myVirtualserver is a VPS hosting company and Internet Service Provider in Western Europe (Germany). We had many customers complaining about incoming DDoS attacks and packet loss, caused by outgoing DDoS of customers.
Every time the problem was reported or we noticed that the incoming/outgoing traffic is really high we needed to manually log into the host and find out what’s the problem. Sometimes we even weren’t able to log into the server because the link was completely flooded and we were forced to use the KVM over IP. If it was incoming DDoS then we had no choices and the only option was to nullroute/blackhole the customers IP. Nowadays we are using asynchronic routing. Incoming traffic is filtered by Voxility SRL and outgoing sent through several providers(Cogent, …).
DPS from Terabit Security really improved our workflow and helped us maintain a stable network. The traffic flow is exported to graphite by using DPS’s sFlow implementation. Additionally the statistics (See: ATTACK_REPORT_EXAMPLE.md) provided by the toolkit are automatically parsed by our system, and the customer is informed about this incident. If it’s outgoing one we make clear that we do not tolerate DDoS and the service may be suspended. Additionally a report is automatically sent to the administrator’s phone (Boxcar Mail integration). In the last few days not one outgoing attack has been detected. DPS gives us insight about the several attacks targeting our network each day and we can now handle this flawlessly. If Voxility is not detecting an attack (only barely happens) we are able to respond within seconds and mitigate the attack manually. Our network statistics are in real-time thanks to Terabit Security. Attached you will find a picture of our current dashboard
In general we can say that we’re really happy that such a toolkit exists. Without it the daily life of every network administrator would be much harder and personally, I don’t want to spend my whole day solving network incidents and answering tickets from concerned customers. Today I have much more time, focusing on more important things like developing new features for our hosting environment or fixing bugs. I can rest easily without hearing my phone ringing because some services are down as before. Hereby I’m thanking Pavel for his great toolkit licensed under the GNU v2 license. Additionally we had some nice Skype conversations about other topics like OpenVZ virtualization, as be both share the same passion about container virtualization and I can’t thank him enough. Keep it up!!!