Google Cloud Locations (e.g. 8.8.8.8)
- NT$25,000/年
BGP Providers: https://bgp.services
Recommended: Vultr, Packet, SoftLayer
DDoS protection - Using Netfilter/iptables @ DevConf.cz Feb 2014
- Disable TCP loose mode
- Disable TCP forwarding
- Enable SYN cookies
- Enable TCP timestamping
- Use SYNPROXY module (Optional)
/etc/sysctl.conf
net.netfilter.nf_conntrack_tcp_loose = 0
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_timestamps = 1
net.ipv4.ip_forward = 0
- Use the
raw
table and thePREROUTING
chain - Use the
mangle
table and thePREROUTING
chain
Quote from Stress****
Monthly Price | |
---|---|
15 Gbps | 9.99 USD |
60 Gbps | 179.99 USD |
225 Gbps | 1999.99 USD |
根據分享口頭補充
UDP 攻擊通常是從美國
TCP 攻擊通常來自歐洲 (偽造IP)