How to properly address DDOS concerns with crossbar.io? #2071
Unanswered
tortoisedoc
asked this question in
Q&A
Replies: 1 comment 2 replies
-
what's the peak bandwidth you need to defend against? |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
hm good question, id assume a few hundred kb / client/ second would suffice |
Beta Was this translation helpful? Give feedback.
-
|
let's assume 200kbps and 1m devices in a bot net, that means: 200gbps aggregate DDoS attack bandwidth. you will unlikely be able to defend once that traffic hits your infrastructure, hence you need to mitigate at the source around the globe. IOW: use Cloudflare or similar .. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Suppose a malicious actor reverse-engineers my cool website.
Suppose now that this actor implements a rouge client, that connects with a valid account over crossbar
to our backend services.
When this rouge actor now triggers a DDOS via websocket;
I know there is the "stats" api calls; but it appears to me to be quite computationally intensive,
if for each user I need to keep a bucket with individual information.
Apache / HAProxy only manage things at HTTP level / session setup.
Is there other means?
Beta Was this translation helpful? Give feedback.
All reactions