3

I am writing a web service that has a lot of vicious competitors. Vicious as in: people have been getting DDoS'd within hours of setting up shop in this arena.

The service will consist of:

  1. a website that you can sign up to and check on stats/etc... (all of which is served using https)
  2. a web service that runs in the port 8000+ range.

What (if any) port will be easiest to attack and/or bring down the server? The web server or the web service?

I know nginx has some pretty good DDoS protection so I am looking into that and load balancing for the website.

Any suggestions as to dynamic DDoS protection against various other ports with linux would be appreciated.

Tom O'Connor
  • 27,440
  • 10
  • 72
  • 148
darkAsPitch
  • 1,861
  • 4
  • 25
  • 42

2 Answers2

7

No port is any more or less vulnerable than any other, if it has the same service listening on it. If both ports are running web services, there's not much difference between their vulnerability to DDoS.

If your "competitors" are experienced in initiating DDoS attacks, I predict that regardless of what you do, with your current level of knowledge, you will be wiped off the Internet in a matter of minutes. I don't say this to be rude or nasty; I just don't want to see you waste a pile of money setting up and then getting creamed. Also, you cannot learn enough about DDoS mitigation to survive just by asking questions on Server Fault (sorry).

If you're dead set on going into this "business" (sounds more like a warzone to me), then I'd suggest talking to a few of the big DDoS mitigation vendors like Arbor, and taking their advice. They'll know the questions to ask to design a solution that gives you a fighting chance. It won't be cheap, but it's got a better cost/benefit proposition than your current plan.

womble
  • 95,029
  • 29
  • 173
  • 228
3

It's easy to say that well known ports will be more easily targeted, but really if someone is after you they're going to figure it out. It's trivial to find what ports you're listening on and once that's known then it's pretty much game on. There's more to this topic than can really be answered here. You'll want to enlist the services of a good, reputable security expert and do what they say.

squillman
  • 37,618
  • 10
  • 90
  • 145