DDOS, What can be done about it?

Post Reply New Topic

Hey.
Im thinking about setting up a company at one point.
Its going to be a gaming company IF it takes off.
The problem is, if it gets DDOSed what could I do about it?
Not much I know. But lets say this DDOS took down my site for 48 hours.
Would I send a cease and disist? How would I know who to send it to?
I need to know so I know what needs to be done when setting up a company.

This page has information on the different types of DDOS attacks and how to prevent and respond to them.

Dealing with DDoS attacks is annoying, but certainly possible. DDoS attacks work by overflowing the target with packets that it has to deal with. The challenge isn't necessarily the bandwidth used, but the packets-per-second. The idea behind mitigating a DDoS attack is blocking the incoming packets, while forwarding all other traffic to the host. There's plenty of free and proprietary software and systems to do this, however the challenge is getting something beefy enough to handle the traffic in terms of pps.

The other big thing that can be done to mitigate DDoS traffic is splitting the traffic between multiple servers. This is called "load balancing". Again, there are tons of different solutions for this - the challenge is sizing it to handle whatever is thrown your way.

If this is, as I suspect, going to be hosted on equipment belonging to and housed at some company which specialises in web-hosting, there's probably not much you can do about it directly, because much of what you'll need to work with won't be under your control.
Would you be given a completely free choice in how (say) Apache or PHP is configured on their hardware? Or their IP stack? Would you even be allowed to set up your own firewall on their equipment?
You'd probably only be able to make sure the company isn't using some ancient and attack-prone version of Apache/PHP, although it would also make sense to find out exactly what they have installed to mitigate any such attacks. The plus-point is that since they will be hosting your site, it will be their responsibility to deal with DDOS; the minus-point is that they may have no such plans in place. All of this should be made clear in some sort of service level agreement from them before you sign up, and you should nail this down tightly: they'd be hosting what could be a valuable resource to you so make sure you're clear on the range and depth of their responsibilities to you as their client.
Beyond that, it's largely up to you as the creator of the site content to make it as secure as possible - and that mostly comes down to careful coding.

Attempting to issue cease and desist orders is all very well if you can prove the attack originates from your own country - and of course you'd also need the legal muscle and finances to pursue any such action. If an attack originates from overseas then multiply your problems and financial outlay by a few hundred.
A cease and desist order isn't exactly a universal command from God and can just be ignored: it would only have a legal basis within the country in which it's issued, so you'd probably need to initiate any such action from within the country the attack is coming from. Good luck with that!

Any outcome from a cease and desist order depends on what you're able to put into it to give it weight and muscle-power.
Simply saying "stop that!" won't work, I'm afraid.

[quate]
A word of caution, however; game hosting in particular has an awful profit margin, and it's not a business I'd recommend anyone get into.[/quote]
I do agree with that. But I want to try it at least.
Im going to be developing my own game and waiting for it to get popular. Very childish of me to think it will take off, your right though. The Gaming industry is a terrible place to be in, in some cases.

The only other thing to put to this is to make sure you are insured correctly. If this type of attack was likely to damage your company then I would look into financially insuring against such an event.