What's a good high performance Linux TCP proxy?
I specifically need a general purpose TCP proxy for RTMP traffic as well as HTTP
My website is being DDoS'd for the first time and it's a shit. My current provider where all my data is stored aren't willing to do anything but null route me. So I thought maybe I can get some VPS with some host that does provide anti-ddos protection and then proxy it to my regular servers (with new IPs).
Does that sound a reasonable approach?
as an aside, I might have the attacker's IP (was some suspicious activity from eastern europe in the days preceding this), is there anything I can do with it? Report them to their ISP? I have no absolute proof though. But a google of the IP brings up some COD playing kid getting banned from cheating on game servers, which sounds the type.
u need a hardware firewall, use OVH
>>54356196
I was looking at OVH, their VPS plans advertise anti DDoS protection, will that not be good enough?
I don't know whether it's high preformance or not. But check out Haproxy.
>>54356532
Thanks that looks like the thing I want
That being said am currently researching "gre tunnels" whatever they are, as they seem to be used in this situation...
>>54356187
Cloudflare provide free DDOS protection
>>54356187
I use to work for one of cloudflare's competitors.
Here is what we did:
>Run NGINX as a reverse proxy
>Firewalls only allowing port 443 and port 80
>New client comes in under DDOS attack
>We get Client to send us their SSL certificate
>We setup NGINX to reverse proxy and point to their IP address
>We tell client to change DNS record to our IP address (we called it a VIP).
>Tell client to change firewall to only allow traffic from our IP addresses.
>Use ELK stack to analyze traffic
>Come up with rules to whitelist or ratelimit or ban ips based on request/referrer/useragent etc.
As far as I know you´r able to use "IP-geek" to find out some information of the attacker.
