{"id":159,"date":"2019-11-02T05:13:00","date_gmt":"2019-11-02T10:13:00","guid":{"rendered":"http:\/\/127.0.0.1:8080\/?p=159"},"modified":"2024-01-13T14:04:50","modified_gmt":"2024-01-13T19:04:50","slug":"how-to-use-ovh-as-an-anti-ddos-provider","status":"publish","type":"post","link":"http:\/\/10.42.0.68:8080\/blog\/how-to-use-ovh-as-an-anti-ddos-provider","title":{"rendered":"How to use OVH as an anti-DDOS provider?"},"content":{"rendered":"\n
It’s a very strange use but sometimes, it can save time and money.<\/p>\n\n\n\n\n\n\n\n
You’ve few dedicated servers (not OVH) and you’ve DDOS attacks.
Firstly, you call your provider and pay for anti-DDOS protection but it’s inaccurate.
What can you do?<\/p>\n\n\n\n
It’s extraordinary, but OVH has 2 anti-DDOS technologies that work very well: Arbor Networks & Tilera.
This combo is the most powerful to kill DDOS.<\/p>\n\n\n\n
It’s a strange but working solution :<\/p>\n\n\n\n
We need to activate IP Forwarding<\/p>\n\n\n\n
sysctl -w net.ipv4.ip_forward=1\necho \"net.ipv4_forward=1\" > \/etc\/sysctl.d\/forwarding.conf<\/code><\/pre>\n\n\n\nOutput<\/h4>\n\n\n\n
Now, it’s time to do MASQUERADING for output traffic<\/p>\n\n\n\n
iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE<\/code><\/pre>\n\n\n\nInput<\/h3>\n\n\n\n
It’s where we do magic<\/p>\n\n\n\n
iptables -t nat -A PREROUTING -d IP_OVH -j DNAT --to-destination IP_NOT_OVH<\/code><\/pre>\n\n\n\nPersistent<\/h4>\n\n\n\n
We need that iptables rules to survive after a reboot<\/p>\n\n\n\n
apt-get install iptables-persistent -y<\/code><\/pre>\n\n\n\nConclusion<\/h2>\n\n\n\n
It’s not a magic solution but can help in some way. In addition, don’t forget to harden your kernel and other configurations to survive.<\/p>\n\n\n\n