Our Anti-DDoS Protection

HomepageOur Anti-DDoS Protection

Our Anti-DDoS Protection

Anti-DDoS protection is a critical aspect of network security, especially for game servers, as they are often targeted by DDoS attacks. Our specialized solution, XDP (eXpress Data Path), offers unparalleled defense against these malicious attacks. XDP allows for filtering and controlling network-level traffic before it is forwarded to the transport layer, ensuring that only legitimate traffic reaches your game servers.

One of the protection mechanism we use is UDP Session Authentication. In this method, the first UDP packet is dropped and only the second packet is allowed through. This is done by checking the payload of the second packet against the game's expected payload. This effectively eliminates a lot of DDoS attack attempts, while minimizing the chances of false positives which could lead to legitimate players being dropped by the firewall.

We understand that having direct contact with the hoster is important when it comes to DDoS protection, as it allows for maintaining a Service Level Agreement (SLA) and ensures that the service provided is up to the agreed-upon standards. That's why our team is always available to assist and resolve any issues that may arise.

We pride ourselves on being the leading provider of DDoS protection for game servers. Our specialized approach ensures that your servers are always online and accessible to legitimate players while keeping malicious traffic at bay. Trust us to keep your game servers safe and secure with our dedicated team and specialized approach.

Our game server hosting service offers advanced TCP protection to keep your servers safe from DDoS attacks. One of the key components of our TCP protection is SYNPROXY.

SYNPROXY is a SYN-Flood protection mechanism that is implemented in the Linux kernel firewall netfilter. It effectively defends against SYN-Flood attacks on TCP connections by using a SYN-queue at the kernel level to store incomplete connections. This allows us to track and control the number of incomplete connections, and when the threshold is exceeded, incoming SYN packets are dropped before they can cause harm to your server.

Our TCP protection also includes other advanced techniques like connection rate limiting, and TCP stateful inspection. Trust us to keep your game servers safe and secure with our specialized approach to TCP protection.

During an attack, the server remains accessible and you can use the services normally. Non-relevant ports are blocked as long as the attack persists, e.g. icmp for ping.

Everything under control

All important standard ports remain accessible during a DDoS attack and are filtered by the protection.

We work with several anti-DDoS solutions, one of which is Arbor, and in order to provide efficient solutions we have purchased a full tolerance solution.

List of games and applications / Games:

Grand Theft Auto 5 or RAGE-MP, Last Chaos, Knight Online, Arma III, Half-Life, Team Fortress Classic, Counter-Strike 1.6, Counter-Strike : Source, Half-Life Deathmatch Classic, Half-Life 2, Half-Life 2 : Deathmatch, Day of Defeat, Day of Defeat : Source, Left 4 Dead, Left 4 Dead 2, Team Fortress 2, Counter-Strike : Global Offensive, Garry's Mod, Grand Theft Auto San Andreas Multiplayer SA : MP, Multi Theft Auto San Andreas MTA : SA, Minecraft Pocket Edition, Minecraft, ARK : Survival Evolved, RUST, TeamSpeak, Mumble.

Information about Layer 7 DDoS Protection

There are different types of DDoS (Distributed Denial of Service) attacks. Basically, a DDoS is a "denial of service" that is deliberately caused by a large number of requests and thus leads to an overload of the data network or the server.
DDoS attacks can target different layers (see ISO/OSI layer model). Compared to earlier versions, current DDoS attacks often target the top layer (Layer 7). Layer 7 is the application layer and serves to provide functions for the applications and is responsible for data input and output.

Layer 7 attacks specifically target Layer 7 protocols such as Telnet, FTP, NNTP, HTTP or SMTP. Compared to other DDoS attacks, Layer 7 attacks require far less bandwidth and packets to disrupt services. A low-level protocol attack such as SYN flood requires a huge number of packets to perform an effective DDoS attack, while a Layer 7 attack requires only a limited number of packets to perform a large DDoS attack.

The most common Layer-7 attack is HTTP flooding. Here, an HTTP request is sent to the affected server and uses considerable resources, and although the number of packets is limited, they fully utilize all server resources and lead to a denial of service.
Layer 7 protection is activated by us at your request, and we also deposit the certificate in the firewall software.