites on cheap VPS


The stupid.... it hurts.

Learn to secure your VPS moron.


----------



## SpartanHost (Nov 29, 2014)

We also provide DDoS Protection through CNservers, 20Gb/s. It's included in all Seattle services - Dedicated Servers and VPS's.


----------



## GreenHostBox (Nov 30, 2014)

Are you listing only VPS providers or does shared/reseller hosting also count?


----------



## drmike (Nov 30, 2014)

GreenHostBox said:


> Are you listing only VPS providers or does shared/reseller hosting also count?


Shared and resellers fine I'd think.

Nice to have protection on shared hosting


----------



## Oliver (Dec 1, 2014)

RansomIT offers DDOS mitigation/protection at no extra cost in Sydney and Auckland only. The upstream provider for these POPs runs their own NSFOCUS hardware in the US (but on their network) to filter traffic before it even crosses the Pacific.


----------



## HH-Abdullah (Dec 3, 2014)

We at HostHatch also offer protection through Staminus. $5/mo and in two locations - Amsterdam and Los Angeles.


----------



## OpticServers (Dec 6, 2014)

OpticServers LTD Provides 40Gbps DDoS Mitigation (Arbor Networks) and we use some extra steps at our edge such as a perimeter firewall to filter out TCP Based Floods as a standard on all IP's.


----------



## ChrisM (Dec 7, 2014)

LimestoneNetworks said:


> We offer both free and paid versions of DDoS protection. Free comes standard.





Francisco said:


> What does free cover?
> 
> 
> Francisco


@LimestoneNetworks I am also interested in hearing what the free version of DDoS protection covers. Also do you do colocation yet?


----------



## Kruno (Dec 8, 2014)

We at KnownSRV have DDoS protected servers and nginx-based proxies as well.

We utilize our own protection systems in the Netherlands which run on 2x 10gbps and can handle up to 20gbps(or up to 100gbps if we apply ACL on the core network) and 2M pps. It's not perfect but we are adding new rules and improving platform on a daily basis. We also use Voxility's DDoS protection as 2nd POP which can handle up to 500gbps with no pps limits according to them.

It's configured as anycast-based /24 on our ASN with NL and RO POPs, which allows us re-route traffic over RO/Voxility if attack is too big to handle in the NL. We aim to add more hardware and network capacity in the NL over time, so we can handle bigger attacks on our in-house platform rather than reselling Voxility.

No public offers at this time, but feel free to ticket us if you are interested. Note: Not really budget-friendly comparing to most of providers above.


----------



## LimestoneNetworks (Dec 11, 2014)

Chris Miller said:


> @LimestoneNetworks I am also interested in hearing what the free version of DDoS protection covers. Also do you do colocation yet?


Hi, I'm very sorry to have missed your inquiries. I've been seriously busy.

Our basic protection that comes with all of our services is a mix of automated and manual detection in which a pre-defined set of rules is used to mitigate small attacks.  If large attacks take place, we will disable the IP being attacked so that the rest of the IPs and services on your server continue to operate. It's good for attacks under 2Gbps.

We do not offer colocaction at this time, but it's being considered.


----------



## ParkInHost (Dec 14, 2014)

We Parkinhost provide DDOS protection.


----------



## DomainBop (Dec 15, 2014)

add this one to the list and the DDoS protection is free (and not from OVH)...

_VPSBoard exclusive, I guarantee you will never see this one featured on LowEndBox._ 

from an email that just arrived...



> End of Reality is pleased to announce a new level of DDoS protection now active on all of our services in Los Angeles, California at no extra cost!  We now offer up to 10gbps / 20million PPS of protection and onsite traffic scrubbing in our LA facility.
> 
> This truly a first for the hosting industry - we now have a 100% Premium Bandwidth (Internap Performance IP) DDoS protected network!


----------



## Nett (Dec 15, 2014)

@DomainBop http://lowendtalk.com/discussion/39179/end-of-reality-ddos-filtering-in-la


----------



## splitice (Dec 15, 2014)

@Nett was just about to say the same. Gotta stop getting distracted when posting!


----------



## drmike (Dec 15, 2014)

DomainBop said:


> add this one to the list and the DDoS protection is free (and not from OVH)...
> 
> _VPSBoard exclusive, I guarantee you will never see this one featured on LowEndBox._
> 
> from an email that just arrived...


End of Reality... who is doing their filtering?

And the reason why you won't see that on LowendGhetto is because of some odd tiff between EoR and Colocrossing.   Where CC couldn't and didn't deliver servers for contract for months.  While CC claims they were owed money.

It would be nice to get Jeremiah Shinkle back here for story telling time about what really went down as he and Robbie (owner of EoR) were/are supposedly best friends.


----------



## DomainBop (Dec 15, 2014)

> End of Reality... who is doing their filtering?


They're getting the filtering in LA through Internap and Internap is using Proxlexic.  The DC for the LA location is CoreSite, singled homed to Internap. The LA location is using AS63018 IPs (losangelesdedicated.net, also owned by Robbie) .

They're still using Ubiquity in Chicago/Dallas/NYC, Hetzner in Germany, Redstation in the UK, and AltusHost in Sweden.


----------



## AThomasHowe (Dec 16, 2014)

Honest question, is 2-10Gbps protection actually worth anything? I know shady characters lie but I feel like I could very easily and cheaply smash though that protection with a few $ on HackForums. What's adequate protection if you aren't a regular victim of DoS/DDoS attacks but would like to be well prepared?


----------



## splitice (Dec 16, 2014)

Some *estimations *given tests performed and attacks seen.

Free stressers (e.g ipstresser) put out 500 - 2Gbps (up from last year). 

Some cheap ones 5-8Gbps.

Some decent/better cheap - moderate ones 10 - 25Gbps.

There are more private ones that are 40Gbps plus.

And some private / botnet attacks that are absolutely massive (e.g 100Gbps+) but those are rare / costly.

We don't see many nullroutes on our italian protection, and its burstable to 7.5Gbps. Most of those who did get null-routed on those services are Gameservers, which are natural DDoS magnets.


----------



## AThomasHowe (Dec 16, 2014)

So 20-25Gbps is a good target?


----------



## Aldryic C'boas (Dec 16, 2014)

It also depends on what you're running - certain types of attacks (L7, etc) can really wreck your day regardless of your filtering if you don't have competent techs ready to analyse and adjust to the attack.


----------



## splitice (Dec 16, 2014)

less than 20Gbps is probably 80-90% of attacks. Perfectly fine if you aren't an attack magnet. More and more game servers, and similar attack magnets are needing >20Gbps now days. But not everyone needs it.

My recommendations would be:

2-4Gbps: Dont bother. Only people hitting this low are free stressers, might as well go for something a bit bigger, it wont cost much more.
4 - 10Gbps: Small Buisness / Small Service / Small personal site / etc - non attack magnet

10-20Gbps: Have been attacked before, or forsee it being likely. Anyone with a tech orientated audience should consider this (more likely to know strong stressers)

20-100Gbps: Popular Game servers, Popular Sites, Minecraft (!) etc

100Gbps+: If you are thinking about this, you probably wouldn't be asking on a public forum. Or you are unlucky.

Of course if you are reading this in the future factor in sizeable increases. 20Gbps is the 10Gbps of last year.

The US side of our site (we have two termination points) got hit with ~120Gbps last night (and a decent amount of Layer7). Usually attacks of that size are all amp (and this was), and if you have hardware ACLs and a decent amount of connectivity you can tank them.

Unfortunately the stressers only need say ~1gbps 10-20 servers (may even be less) and some decent amp lists.


----------



## splitice (Dec 16, 2014)

Aldryic C said:


> certain types of attacks (L7, etc) can really wreck your day regardless of your filtering


X4B was getting hit by some kind of PHP based L7 (UA pattern "PHP"), a cache buster pattern "/?=[num]" and a Joomla reflection attack earlier today. Not wrecking my day, couldn't care less. Aside from burning some bandwidth, pretty harmless. Its what we get for posting on LET these days. But yes, competent techs wrote that system 

If you have the tools at your disposal it really shouldnt bother you. Things like: semanic filtering (slowloris, rudy etc), static patterns, dynamic mitigation and user verification. Combine that with a ACLs for repeat offenders in an attack incident and you can usually ride through L7. L7 is usually much more reduced than L4 attacks since actual compromised machines (or compromised web services) are needed, not spoofing. This also opens the door for all kinds of analysis that you couldn't normally perform at L4-


what client is it?
what does fingerprinting say? does it match?
what happens if we spit out some browser verification js, does the right result get returned?
is the IP a server?
does this traffic resemble what we saw yesterday?
has this ip previously been involved in L7 attacks? what about its neighbourhood?
is TOR?
The list goes on, you just need to think of all the factors and come up with algorithms to turn values into the correct result.


----------



## AThomasHowe (Dec 16, 2014)

Aldryic C said:


> It also depends on what you're running - certain types of attacks (L7, etc) can really wreck your day regardless of your filtering if you don't have competent techs ready to analyse and adjust to the attack.


I am just talking pre-emptive measures, something that might help me sleep at night should the worst happen.

And thank you @splitice good posts.


----------



## HalfEatenPie (Dec 16, 2014)

splitice said:


> less than 20Gbps is probably 80-90% of attacks. Perfectly fine if you aren't an attack magnet. More and more game servers, and similar attack magnets are needing >20Gbps now days. But not everyone needs it.
> 
> My recommendations would be:
> 
> ...





splitice said:


> X4B was getting hit by some kind of PHP based L7 (UA pattern "PHP"), a cache buster pattern "/?=[num]" and a Joomla reflection attack earlier today. Not wrecking my day, couldn't care less. Aside from burning some bandwidth, pretty harmless. Its what we get for posting on LET these days. But yes, competent techs wrote that system
> 
> If you have the tools at your disposal it really shouldnt bother you. Things like: semanic filtering (slowloris, rudy etc), static patterns, dynamic mitigation and user verification. Combine that with a ACLs for repeat offenders in an attack incident and you can usually ride through L7. L7 is usually much more reduced than L4 attacks since actual compromised machines (or compromised web services) are needed, not spoofing. This also opens the door for all kinds of analysis that you couldn't normally perform at L4-
> 
> ...


Yep.  Yep.  Even more Yep.

Since vpsBoard was getting hit a few weeks back, I've been meaning to get into reading more about mitigation technology and just ways to handle it.  

So I'm assuming you guys get to have fun with people trying to "tank" your DDoS protection service?  I mean there's that other thread about someone DDoSing a test IP simply to "test it out"...


----------



## splitice (Dec 16, 2014)

@HalfEatenPie

Its a regular occurrence for us. Often see people go through all the attack methods too trying to break it. Could be competitors, could be testers. Could even be both at the same time.

I doubt a single person was behind the 120Gbps peak yesterday (2.4k views on a thread so a few people probably "testing" or competitors being douchebags). Anyway didn't cause any real incident, fell over to a location where AMP is ACL'ed so we were laughing (US visitors just lost their speed boost from local ssl termination & caching).

Its also the reason we try not to give out test IPs. They just end up being constantly nulled (20Gbps) or we would end up tanking the attacks constantly (resource waste). That doesnt bother me too much any more since its just an accepted fact now days. I would rather a stressed test IP than our homepage... so releasing test IPs has been considered.


----------



## vampireJ (Jan 1, 2015)

I don't read versaweb in here though I have not used them


----------



## GreenHostBox (Jan 3, 2015)

Here at GreenHostBox, we offer 20Gbps DDoS protection to all of our shared/reseller/VPS services at no additional charge. It would be great if you can add us to the list!


----------



## rds100 (Jan 25, 2015)

So who offers DDoS protection for ipv6?


----------



## William (Jan 25, 2015)

OVH and Online.net do as far as i know.


----------



## rds100 (Jan 25, 2015)

Online.net does? Does their DDoS protection work? I thought it's something "1 Gbps and then nullroute".


----------



## William (Jan 25, 2015)

Certainly:  https://prnt.li/Network_-_DDoS_alerts_-_Online___Dedibox_-_Console_1A7592F4.png - Top one was IPv6 as well.

This attacks ranged from 2-30G UDP/TCP and were mitigated after around 2-3minute downtime (sometimes caused my IRC ZNC to timeout (~255 seconds), sometimes not)


----------



## rds100 (Jan 25, 2015)

So they protect even the kidecheries? The 2 EUR ones? That's... amazing.


----------



## William (Jan 25, 2015)

I don't think they have much choice - Their custom solution (similar to OVHs, most likely Tilera ASICs with custom code) runs in front of the entire network (IIRC even the Illiad DSL/Fiber products are behind it on Business contracts)


----------



## DomainBop (Jan 25, 2015)

rds100 said:


> Online.net does? Does their DDoS protection work? I thought it's something "1 Gbps and then nullroute".


It works.  The free protection is Sevi M6-NG and has a delay of a couple minutes before it kicks in.  The paid  protection (€20 Advanced or €70 Curative) is Arbor Peakflow TMS-4100 and doesn't have a delay and gives you more control over the filters.


----------



## drmike (Jan 25, 2015)

It would be nice to not only hear about the companies who offer filtering but see notifications, graphs, etc.  they provide to end customer (where they actually do).

Gripe of mine so far as a customer of filtering is the black box approach where I haven't a clue of when, where or what happened.  I understand prior purchases are eating down the food chain and all....


----------



## splitice (Jan 25, 2015)

*IPv6*

We have the technical capability of doing IPv6 mitigation and three of our locations. We currently however do not offer it, we just don't have enough commit to offer it standalone with any serious volume - primarily due to the need for such filtering being so small. IPv6 is barely used both by clients, and by attackers. We enquired with one of our upstreams a while ago who protect a lot of IRC servers, we asked if they had ever seen IPv6 attacks, the answer was rarely - its been over a year since the last one.

Personally, we will keep working on the capability - we still need to upgrade and test a lot of more of our software to work with IPv6. We will aim to be ready before IPv6 attacks become mainstream, we have a timeline for that and honestly I think thats the best thing to be doing at the moment.

If you experience an IPv6 attack, remove IPv6 while it is occuring. Swapping around addresses could also help (hell, run a round robin of 100+ addresses and make it difficult to attack....). If someone has a legitimate problem with IPv6 attacks, you can contact us. We would be happy to try and help you out if we can.

*Graphing*

@drmike

While I must admit I like pretty things and to see the system working. I do know the difficulties costs involved in extracting the data for producing attack graphs. While it is possible in most cases to produce graphs, to produce them accurately usually produces extra load on systems, or requires additional hardware to measure flows. A lot of the time const cutting in order to meet the budgets of the desired audience can really impact this. There is usually a lot more to producing these graphs than just measuring the flow through the filters, most systems are able to send ACLs / rues to upstream routers to perform the heavy lifting (i.e a rule might be to drop fragmented UDP packets). 

Now this is not to say we don't offer attack details where we can, but accurate graphs can be a challenge.

*X4B.Net provides the following system data (currently)*

Notifications:

Notification on Nullroute

Notification on Un-Nullroute

Planned Notification:

Notification on Network Level Mitigation start (some locations)

Notification on Software / Layer 7 Mitigation start (optional)

Data Available:

Software / Layer 7 mitigation state: As well as providing Layer7 mitigation this layer takes care of Layer 4 mitigation events < 80k PPS / 800mbps and cleans up network level mitigation significantly. Activation Times and Dates are provided for this location, type of attack is available if we can categorize the dynamic filter created into a named category (DNS Amp, SYN Flood etc). Layer 7 status is also available for most attack types (Wordpress, Joomla, GHP Food, Enhanced Mitigation etc).







Network Level Status: In some locations we can provide information, on the state of mitigation at the network level. This usually includes a table similar to the one provided for Software level mitigation events and in the case of Italy (and hopefully soon another location) a graph. We can also get attack details via ticket for the locations we dont currently have information on, if you have a reason to need it.

Our staff do have access to some data visualization (its actually a 100/s packet sample), customers do not yet have access to this - the lack of scale and fairly raw nature of the data makes it problematic to display without inducing support tickets (Why was I nullrouted when attack is as big as the previous one? etc).


----------



## X3host (Jan 26, 2015)

Good info to know


----------



## robbyhicks (Jan 27, 2015)

Could you add us to the list? 

Thanks!


----------



## TO.oL (Nov 4, 2015)

I think you forgot to mention JavaPipe in your list. US based LLC, 10Gbps/2Mpps free DDoS protection included (upgradable).


----------



## Internetbrothers (Nov 4, 2015)

DDOS protection in Asia is expensive


----------



## TO.oL (Dec 19, 2015)

Another provider you might want to add to this already good list of DDoS protection providers is Javapipe. They have been around for some time and I used them in the past when I needed more application specific DDoS filtering for a client (they are pretty good in customizing the filtering rules depending on attack/application).


----------



## estnoc (Dec 19, 2015)

We offer Arbor Pravail and F5 mixed DDos protection for our servers located in Russian Federation. Also in Switzerland. Unfortunately this service is not for free. Since the end of coming January,same scheme will apply to servers located in Sweden and Estonia aswell.


----------



## BalkanVPS (Jan 6, 2016)

HostEasy in Moldova. Decent service. 500 Gbit/s DDoS protection from Voxility.


----------



## Powerfulbox (Jan 6, 2016)

cough cough....


----------



## ioZoom (Jan 7, 2016)

We provide DDoS protection.


IO Zoom - Los Angeles, CA filtering up to 20 Gbps included free with all plans.


www.iozoom.com


----------



## Fenzox (Feb 15, 2016)

Thanks for the information


----------



## LimestoneNetworks (Aug 22, 2017)

Just noticed we have some out-dated info on our DDoS protection posted here. Our new service offers up to 500Gbps of protection and unlimited packets per second. Also, in reference to another post in this thread, we're now offering colocation.


----------



## radwebhosting (Aug 23, 2017)

LimestoneNetworks said:


> Just noticed we have some out-dated info on our DDoS protection posted here. Our new service offers up to 500Gbps of protection and unlimited packets per second. Also, in reference to another post in this thread, we're now offering colocation.


+1 for Limestone DDoS Protection

Have never even noticed DDoS interference on our DDoS IPs at LSN


----------



## Strad Solutions (Nov 23, 2018)

Get Colocation Hosting In India & US - *StradSolutions*
Colocation is the process of housing your servers and networking equipment in the data center of a web hosting company. Customers co-locate their server machines in the colocation center of a third party. They get rented space in the colocation center. With our colocation hosting services, the customers can benefit from the economies of scale, which is not possible in in-house hosting. With our colocation services, we also offer physical security or your servers and equipment.


----------

