We protect our network very effectively against DDoS attacks by using detection software and pre-filters. The protection automatically detects and filters the "bad traffic" and protects IP addresses against DDoS attacks.
If you want to protect a website (HTTP or HTTPS) from DDoS attacks, we also recommend using Layer 7 Protection for greater efficiency. A DDoS attack can be detected and filtered much faster using Layer 7 Protection. When using SSL, it makes sense to store the certificate in the firewall software.
During an attack, the server remains accessible and you can use the services normally. Non-relevant ports are blocked as long as the attack continues, for example icmp for pinging.
There are different types of DDoS (Distributed Denial of Service) attacks. Basically, a DDoS is a "denial of service" that is intentionally caused by a large number of requests and thus leads to an overload of the data network or the server. DDoS attacks can target different layers (see ISO/OSI layer model). Compared to the past, current DDoS attacks often target the top layer (layer 7). Layer 7 is the application layer and is used to provide functions for the applications and is responsible for data input and output. Layer 7 attacks specifically target the protocols belonging to Layer 7, such as Telnet, FTP, NNTP, HTTP or SMTP. Compared to other DDoS attacks, Layer 7 attacks require far less bandwidth and packets to cause disruption to services. A low-level protocol attack such as SYN flood requires a huge number of packets to carry out an effective DDoS attack, whereas a Layer 7 attack only requires a limited number of packets to implement a large DDoS attack. The most common of the layer 7 attacks is HTTP flooding. Here, an HTTP request is sent to the affected server using significant resources and, although the number of packets is limited, they fully utilise all server resources and lead to a denial of service. Layer 7 protection is activated by us at your request, and we also store the certificate in the firewall software.
For customers with IP networks, we can activate an API that you can use to control the basic functions of DDoS Protection. With the API, you naturally also have the option of giving your customers access via your own interface.
The following ports have been implemented specifically for the operation of game servers:
Each L3 / L4 attack is checked by filter algorithms. Any deviation from the normal flow of an application tends to be treated as an attack.
Flood attacks (TCP, UDP, ICMP, DNS amplification) TCP vulnerability attacks / TCP stack attacks (SYN, FIN, RST, SYN ACK, URG-PSH, TCP flags) Fragmentation Attacks (Teardrop, Targa3, Jolt2, Nestea) At layer-7 level, we provide dedicated filters for HTTP GET flood and HTTPS. DNS filtering is also implemented at layer-7.