How we clear traffic

Attacks and counter

This system protects against attacks

We give you the protected IP-addresses (one is included in the base rate, and additional addresses are available in the Control Panel) and select special channel for protected traffic.

Traffic from the Internet is routed to protected addresses through cleaning equipment where illegitimate traffic is dropped. For you receive only incoming traffic cleared.

In order to protect against DDoS need to specify:

  • the main purpose of using the server
  • the number of IP-addresses, which must be protected
  • desirable measures to protect against DDoS
  • On the basis of the information provided by you, we will build a defense
  • strategy, adapted to the specifics of your project. For the popular options the
  • server use (web server, application server, the DNS server) has developed special protection templates.

DDoS protection services for “Dedicated Server” and “Server Placement” and “Rent a server rack.”

Attacks and counter

This protects the system against attacks following types:

  • TCP-flood
  • SYN-flood
  • UDP-flood
  • DNS-flood
  • ICMP-flood
  • HTTP-flood
  • DNS Cache Poisoning
  • attacks on VoIP and SIP
  • attacks on SSL-signaling
  • attacks on the size of the window (sockstress)
  • Attack IP-, TCP-and UDP-fragments
  • illegitimate combination of TCP-flags
  • attack on the HTTP-session (Slowloris, Pyloris etc.)
  • attack with the TCP-session type TCP Idle, Slow TCP and other

Upon detection of attacks protivomery following can be used:

  • Packet filtering is not relevant RFC (Invalid packet List)
  • Black and white lists IPv4- and IPv6-addresses
  • Filtering and traffic policing of the countries (Geo IP Filter List, GeoIP Policing) – monitoring, control and blocking traffic from countries where it comes from the largest number of DDoS-attacks
  • Countering TCP- or DNS-flooded through client authentication (TCP SYN / DNS Authentication)
  • Check requests for compliance with RFC (DNS Malformed, HTTP Malformed, SIP Malformed)
  • Limit requests from same IP-address (DNS Rate Limiting, HTTP Rate Limiting, SIP Request Limiting)
  • Validation of DNS-responses (DNS NX Domain Rate Limiting)
  • Avoiding too many TCP-connections (TCP Connection Reset)
  • Filtering traffic by regular expression applied to the Payload-packages (Payload Regular Expression)
  • Validation queries using regular expressions (HTTP Scoping, DNS Scoping)
  • SSL-traffic blocking, not the corresponding RFC (SSL Negotiation)
  • Traffic Tracking the signatures of vulnerabilities