Protection Against DOS and DDOS attacks
The attack is carried out from the attacker’s computer or entire network (botnet) of devices, and this can be any device having access to the Internet (router, TV, tablet, etc.). The user may not know that attack is carried out from his or her device. In this case, protection of remote resources and applications should be performed by the carrier’s equipment.
- Performance up to 20 million packets per second, depending on the configuration.
- Protection against TCP SYN Flood and fragmented UDP Flood.
- Protection against DDoS (LOIC etc) basing on The Turing Test (Human Detection).
- Dynamic control of the bandwidth, common and up to a separate IP.
- Prioritization by common bandwidth and separate IP protocols.
Specifics
The Turing Test (CAPTCHA pages) to protect against DDoS
This computer test determines who the user of the system is - a person or a computer.
If the threshold value is exceeded, for example, the number of requests per second comfortable for the site, the protection is activated and the user needs to enter information from CAPTCHA to confirm that he or she is not involved in the botnet network, and only then access to the site will be allowed.
After confirmation, the user is entered into the Allow List and is no longer checked.
TCP SYN Flood protection against DoS
SYN Flood attack causes increased consumption of resources of the attacked system. Denial of service occurs when the flow of SYN-flood is 100 000 - 500 000 packets per second. At the same time, even a gigabit channel will allow an attacker to send to the attacked site a stream of up to 1.5 million packets per second.
Stingray SG detects independently an attack on exceeding a specified threshold of unconfirmed SYN requests and, instead of the protected site, responds to SYN requests and organizes a TCP session with the protected site after confirmation of the request by the client.
Fragmented UDP Flood protection against DoS
This type of attack is carried out by fragmented UDP-packets, usually a short one, for the assembly and analysis of which the attacked platform is forced to spend a lot of resources.
Protection is carried out by discarding a set of protocols that is irrelevant for the protected site or rigid restriction of them over a passed band.