A letter to server owners.

[BlueBaby]

a good dedicated with DDOS hardware (only thing that realy helps) can cost 500$ a month.

[twostars]

a good dedicated with DDOS hardware (only thing that realy helps) can cost 500$ a month.

A moderately cheap Debian (or any distro really, although not a big fan of the BSD side of things: prefer iptables) box setup correctly in front of your server has thus far been far more than sufficient for all attacks I've witnessed up until now. Those providers are milking your $. And don't forget: even with lower specs, *nix is still vastly more efficient at getting things done than Windows will ever be, so don't be as put off by low specs. If it's going to be hit a lot though, you'll want to be sure it can stand up to it -- but KO-Tastic was using one of our webserver boxes reformatted with Debian (was just for a webserver, so it wasn't all that powerful) - it was hit by hundreds of thousands of connections at more than one stage. When the box was setup properly there was brief lag in-game [if that] before they were dropped & blacklisted to avoid any effect from that IP in future attacks. Fairly impressive, I think.

Also: that lag was actually simply caused by a problem with Ebenezer (when the attacks got in), which has long been (publicly) patched since now.

That said, being *nix and well, KO server owners, it's probably safer to just get your provider to do it for you at ~10+ times the cost.

Edit:
Just to clarify - not saying a single point in front of your box is more effective against DDoS attacks - on its own, it isn't all that great. What I am saying is, it's considerably cheaper and has been more than sufficient for all of the (many, many) attacks I've witnessed since working with PSKO. It may not be the most effective, but it's a hell of a lot cheaper and (when setup right) serves the purpose to a much greater extent than it needs to, which allows a lot of leeway for larger, more effective attacks. So expensive "DDoS protection" services aren't the only option there, unless the situation does indeed warrant more upstream help.