| Anti-DDoS Pro | Anti-DDoS GAME | |
|---|---|---|
| Products | VPS-SSD 2016, KVM-SSD 2016-2018 VPS-HDD, KVM-HDD, KVM-SSD-DE, KVM-SSD-LON |
VPS-GAME 2016-2018, vDEDI-GAME, KVM-GAME |
| Eligibility | Included by default | Virtual GAME Servers |
| Number, size & duration of attacks | Unlimited | Unlimited |
| Type of attack | All | All |
| Automatic Mitigation | ||
| Permanent Mitigation | ||
| Two-way Mitigation | - | (L3/L4/L7) |
| Firewall Network | Configurable in your client area |
Configurable in your client area |
| Tilera | ||
| Arbor | Customizable* |
|
| Support | 24/7 by ticket | 24/7 by ticket |
*Available soon
There are three ways of making your site, server or infrastructure unavailable:
This type of attack consists of saturating the server's network capacity, rendering it unreachable.
This type of attack consists of depleting the machine's system resources, which prevents it from responding to legitimate requests.
Also called "exploit", this type of attack targets a particular software fault either to make the machine unavailable or to take control of it.
| Name of attack | OSI | Type | Explanation of attack |
|---|---|---|---|
| ICMP Echo Request Flood | L3 | Resource | Also called Ping Flood, mass sending of packets including the response of the victim, which has the same content as the original packet |
| IP Packet Fragment Attack | L3 | Resource | Sending of IP packets that voluntarily reference other packets that will never be sent, which saturates the victims memory |
| SMURF | L3 | Bandwidth | ICMP broadcast attack usurping the source address to redirect multiple responses to the victim |
| GMP Flood | L3 | Resource | Mass sending of IGMP packets (multi-cast management protocol) |
| Ping of Death | L3 | Exploit | Sending of ICMP packets which exploit an implementation bug in certain operating systems |
| TCP SYN Flood | L4 | Resource | Mass sending of TCP connections requests |
| TCP Spoofed SYN Flood | L4 | Resource | Mass sending of TCP connections requests to usurp the source address |
| TCP SYN ACK Reflection Flood | L4 | Bandwidth | Mass sending of TCP connections requests to a large number of machines, usurping the victim's source address. The bandwidth of the victim will be saturated by the responses to these requests. |
| TCP ACK Flood | L4 | Resource | Mass sending of TCP segment delivery receipts |
| TCP Fragmented Attack | L4 | Resource | Sending of TCP segments that voluntarily reference other segments that will never be sent, which saturates the victim's memory |
| UDP Flood | L4 | Bandwidth | Mass sending of UDP packets (not requiring a previously-established connection) |
| UDP Fragment Flood | L4 | Resource | Sending of UDP datagrams that voluntarily reference other datagrams that will never be sent, which saturates the victim's memory |
| Distributed DNS Amplification Attack | L7 | Bandwidth | Mass sending of DNS requests usurping the source address of the victim, to a large number of legitimate servers. As the response is more voluminous than the question, an amplification of the attack follows |
| DNS Flood | L7 | Resource | Attack of a DNS server by mass sending of requests |
| HTTP(S) GET/POST Flood | L7 | Resource | Attack of a web server by mass sending of requests |
| DDoS DNS | L7 | Resource | Attack of a DNS server by mass sending of requests from a large set of machines which are under the attacker's control |
Source: OVH.com
English
Deutsch