Being DDoS’d is not a good feeling.
You feel helpless.
However, help is just around the corner.
I would like to make a statement here, for which many companies below may/may-not agree (but that is OK).
Some companies (a very small but prominent some, not all) that specialize in DDoS protection are in the business to keep you protected… will try to up-sell you plans you may not need, basically they will try to take you for a ride. I want to stress again, a few companies indulge in such boiler room tactics.
However, like I sited, majority of them are very professional about their approach. I have deliberately not included some companies whom I feel are unethical, unprofessional or just plain scammers.
Here are some useful pointers if you are being DDoS’d.
1. Insist on traffic charts ‘directly’ by the datacenter. If you have taken hosting from a reseller, get the traffic charts and contact the datacenter directly to confirm.
2. If at any point in time your hosting provider / reseller is providing obstructions in validating the DDoS attack and its size, etc. Go direct. It is your right to ask and verify.
3. Never believe what your host provider tells you, until and unless it has been validated by the datacenter.
4. Try to contact the datacenter (you will have to be a little persistent) but try to talk to some senior Network Engineer and get more on the ‘type’ of DDoS attack that is happening. Try to get some captured packets of the attack. Anything and everything you can get out of them – is a plus.
5. Be VERY meticulous. Write everything down.
6. Take notes. All of it – write it down.
7. Ask for names and designations.
8. Note down the time and date when you call someone.
9. Make a timeline of events, when the attack started, when were you informed, etc. Why? Because DDoS (be it recipient) can/could become messy, legally/lawfully speaking.
10. If you have noted everything down. You save your own ass.
11. Don’t be afraid to ask for proof. Have it validated.
12. Simply do NOT believe on heresay
13. If you can afford to have your website null-routed for a couple of days. Let it be null-routed. It will save you money. Understandably your website is off-air, but more importantly it will give the party attacking you a bit of a breather, thinking they have been successful in their endeavors (which they have). It will also provide you a much need break to look at things and think through – rationally rather than emotionally.
14. Companies usually try the down-sell methodology. They will try to sell you the highest package first, and then gradually moving you down.
15. Ask if you will have access to some kind of a dashboard / control panel to be notified in real-time of the incoming attacks, etc. and from where you can see the traffic, PPS, IPs, etc.
16. Never be afraid to ask. If the party that aims to protect you is impatient with you. Maybe they should not be getting your business.
17. Do your own research.
18. There is no trial offered by service providers.
19. Expect to make a pre-payment for the services up-front.
Having said this, there is ONE important thing you should always keep in your mind. Always. This is the golden rule.
“DDoS protection is to be considered an industry protected secret recipe. Each provider has his/her own recipe. They will not share it with you. They will not tell you how their system works. This is OK. You will have to accept this and move on.”
So, with that said, here some companies that can help you (in alphabetical order and I am not advocating or pitching anyone). You choose at your own risk.
- Amoraid (www.amoraid.com)
- Black Lotus (www.blacklotus.net)
- BLCC Gold (www.blccgold.com)
- BurstNET (www.burst.net)
- Cyber Cast International (www.ccihosting.com)
- DataPipe (www.datapipe.com)
- DDoS Hosting Solutions (www.ddoshostingsolutions.com)
- DDoS Protection (www.ddosprotection.com)
- DDoSWiz (www.ddoswiz.com)
- Dragonara (www.dragonara.net)
- Gigabit DC (www.gigabitdc.com)
- Gigenet (www.gigenet.com)
- Internap (www.internap.com)
- iWeb (www.iweb.com)
- Nexus Guard (www.nexusguard.com)
- Peer1 (www.peer1.com)
- Prolexic (www.prolexic.com)
- Rackspace (www.rackspace.com)
- Server Origin (www.serverorigin.com)
- Sharktech (www.sharktech.net)
- Solutions Network (www.solsnet.com)
- Staminus (www.staminus.net)
- Tata Communications (www.tatacommunications.com)
- The Planet (www.theplanet.com)