New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Thanks UK attacker! We are withdrawing from the UK
This discussion has been closed.
Comments
Yes, every single IP in our ranges that are announced in the UK is getting attacked. It's not a simple website attack.
The income gained by the location is nowhere near covering the cost of a proper DDoS mitigation.
Not really. People just go to NL which is cheaper and with minimal latency to the UK. So the attacker wants noone in his territory. Which is fine. I'm done with it.
@servian NL may be an acceptable solution, especially at LEB prices, but sometimes you just want local hosting and it's not like the UK is ill equipped. I'm not blaming you or complaining, just sucks to see more people pull out of the UK.
Well, that is one way to remove competition, seems to work I guess. Can't really say I cared much about UK services personally, still sucks though. I wonder how much total the attacks against you, and others, cost to whoever is doing it, and if it is worth it.
It was not an easy decision. We fought against it for days. Endless calls to the DC. Getting up from the warm bed because of down alerts a few times a night. Replying angry and frustrated tickets. Using everything in our power to find the attacker.
You'd think the DCs are helpful in these kinds of situations but nope. It's costing them money to even auto null IPs over and over again. The bandwidth passed before the nullroute is expensive enough for them to hate you.
no data from your UK DC at all? wow, this looks like a not so responsible DC.. better withdraw then.
If i have a server with any DC, i should atleast expect some raw data/information on DDoS happening on my server, so you could further analyze.
It's UDP flood from spoofed IPs. What can you do with them? lol
So I guess one of the only solutions is to go with a large UK company that makes enough of other products to cover the cost of protection from these attacks, or these guys just target low end providers?
I do have one box in the UK though that's been solid for years, apart from once or twice I remember the node having to be rebooted (which they said was because of a DDoS) but they don't offer low end plans any more. I wonder if this is why
Yes, that's it. If you started fucking with the big guys with money and contacts with service providers around the world in the UK on a scale like this you wouldn't last ten minutes.
I was under the impression you have no data at all like what kind of attacks and if its spoofed IP or not... well yea, nothing much you can do if that is the type of attacks.
Good call serverian, there's no reason to put up with this shit for ~15ms of latency.
I can tell you from experience they are not. The server I had with them was slow, over-priced, and support was poor. If anything, I would say people should not buy from them. That's a personal note, not one made as LET Administrator.
Yes go for NL location also I heard that NL provider's provide good ddos protection so you will be safe.
Whoa. That's actually pretty scary that someone controls the whole country by doing that. What an asshole(s).
And that's without assumptions they're behind the attack.
Only UK GCHQ(They have power like NSA) can help to track down this person.Which i think is not going to happen.
Just my 2 cents, if the customer base is large enough why not hike the price a bit and colo along with a DDoS mitigation device?
So if LET gets DDoS'd now..
I thought this was a pretty regular occurrence.
But because they all bought their DDoS boxes on CC backed LEB hosts it's easy to mitigate. It's a big conspiracy.
Pretty much, yeah. It was one of the most terrible experiences I had with a host.
Unfortunately, it is.
When did all this start?
Probably a very lonely childhood
I mean year and month, does anyone know that?
@httpzoom why you did this?
Hmm, sad to say, but I was pretty sure this was coming when the attacks started up on day one.
Given the silly prices of things in the UK, it's just not worth the hassle of dealing with these mumless cunts.
There is no proof that they are behind the attacks. There's the suspicion, that's it. There are plenty of other people who could be performing these attacks.
How big are the attacks? How long? entire subnets?
Fucking crazy bastards ruining our UK hosts.
You know I don't think it's the small companies such as HTTPZoom sending these attacks as they don't have much competition with serverain, its these big companies such as 1&1, HeartInternet, 123-reg etc...
It's someone from LET.
Back when I worked for URPad, we had no UK stock for a long time. Then due to demand we finally launched a new node in the Uk, I forget the specs but it was a beast compared to some of the others. 72GB RAM monster with 6 or 8 drives. Not a cheap deployment. Got featured on LEB, and almost immediately the new node was hit with a strong attack. It literally lasted a week, @ChrisMiller can confirm. Obviously, pissed a lot of customers off. I do believe they were at first attacking an older node, then eventually either signed up with us directly or were told the details of the new one, as it didn't take long for the new node to get pounded too.
In discussions with the DC (Pulsant) the tech or whoever it was answering our ticket pretty much just said most their customers who are lowend VPS providers are targeted when they post adds on LET/LEB. He pretty much said stop posting on LET/LEB UK offers if you want the attack to stop. Miller probably has the email log of the ticket responses.
I don't recall when the attacks finally stopped, probably after another offer or two was on the front page of LEB that no longer listed URPad in the top spot or we stopped accepting UK orders, I don't recall. Was a busy/hectic week where I didn't sleep a whole lot. At the time we had suspicion that the attacks were being sent from an active LET member who is still active here, though with no proof, can't really do anything.
Could be anyone. Sadly, nothing really can be done other than absorb it and hope someone get's bored or decides that the cost of sending the attack isn't worth it any longer.