What does Memset do if my Server is Attacked?

The firewalls protecting Memset's internal network from the Internet automatically monitor for DDoS attacks and take steps to protect both your server and other servers on our network. When the firewall detects a large quantity of suspicious data being directed against a server inside our network our firewalls will automatically block the responsible external IP address. At the same time one of our Memset engineers will be notified to look into what is happening and get in contact with the server owner to establish what the situation is.

The objective of a DDoS attack is to overwhelm the infrastructure supporting a website. This can be the server itself or, as is more common, the routers connecting the server to the internet. If your server has a 10Mbps connection then a DDoS that is directing 30Mbps of data at your server will saturate the connection and take it offline. In this case the Memset Firewall will be able to block the incoming traffic and maintain normal operation of the server.

DDoS attacks are sometimes very much larger than 30Mbps and can often go into the hundreds of Mbps and even into hundreds of Gbps range. In order to use a firewall to filter out the bad packets all the data must be accepted and routed as far as the Memset Firewalls. If the attack is sufficiently large it has the possibility to completely saturate our primary network connections into our data centers or cause so much work for our firewalls that normal networking to all Memset's clients is interrupted as they attempt to filter the junk data. This is not a situation that we can allow to happen.

For these reasons the IP address of the server being attacked in this manner are null routed to protect Memset's network and all servers hosted on it. Where possible this will only happen for a specific port or source IP, however this is not always possible.

Frequently Asked Questions

The below pages look at some of the most frequently asked questions regarding our DDoS protection and Null Routing.

What is a DDoS Attack?
What is null routing and why does Memset do it?
Why is my IP / Site / Server being attacked?
What can I do to Mitigate against a DDoS attack?