New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Thanks UK attacker! We are withdrawing from the UK
This discussion has been closed.
Comments
Nooooo, this is @MartinD's UK-based brand, from the same group that bought out NodeDeploy.
Ah, that makes more sense. Idk it just gave me a feel of that FreeVPS site.
Yeah - and it's really annoying the tits off me because they're a bunch of no-brained kids that will fuck off after the summer is out.
Not sure, wouldn't have thought so.
I have been hit in the past but no where near on this scale, perhaps because I piggy back on OpenITC's infrastructure, and to be honest I stopped getting hit when I genuinely started looking in to it and offered a reward for info.... Interesting!
Seems that a few people are forgetting some history here though, iirc Jack when he was flying DotVPS solo was getting hit pretty hard in NL as well and it just continued when he moved to the UK.
LES in the UK (Newcastle) was getting constantly hit as well to the point I had to pay for protection.
Someone that is getting hit constantly is missing a prime opportunity to put up a info gathering box like pfsense log everything and share ALL info with the community, some clever people around here and some with contacts in high places.
Here's a conspiracy for ya:
It was CC, obviously.
If the attacks are linked to the ones I took over the weekend they were using open DNS resolvers and UDP floods.
For what its worth, I have a VPS with DireVPS in the UK and it is getting smashed with amplified DNS attacks. I get 10-100's of thousands of LARGE DNS packets getting dropped by iptables.
(My other VPS in Europe get maybe 100-500 scanners a day... Nothing like this!)
Apart from owning hardware and IP space I don't think so. They colocate at rapidswitch and wildcard. Rapidswitch just like Oktay colocated.
@wych indeed but it is surprising what deep inspection can turn up if you capture a sample of packets.
You can also make some effort to contact the operators of the open resolvers which themselves are being exploited and ask them for logs, which gets you a possible step closer.
You can also put up a few honeypot style resolvers and limit what they actually can reach so you have even more info.
I know it is a lot of effort but I would be happy to throw €1000 in to the pot for any info that leads to the prosecution/ arrest of the person(s) responsible. and @serverian literally shits money from what I hear so no doubt we can push the pot up.
@MartinD, do you also own minivps.us? I saw their advertisement in LEB Ads
No - they're just muppets that I was referring to earlier.
MiniVPS.us are a bunch of rule-dodging clowns. I'm amazed they're advertising tbh, given that they couldn't even be bothered to follow the offer posting rules.
Anyone used MiniVps.US and can comment on their service? They seem to have a very cheap deal on the 128 with IPv4 for $4/yr! How is that sustainable!
I think the only real comment is how shit do you need to be where you have to copy someone elses name to get customers. knowwhatimean.
@asterisk14 Well buddy, put it this way - they got an 'associate' to come and post the offer on here claiming to be a customer so they could circumvent the offer rules. If that doesn't scream dodgy, I don't know what does.
Bagsy minivps2.co.uk
If you actually do that, I suspect Martin will come round and fuck you with a rake.
Think minivps.co is better, it's 3 letters shorter than minivps.co.uk
NB Martin: No need to bring a rake, I have one already on-site.
The customers will literally flow to me.
I'd probably fuck the rake with him tbh.
http://freevps.us/thread-13733-post-155849.html#pid155849
hostdime | vpsdime hmm is it the tld or the name that counts as a 'rakeable' offence?
I know it sucks to be copied by someone else but still, can't stop them from getting yoursamename.somethingelse unless you get most of the important tlds.
I'm sure it sucks more to get raked.
Haha! Totally agree on that one!
This is how buyvm.com was born... I was fooled once :P Now they dont show anything like a VPS shop.
Even being in Europe gets you attacked.
when i based everything in the US we had no ddos attacks as soon as we moved to France we have had issues with incoming attacks.
Some of thoes attacks are nasty and did not get solved until my webhost looked at it 12 hours later.
I could not imagine how bad it is in the UK.
The strange thing about the attacks i got is that they came about 1 hour after lewis123456 said he wanted to do bad things to my node.
But i think he got the meggage that the web host i'm with does not give into attackers.
I think that mtwiscool is the main suspect for these attacks.
Has anyone considered that it could be a Netherlands provider starting the attacks on UK let/leb hosts? Resulting in people moving their nodes to their DCs in the Netherlands or elsewhere in Europe?