Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


EDIS Austria location down :(
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

EDIS Austria location down :(

WilliamWilliam Member
edited June 2012 in Providers

Yes, we want such a thread too ;o

Anyway, don't worry - You likely see some packetloss and/or traffic decrease currently since someone thinks it is funny to DDoS our hosting border IP (for whatever reason) and both Leaseweb and Redstation are too lazy to react to abuse and take the booters down.

Should be fixed soon.

Comments

  • Attacking IPs are, in order of PPS:

    82.192.95.113 - Leaseweb - NL - ca. 800k PPS

    • no reaction on abuse message, Phone asks for customer number
      176.227.211.74 - Redstation - UK - ca. 500k PPS

    • no reaction on abuse message, no one picks up phone
      76.10.210.190 - Bluemile - US - ca. 400k PPS

    • Phone picked up instantly, aware of the problem (very nice staff and abuse dept, can't complain)

  • No problems with my VPS here. UptimeRobot also says 100% uptime

  • Funny, now they target the router (or better the .1 gateways of our spaces) directly - And the Ciscos barely give a fuck about it :)

    Thanked by 1Amfy
  • ^^ I've used redstation before as a host, they're usually quite alright, cept their tech support can be a arse pain, and any problems with billing, and you're fooked.

    I'm sick of these booters... Ever since that UGNazi guy started talking about this new "super booter / holocaust" shit, it's just been, day, after day of booters,

  • Damn skids these days with their booters ..

  • The problem is that the UPC link overflows, for VPS this should be a not a problem since the traffic goes over I3B then but for older customers using UPC IPs this is a major issue.

    I'm worried about Redstation and Leaseweb completely ignoring Abuse requests and not having a phone no. to call them about an issue.
    Is anyone in UK here by any chance?
    If yes, could you check if 0800 987 5640 (= Redstation support) is reachable? On the international phone nobody picks up....

  • @William said: If yes, could you check if 0800 987 5640 (= Redstation support) is reachable? On the international phone nobody picks up....

    Yes someone picked up here.

  • @William

    We have an account with them if you want me to forward a report for you PM me

    Thanked by 1[Deleted User]
  • WilliamWilliam Member
    edited June 2012

    oh well i bite the apple and use my UK mobile to call it and pay the roaming fees - not that high inside EU anyway

    @GetKVM_Ash said: We have an account with them if you want me to forward a report for you PM me

    I already messaged their abuse department but no one replys there, i Pm you in a second - please forward it to support, thanks :)

    EDIT: Solved itself, we simply called sales and let us put through to the NOC but thanks for the offer :)

  • @William said: The problem is that the UPC link overflows, for VPS this should be a not a problem since the traffic goes over I3B then but for older customers using UPC IPs this is a major issue.

    I've had a VPS for 2 months or so now but it appears i'm now also affected by the DDoS. SSH takes ages to connect and there seems to be a lot of packet loss.

     1  10.87.0.1 (10.87.0.1)  6.915 ms  6.865 ms  6.822 ms
     2  1611A-MX960-01-ae10.bielefeld.unity-media.net (81.210.130.33)  7.568 ms  7.529 ms  7.429 ms
     3  1111A-MX960-01-ae1.muenster.unity-media.net (80.69.107.149)  9.187 ms  9.155 ms  9.116 ms
     4  1111A-MX960-02-ae0.muenster.unity-media.net (80.69.107.145)  9.126 ms  9.021 ms  9.003 ms
     5  1211F-MX960-02-ae2.dortmund.unity-media.net (80.69.107.141)  9.472 ms  9.391 ms  9.450 ms
     6  7111A-MX960-02-ae9.frankfurt.unity-media.net (80.69.107.22)  15.088 ms  15.460 ms  19.734 ms
     7  7111A-MX960-01-ae0.frankfurt.unity-media.net (80.69.107.213)  19.567 ms  15.887 ms  15.847 ms
     8  de-fra01a-ri2-ae-1.aorta.net (84.116.131.133)  16.201 ms  16.079 ms  16.012 ms
     9  84.116.133.109 (84.116.133.109)  35.233 ms de-fra01a-rd3-xe-2-0-0.aorta.net (213.46.179.13)  36.498 ms de-fra01a-rd3-xe-1-0-0.aorta.net (213.46.179.98)  35.190 ms
    10  84.116.136.113 (84.116.136.113)  35.514 ms 84.116.136.117 (84.116.136.117)  35.398 ms 84.116.136.109 (84.116.136.109)  35.391 ms
    11  at-grz-lazg-pe02-vl-2032.upc.at (84.116.228.86)  34.920 ms  36.202 ms  34.818 ms
    12  at-grz-mk43-pe01-vl-2084.upc.at (84.116.229.74)  36.073 ms  35.110 ms  33.815 ms
    13  GBE.MDF.GRAZ.EDIS.AT (83.65.45.2)  38.148 ms  33.597 ms *
    14  x-211-255-158.static.edis.at (158.255.211.x)  37.818 ms  37.778 ms  35.946 ms
    
  • @gsrdgrdghd said: SSH takes ages to connect and there seems to be a lot of packet loss.

    Yes, because:

    8 de-fra01a-ri2-ae-1.aorta.net (84.116.131.133)

    Goes over UPC, which is full.

  • vanarpvanarp Member

    Could this be something to do with more votes (Q2-2012) for EDIS ? ;-)

  • gsrdgrdghdgsrdgrdghd Member
    edited June 2012

    @William said: Goes over UPC, which is full.

    Isn't it possible to just take the UPC link out of your BGP table until the DDoS is over?

    Edit: Seems to be fixed now ping and packet loss are back to normal

  • @gsrdgrdghd said: Isn't it possible to just take the UPC link out of your BGP table until the DDoS is over?

    Technically yes, in reality no.

Sign In or Register to comment.