You are viewing a single comment's thread.

view the rest of the comments →

0
2

[–] 21117013? 0 points 2 points (+2|-0) ago 

No.

DDoS usually focuses on the connection establishment handshakes which take place well before the login page is served. That's why it's difficult to counter.

There's not (inherently) anything distinguishing a connection from a DDoS attack from a legitimate connection.

The only way to discriminate between the two is by correlation with other factors like "Is the source IP establishing too many connections at this time ?".

Correlation is expensive (needs a bunch of logs and log parsing), prone to false positives and sometimes impossible.

0
0

[–] 21117742? ago 

How do other sites deal with it?

0
1

[–] 21123281? 0 points 1 point (+1|-0) ago 

There are multiple ways to do it, but ultimately it runs down to using (or paying for using) (parts of/shared) dedicated hardware solutions (networking gear, servers, software) to put in front of your servers and dedicated personnel (network engineers, sysadmins/devops & security specialists) to put on-call behind those dedicated hardware ressources.

Even if you had, lets say, one very dedicated person doing everything, you still need 4 of them to cover a 24/7/365 operation.

All this costs money and I don't know on what budget Voat is being operated.

Or, you could blend in and not become a target. That works for a lot of sites, but not in the 'free speech' category ;)