I am really very confused right now. I’ve been on a 4 week DevOps Marathon to solve a UDP DDOS Problem. AWS only offers DDOS protection for UDP traffic via their AWS Sheild Advanced solution, which is $3000 monthly (which is a bit out of our budget range).
So, currently, I have arrived at the AWS Network Firewall that basically works off Suricata rules. However, I found 100 guides on writing rules, yet no database of rules. What I was expecting to find (and happily pay for) was a nice clean list of DDOS protection rules that I can simply copy and paste into AWS Firewall. Unfortunately, this has not been the case… So what am I doing wrong?
Where can I find the rules? Are these closely kept secrets of Big SecOps? I found a handful in the Suricata installation files, but what about DDOS rules? Isn’t there some centralized collection of rules that one can search/browse?
Any guidance would be much appreciated!