Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Tips Im Under attack, OVH IP attacker
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Tips Im Under attack, OVH IP attacker

xreann20xreann20 Member

Hello,
OVH peeps there, my server is hosted within OVH and firewall seems to not work if the attack is coming frmo their IP. Any tips to block the attack?

«1

Comments

  • MikeAMikeA Member, Patron Provider

    no. report the attacking IPs to OVH abuse. their firewalls only filter external traffic.

    Thanked by 2xreann20 coreflux
  • FranciscoFrancisco Top Host, Host Rep, Veteran

    THE CALL FROM FROM INSIDE THE HOUSE!

    Francisco

  • @MikeA said:
    no. report the attacking IPs to OVH abuse. their firewalls only filter external traffic.

    Thanks, just did that. But its easy then? they just buy another vps = new IP .

    @Francisco said:
    THE CALL FROM FROM INSIDE THE HOUSE!

    Francisco

    walkie-talkie between rooms is better.

  • serv_eeserv_ee Member

    Is it just me or this seems to be a regular thing with OVH already?

    Thanked by 1xreann20
  • MikeAMikeA Member, Patron Provider

    @serv_ee said:
    Is it just me or this seems to be a regular thing with OVH already?

    has been an issue for years.

    Thanked by 2xreann20 coreflux
  • Is it just me or this seems to be a regular thing with OVH already?

    has been an issue for years.

    Ohhh is it? so they cannot resolve this? Because the attacker IP is from an OVH VPS Reseller, Host4fun. So the attacker can just buy another VPS..this is so sad..isn't there any other way :(

  • xreann20xreann20 Member
    edited May 2020

    @RIYAD sir check this IP one of your customer. ~redacted~

  • deankdeank Member, Troll

    Has been an issue since day one.

    Your resistance is futile, literally.

    Thanked by 1xreann20
  • @deank said:
    Has been an issue since day one.

    Your resistance is futile, literally.

    its @RIYAD 's customer lol. Imma send report abuse.then let that attacker find other OVH Reseller assuming host4fun does not tolerate abuse as they claim on their trustpilot responses.

  • seriesnseriesn Member
    edited May 2020

    @xreann20 said:
    @RIYAD sir check this IP one of your customer. ~redacted~

    Send them a ticket?

    Thanked by 2xreann20 RIYAD
  • seriesn said: Send them a ticket?

    Sent an abuse report to their abuse email address. I will try creating a ticket.

  • deankdeank Member, Troll

    Once he is gone, you will be hit from another IP in some days.

    I guarantee that.

    Thanked by 1xreann20
  • deank said: Once he is gone, you will be hit from another IP in some days.

    I guarantee that.

    If he got unli cash. Then I just do load balancing soon. Imma try filter optimizations first

  • RIYADRIYAD Member, Patron Provider

    @xreann20 already answered you over ticket . Also LET is not our support desk and remove the IP from this post .

  • @RIYAD said:
    @xreann20 already answered you over ticket . Also LET is not our support desk and remove the IP from this post .

    Im happy to remove it, but I cannot. Moderators can only remove it I think. And btw I did no use this post to be your support desk for abuse. This is for tips from ovh users myself if there is a way to block an attack from inside OVH network.

  • FAT32FAT32 Administrator, Deal Compiler Extraordinaire

    @xreann20 said:
    Im happy to remove it, but I cannot.

    @RIYAD said:
    remove the IP from this post .

    IP redacted.

    Thanked by 2RIYAD xreann20
  • AlwaysSkintAlwaysSkint Member
    edited May 2020

    Personally, I don't see any reason to remove the IP. Providers should make more of an effort to stop abusive practices from their clients. Granted, the IP may then move to some other sucker client but it should be up to the provider to get it 'cleaned up'. Accountability is lacking, especially when provider's own ToS frequently state abuse is unacceptable.
    Just my opinion.

    [Climbs down from my broadcasts/port scanning soapbox.]

  • UPDATE!

    Need provider suggestion on APAC region or around ~150 ms on apac..riyad dealt with it, now the attacker just bought another vps...lol @OVH_APAC @OVH_Matt is there really anything can do if the attack is from inside the house? I currently have 6 dedis on ovh, anywhere I can transfer with as good as ddos protection? I see the attacks only about 800mbps and 1.5 gbps max.

  • What's the reason you're being attacked for? I mean, someone really wants to bring your service down.

  • @SCAM_DONT_BUY said:
    What's the reason you're being attacked for? I mean, someone really wants to bring your service down.

    Basically its competition.

  • I host a gameserver, and their players are going to me. They are threatened.

  • deankdeank Member, Troll

    @xreann20 said:
    now the attacker just bought another vps...lol

    Told you so.

    Thanked by 1xreann20
  • xreann20 said: Basically its competition.

    Okay, then internal attacks are a lot more common than what I've thought before. Looks like OVH isn't interested in this at all...

  • deank said: Told you so.

    I knew you were correct, I underestimated OVH lack of support :neutral:

    Im trying @splitice , although graph is not working. got high ping tho. Im open to suggestions :) Thanks all!

  • OVH should really address the internal attacks situation as it's becoming a common practice these days I see. Their protection works great for most people, including myself but the fact that you can launch attacks within their network it's pretty scary stuff.

  • EdmondEdmond Member

    @kalimov622 said:
    OVH should really address the internal attacks situation as it's becoming a common practice these days I see. Their protection works great for most people, including myself but the fact that you can launch attacks within their network it's pretty scary stuff.

    This is some dumb loophole where you think you can trust every single customer within the network but you can’t. Why bother attacking from a outside network if you just get a VPS from OVH and flood another OVH customer?

    I mean it makes sense now... when I ping a OVH IP, before I reach their network’s hops, always see a hop or two return nothing. Imagine those are where the firewall is and everything routed internally, even across datacenters, doesn’t matter...

  • EdmondEdmond Member

    @xreann20 said:

    deank said: Told you so.

    I knew you were correct, I underestimated OVH lack of support :neutral:

    Im trying @splitice , although graph is not working. got high ping tho. Im open to suggestions :) Thanks all!

    If your trying X4B, you need a new OVH IP again still. Once they do not know the origin IP address, their DDoS protection should kick in as intended.

    Thanked by 1xreann20
  • xreann20 said: Im open to suggestions

    Keep reporting the attacker so OVH could suspend them.

    Thanked by 1xreann20
  • SplitIceSplitIce Member, Host Rep
    edited May 2020

    @xreann20 The Layer 4 filtering graph is unavailable for display. This does not affect mitigation performance or results.

    It's disabled due to the huge growth we have had in the last few months.Optimizations are being developed for our collector and as soon as they get the collector running smoothly again it will be back. The absolute last thing we want is for people to make incorrect decisions based on incorrect data (due to missing periods of data etc) and hence as a non-critical feature it will be disabled until we are sure we have it under-control.

    Thanked by 1xreann20
  • Edmond said: If your trying X4B, you need a new OVH IP again still. Once they do not know the origin IP address, their DDoS protection should kick in as intended.

    Done already, only problem now is latency, seems like they mitigate the attacks well.

Sign In or Register to comment.