Originally posted by F.Ultra
View Post
Announcement
Collapse
No announcement yet.
HTTP/2 "Rapid Reset" DDoS Attack Disclosed By Google, Cloudflare & AWS
Collapse
X
-
Originally posted by bug77 View Post
Not really. A proper response to a DDoS attack is to filter the malicious traffic and let everything else in. Not easy to do, but it happens.
- Likes 2
Comment
-
Originally posted by curfew View PostRate-limiting the bot's connection will only improve bandwidth for real users.
- Likes 1
Comment
-
Originally posted by F.Ultra View Post
Which is often impossible to do. If you do it before your rate limit then that process can be DDoS:ed by the high request rate, and if you do it after the rate limit then you have already rate limited so then you have a high chance that every single connection that survived the rate limit is only the DDoS traffic (since they connect more aggressively they have a much higher chance of surviving a rate limit).
It's hard at first, because you don't know what's malicious and what's legit, but once you figure that out, it's pretty much smooth sailing.
Comment
-
Originally posted by bug77 View Post
Then how come we have all these DDoS attacks with barely an impact on traffic?
It's hard at first, because you don't know what's malicious and what's legit, but once you figure that out, it's pretty much smooth sailing.
- Likes 1
Comment
-
Originally posted by bug77 View Post
Then how come we have all these DDoS attacks with barely an impact on traffic?
It's hard at first, because you don't know what's malicious and what's legit, but once you figure that out, it's pretty much smooth sailing.
Comment
Comment