New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
No kidding, right?
As I mentioned at the bottom, the MJJ's scanning method is ineffective: the attacker should always include the target domain instead of the IP in the ClientHello, so that the TLS server would return the certificate if it exists.
Using a TLS server that validates SNI cannot protect against this improved attack.
The firewall is not a countermeasure for DDoS.
It is to prevent finding the server by scanning global IP space, because anyone other than Cloudflare cannot reach the webserver.
But yeah, it's not that surprising, considering I have been on IRC since the 90s (until today) and have seen my fair share of attacks that has happened for no apparent reason even.
and once again ddos. FUCK YOU ATTACKERS
Yes the attacks are absolutely raging, constantly changing techniques and really causing some annoyances over here. Why attack our community?
lol.
Use proper ddos protection instead of colocrossing weaksauce protection & dont have to hide behind cloudflare.
against american
right ????????
Time to have a little drinkiepoo..
What does "MJJ" stand for?
Having to solve all these captchas is getting annoying though. @yoursunny can you please implement a captcha where the user has to do pushups in front of the device?
LET celebrity @codydoby explains MJJ:
https://www.lowendtalk.com/discussion/comment/3210266/#Comment_3210266
Note: he is unlikely to be the attacker.
squat captcha
push-ups required for phpinfo()
It is pathetic how LET owners unable to cope with this MJJ DDoS. Monetized traffic to the max and still cluster can't hold a bit of traffic spike.
Your statement isn't helpful at all. Cloudflare is required at the moment, as that attack is L7 (Application layer).
Yes, there are better solutions than Cloudflare, but they're expensive ($$$).
LET has a ton of money to spare. From all that juicy traffic. At the moment it is golden age on this forum.
The battle continues guys. Sorry about the issues.
We've doubled our hosting resources and are working diligently to block the evolving attacks.
Woohoo attacks continue. Doing our best everyone.
Test post
just buy a fcking better l7 protection from the ad money ffs
The effort continues.
This website www.lowendtalk.com/ is currently offline. Cloudflare's Always Online™ shows a snapshot of this web page from the Internet Archive's Wayback Machine. To check for the live version, click Refresh
use Google cloud armor it won't cost you so much ffs @jbiloh
I will look into that, thanks for the suggestion.
Referring to this by any chance? https://cloud.google.com/armor
If so, have you seen the price tag of $3000/mo with per request billing as well? A DDOS protected website, along with the tips mentioned above by yoursunny, will help you a long way.
If you were referring to https://projectshield.withgoogle.com/landing, then it's only for political/news orgs/non-profits, so not an option.
it's pay as you fucking go, and that ddos attack can't cost let much more than 20 bucks
skorupion losing billions while LET is taking hits
billions? I woudnt even budge WE ARE TALKING ABOUT TRILLIONS
PMS-ing over LET downtime, that's new. Touch grass.