What is DDoS
DDoS attacks: actual threat
Today, the DDoS (Distributed Denial of Service) attacks become increasingly popular among computer hackers. The aim of such an attack is to block the access to a particular web resource for legal users, or at least to hamper it as much as possible. Two types of interference are used for this: attack on the communication bus, which they intentionally «clog» with a huge mass of unnecessary data, and attack on the servers that maintain the web resource, making them to process a lot of false requests, in order to exhaust their productive capacity
DDos attack on the inside
Network attacks of DDoS type are performed with the help of a botnet (zombie network) — a huge number of computers that are infected by a special malicious software, from which, on command from the control center (from the attacker) multitude requests are sent to the computer, blocking the access for legal users. Capacities of the existing botnets are enormous: in some of them there can be more than 1 million computers and servers distributed all over the world that run under control of the attackers.
Why the existing security methods are ineffective?
There are several ways of protection from DDoS attacks, which aren‘t sufficiently robust even against small but well-planned and well-organized attacks:
- Firewalls, IDS\IPS systems: they are used directly for the protected web resource and are powerless against the communication bus overflow;
- Routing into «black holes»: this method is used by the providers and its essence lies in redirecting the attacking traffic. During this process, legal requests are redirected as well — so the attackers reach their goal, as the resource becomes unavailable for users;
- Proper system configuration: it is effective only for small and poorly prepared attacks;
- Repeated reservation of resources: it’s an extremely expensive and, therefore, unavailable method for the majority of the companies.
Solution from REG.RU
Reg.Ru offers its own turnkey solution for protecting your web resource against DDoS attacks. It is based on proxying a clients’ traffic into the traffic purification Center, after which the purified legitimate traffic will be redirected back to the client’s server.
You don’t have to transfer your web resource into our hosting server. Your project remains on your server. The assistance to an affected website is rendered extremely fast: the process of connecting takes several minutes, its duration depends only on the time of refreshing the DNS A-records of the client’s resource.
The advantages of the REG.RU solution
- Completely automated order system in «one click»;
- Only legitimate traffic is paid regardless of strength and duration of an attack, number of attacks;
- You can use the service beforehand to prevent the attacks, and during an attack as well;
- The minimum extension period is one week;
- Possibility of load balancing (the legitimate traffic can be evenly distributed among multiple servers of the web application).
Your web resource has been attacked?
If your web resource is «under attack» and you’ve decided to use our service, follow the sequence of steps given bellow:
- You order the protection service FREE OF CHARGE, indicating the domain names and IP addresses of the servers, which you want to put under protection (you can indicate several IP addresses if there is a need to organize load balancing).
- In one minute after ordering and activating for the service, a notifying letter will be sent to the owner’s e-mail, in which the IP address of the defender security server will be indicated. You enter this IP address into the DNS of the protected domain / domains, so that all traffic (both legitimate and non-legitimate) is redirected to our defender security server.
- The defender security server cleans and proxies the traffic into the IP address of the web servers of the client. The web servers of the client receive only purified traffic.
- When putting a website under protection, after DNS change, bots might not immediately respond to DNS change and continue to attack your server directly; so to reduce the load on the client’s web server, you can set the firewall rules to stop all incoming traffic except the traffic that comes from the IP of the defender security server. The corresponding firewall rules will be described in the manual, which you’ll automatically receive after starting the service.
- A security service for testing purposes is available free of charge for one day. If you’re satisfied with the quality of protection, after expiration of testing period you can choose one of the service plans and pay the service for minimum of one week period.