DDoS attack

  • Posted October 17, 2012

How long do you nullroute on an incoming DDoS attack?


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

DDOS attacks do not have a specific cause it is when an outside party targets a provider or a website and attempts to take it offline.

So what is the cause of the attack of 4th February ? My droplet has been unreachable all day.

If a server is getting DDoS our first priority is to mitigate the attack to restore functionality for all customers if they were affected then to get in touch with the customer who was DDoS’d to understand what they were running and why they were targeted. <br> <br>Sometimes they are the victim of an attack other times they can be running websites that break our AUP/TOS or are otherwise engaging in activity that violtes our AUP which is what drew the attack in the first place, in which case we correspond with the customer to understand the full situation before taking further action.

If, for example, a backend server is DDoSed, is it allowed to shutdown the instance and create another identical one from a snapshot (which should get it another IP)?

Every serious DDoS attack is very different and requires investigation to determine the origin of the attack, the type of attack and which services as well as which IPs are targeted, and also to asses the impact to the virtual server, the hypervisor, and the network at large. <br> <br>We can not disclose the specifics of how we go about mitigating DDoS attacks as that information can then be used to strengthen attacks, what I can reveal is that when an attack is large enough to cause issues all of our engineers are investigating the issue together and working to resolve it as quickly as possible.