New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Sit and wait.
Server been offline for nearly an hour now
Is it with inceptionhosting by any chance? My VPS isn't working with them right now due to a DDOS attack at their UK DC according to anthony.. Haven't got the email you've got though
If your website attracts DDoS attacks you will need to go with provider who offers DDoS-filtering (e.g. RamNode, BuyVM), or at least one with auto-null (e.g. RamNode, BuyVM).
yes it is inceptionhosting
Need a UK XEN VPS with DDoS then I guess
Alright, Anthony / Inceptionhosting is working on it. He's waiting for more information he just told me at the ticket i opened
Ehm, are the things you're hosting a bit targeted? Because then you could use CloudFlare to just hide your server IP leaving the skids unable to find something to hit <.<
Just hosting php sites on CMS systems. Just moved all my domains to domain monster and using their DNS will switch all to cloudflare
even if you do that then you'd have to make sure that your covered server is not broadcasting anything from its own source (sending email and dropping the original IP in the header for example.)
150k is pretty good, some OpenVZ Providers terminate at 3k Connections/Packages.
What do you mean packages? And connections != packets.
How do I hide servers IP's with cPanel?
@perennate my fault i mean connections.
;O
Are you selling hosting?
No don't sell hosting just provide it for the websites I desgin
quick update, it looks like this was not targeted specifically at n1kko and that was just the start/ tip of the ice burg, and the attack just got larger and larger and started hitting multiple IP's on the /24 both nodes on this /24 were hit badly.
They are in Rapidswitch, from what I understand Inception hosting is not the first host to be hit exactly like this today in Rapidswitch.
Sad world.
Because of all the attacks specifically on UK providers, specifically in this DC my old offer of £1000 reward for any info that leads to finding the person(s) instigating these attacks, I refuse to believe it is a coincidence, info can be anonymously sent and payment can be with BTC if required (obviously after validation)
Thanks for the update Anthony. So sad that these idiots have nothing better to do
@AnthonySmith any information about when the services will be restored? My VPS hosting a private/testing gameserver is still down
How do you know they're from Rapidswitch? Could also be from Ecatel or w/e they use for DDOS attacks these days right?
@joodle all servers should be up now, a few IP's that were being hit harder than other have been nulled.
I have a list of the 2000+ IP's involved in the attack.
Post'em.
I will be, I need to filter out the handful that are probably just client IP's first.
Ant.
useless. whoever launches the attack just used a scanner to scan for exploitable servers where they can send the attack through, usually they have a list of like 1m ip adresses that are being unknownly used to send packets through, the IP from the server that the attacker use will not be broadcasted. all attacking IP adresses that anthony will see are most likely from people who have no idea that their servers are being used to launch attacks until they get a large bandwidth bill.
If it's UDP, you just have a list of 2000+ IPs.
Indeed, UDPs could be spoofed and stuff. I just want to see if it comes from any funny IPs like DOD or NSA.
Well perhaps someone wants to blackhole them any info is better than none.
most of the time it involves attacks from Quake3 engine based servers but there are tons of other type servers that can be used for this malicious purpose, you could buy lists like this on HF, they are reffered to as amp lists.
What can you do with that information (except finding them and breaking their kneecaps which I doubt is the option)?
Perhaps nothing, but you don't know unless you try.