Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Linode Suffering Attacks Lately
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Linode Suffering Attacks Lately

n1kkon1kko Member
edited December 2015 in General

I've been with Linode for around a year now with no issues but just lately seems they are having a few issues with Dos attacks on quite a few of their locations.

Thanked by 1rokok
«13

Comments

  • cool story

  • Yeah, they seem to be getting hammered over the last few days our wordpress blog hosted with wpengine in London is up and down like a yo yo.

  • That's called life.
    They were have success because nobody threats them in past.
    Shame, as for many providers here. What a shame, so big operator and died under ddos attacks. People will never learn basic things: security matters. The good side of the news about linode -> i'm sure, they will have ddos protection in 2016.

  • @desperand said:
    The good side of the news about linode -> i'm sure, they will have ddos protection in 2016.

    So Linode has been running all these years without any DDOS protection? That sounds pretty incredible considering they are a premium provider and many budget providers here have decent DDOS protections.

  • They used to have some form of nullrouting, i don't know whether it was automatic or manual. LET was hosted at Linode in the past and was getting nullrouted for 24 hours when DDoSed.

  • Incredible since they just bought a new HQ and paid $5 millions for it. They should've invested some of that money in better security.

    Thanked by 1xavier
  • @rds100 said:
    They used to have some form of nullrouting, i don't know whether it was automatic or manual. LET was hosted at Linode in the past and was getting nullrouted for 24 hours when DDoSed.

    Clients IP ranges being DDoSed like what was the reason to leave offers for most providers here.

  • The one time I was with linode I experienced 3 node failures in a month and they weren't quick solving the issues, always took them more than 5 hours.

    If you consider a provider premium because they accurately inform you about their downtimes then you can find other providers who are a lot cheaper.

    Thanked by 2desperand Rolter
  • Refugee offers ? /s

  • raindog308raindog308 Administrator, Veteran

    Linode, KnownHost, WiredTree...none offer DDOS protection even as an addon.

  • In 2015 (soon to be 2016) they should have the infrastructure in place to handle these attacks --- if they dont, it is time to move on.

  • None of them sound exceptionally quality to justify their prices.

    raindog308 said: Linode, KnownHost, WiredTree...none offer DDOS protection even as an addon.

    tr1cky said: The one time I was with linode I experienced 3 node failures in a month and they weren't quick solving the issues, always took them more than 5 hours.

    If you consider a provider premium because they accurately inform you about their downtimes then you can find other providers who are a lot cheaper.

  • @PremiumN said:
    cool story

    Thanks

    Thanked by 1netomx
  • Price of DDoS equipment has dropped a lot

  • Each and every Linode host server is now connected via 40 Gbps of redundant connectivity into our core network, which itself now has an aggregate bandwidth of 160 Gbps. Linodes themselves can receive up to 40 Gbps of inbound bandwidth, and our plans now go up to 10 Gbps outbound bandwidth.

    haha

    Thanked by 1inthecloudblog
  • raindog308raindog308 Administrator, Veteran

    GM2015 said: None of them sound exceptionally quality to justify their prices.

    I've used all three. Linode was meh though their panel had some unique features in its day.

    WT support was AWESOME. And out of the box, their servers are very secure - they really go the extra mile to provision cPanel with lots of security enhancements, custom mod_security rules, etc. I really liked WT and if I was a semi-technical user who wanted hand-holding support and easy-to-use managed cPanel, I would use them.

    KH support was almost as good and out of the box, they put in some good stuff, though not like WT. With KH you get more RAM per plan, while with WT you get more disk.

    But none of them have DDOS protection, which just boggles my mind. They could be offering it as a premium add-on.

    Thanked by 1GM2015
  • @raindog308 said:
    Linode, KnownHost, WiredTree...none offer DDOS protection even as an addon.

    They got popular by not being total garbage and advertising heavily on WHT getting recommended by users for months.

  • @Tion said:
    They got popular by not being total garbage and advertising heavily on WHT getting recommended by users for months.

    Not that you are generally wrong, but I received very good support and service from both WiredTree and KnownHost in the past. They were the right providers at the right time for me. Now, that I can manage servers myself, they seem superfluous, but looking back, both did a good job.

    Thanked by 1inthecloudblog
  • I was hesitating to open a thread about this hehe...

    For the capacity of the links Linode claims to have, these should be really big attacks. Unfortunately the servers at my work use the Dallas region, which has been the most affected (until today, which seems to be London).

    This time doesn't seem like a client getting ddos'd, but some haters attacking the whole linode infraestructure.

  • n1kkon1kko Member
    edited December 2015

    @yomero said:
    I was hesitating to open a thread about this hehe...

    I was a little hesitant at first but seems as the attacks are so heavy I thought never mind. They will surely have to bring in DDOS protection now. If not I'll have to move servers.

  • n1kko said: If not I'll have to move servers.

    I was considering to move some important projects, at least to another datacenter, but unfortunately you can't carry your IP addresses across DCs as far as I know. This is important for my particular use cases =(

  • TinyTunnel_Tom said: Price of DDoS equipment has dropped a lot

    Price of anti-ddos hardware is 80% software and 20% ASICs, SW pricing is the same as usual but 10/40G ASICs got cheaper last year(s).

    spammy said: So Linode has been running all these years without any DDOS protection?

    Yes, only null and enough upstream capacity.

    bogdang said: They should've invested some of that money in better security.

    In some linode locations 100Gbit BW - which is already low on protection these days - costs a million PER MONTH, then you also need the HW on top to actually use that...

  • @William said:
    In some linode locations 100Gbit BW - which is already low on protection these days - costs a million PER MONTH, then you also need the HW on top to actually use that...

    Well, that's interesting how much OVH invested to their anti-ddos protection.

  • alexvolk said: Well, that's interesting how much OVH invested to their anti-ddos protection.

    Arbor + Tilera + custom in-house : https://www.ovh.com/us/anti-ddos/

    Passes through a few filter layers, plus all of the BW they have to absorb around their PoPs.

    Thanked by 1alexvolk
  • linuxthefishlinuxthefish Member
    edited December 2015

    @alexvolk said:
    Well, that's interesting how much OVH invested to their anti-ddos protection.

    https://www.ovh.com/us/news/articles/a1171.protection-anti-ddos-service-standard says it costs them around $10 million using traditional filtering, and $103,000 for 100gbit using their own technology.

    If only Linode invested that $5 million they spent buying a building for only 160 people just because the CEO liked it back into their own platform...

  • WilliamWilliam Member
    edited December 2015

    alexvolk said: Well, that's interesting how much OVH invested to their anti-ddos protection.

    BW in France/CA is 10x cheaper than in JP.

    linuxthefish said: https://www.ovh.com/us/news/articles/a1171.protection-anti-ddos-service-standard says it costs them around $10 million using traditional filtering, and $103,000 for 100gbit using their own technology.

    If only Linode invested that $5 million they spent buying a building for only 160 people just because the CEO liked it back into their own platform...

    This figure does not include any BW.

    I build you 40G filtering at 25k as well, and i need 5k alone for the 40G network cards.

    Thanked by 3Kris alexvolk tommy
  • Which operator/site keep online after targeted by ddoser?
    Come on, you pay ~ $10-$20/m including ddos protection, if you compare to ovh, they will beat all provider in pricing + ddos protection. Why none complaint about delimiter, qps, datashack ddos protection?

  • yomeroyomero Member
    edited December 2015

    http://status.linode.com/incidents/mmdbljlglnfd

    "Additionally, we will be announcing the details of an ongoing project to significantly improve our internet connectivity and resiliency. "

    Thanked by 1n1kko
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    I don't see them rolling out filtering, I mean, they don't even have their own routers in each of their locations. If you lookup their IP space you'll see that it's being announced by their upstream datacenters and or they peer over a private ASN. If they're having this much of an issue dealing with floods against their platform now, do you think they'll have the time & manpower to deal with leaks on filtering that will happen?

    When LE* was getting hammered back in the day the floods were around ~500mbit. Linode still nullrouted over it, though. The attacker came after us at one point but it never got over a gbit sustained.

    I'm not sure why they rolled out 40gbit uplinks on all of their servers when they obviously can't support it at the core. Sure, you can get some nice (< 2gbit) download speeds on the VM's, but it sounds like they only have a couple 10gigs at the core.

    We'll see, maybe I'm completely wrong and they're eating some cloudflare sized attacks, but I don't see softlayer/coloat sitting on 300~400gbit of capacity in those locations to get knocked offline.

    Francisco

    Thanked by 2Kris vimalware
  • After 189 days, my Newark node kept going on, and NAC is brilliant (8001) - I've colo'd there myself, and they have plenty of bandwidth.

    I honestly don't know what's going on, it's targeted as you saw on WHT Dallas was down right before Newark went down. Some pissed off former employee or pathetic local competitor would be my guess.

    Had to move things to OVH after 1/2 year perfect. From dealing with NAC myself over the years with colo space & transit, 8001 is where you want to be for unparalleled transit, peering, and stability for the east coast. NAC started as a dial up in the 90's, so they have multiple PoPs, LINX peering, etc.

    Not sure where the ball is dropped between robust NAC network -> Linode, but they don't have their own ASN, using 8001, and the prefixes were gone from the route-tables.

    That's when I decided to move. Not even bothering trying to mitigate in RT, but just dropped from the net, all subnets were null-routed.

Sign In or Register to comment.