New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Sounds like there was local boxes within austria involved in it :P
I think there's only been a single 100Gbit flood and it was likely a crap load of 10Gbit boxes out of OVH :P
Francisco
There was a paper on it a while back. It was likely a DNS flood. I've seen a few come our way and they hit like a tank!
Francisco
Nah, I meant I have never seen something over that targeting our servers. Well, my DC claimed that a client of ours got hit with ~3gbps, however I doubt it was that much. Actually I asked him and started proxying his traffic through our ddos protection proxy and used the attacks targeted at him to start calibrating the protection, as I can not simulate large PPS, so it was usefull afterall :P Anyway I know that bigger attacks do exist.
@Francisco
I did not know that DNS reflection was still working as tpye of DDoS type of attack?
Possible on theory..
Jesus Christ >.>
@Jack I wrote that after fran but then a bunch of other people replied before i hit submit. I edited the post.
I think there's only been a single 100Gbit flood and it was likely a crap load of 10Gbit boxes out of OVH :P
No, but there was OVH and NL providers involved (UPC has large capacity on AMSIX as well as private peering with OVH in Vienna, 40G or so)
I'm in favor of tar and feather solution.
In anonymous case it was also political, as such the State felt threatened because their financial doggies took a beating.
Nobody cares for XYZ provider more than get their tax money or if they dont comply with the Big Brother laws.
M
Providers can't prosecute anyone, its the task of the executive to prosecute people.
Yeah, see my previous post.
M
Nobody cares for XYZ provider more than get their tax money or if they dont comply with the Big Brother laws.
XYZ providers cannot afford to find and prosecute people who DDOS them. You are half right that's it's about money (not political), they just happen to target people who can afford to hire people to track them down and prosecute them (i.e. attack the US government and the US government uses their resources to get you).
That is not correct. If you would be right, then if someone rapes a random woman in the street, if she has the resources to pay the police and DA to find the rapist and prosecute him, fine, otherwise the guy gets a clean record and is free to rape any number of "unwealthy" women...
XYZ does pay their taxes, they are entitled to the protection of the law regardless of their resources, if they file a complaint, the police, DA, whatever should do something to prosecute offenders, at least when they give the exact name and address of the perpetrators. They could catch ppl in many countries but couldnt find Constantinos, for example ?
It is political.
M
If you say so, it's not worth arguing since it doesn't change anything.
Nobody here is talking about rate limiting on incoming connections using iptables.
There are plenty of copy & pasted howtos out there that suggest this. Is this considered a "best practice" not even worth talking about because it's assumed you're doing it already, or a "don't bother because it doesn't really help anything" or somewhere in between?
If you have a 100mbit connection, then as soon as you get >100mbit of traffic, you're done. No iptables setup will help against that, your pipe is saturated.
EDIT: That is not to say it doesn't work, just it won't do anything useful in the majority of cases where you'd need 'DDoS mitigation'.
Software firewalls (like IPTables) are mainly for the low bandwidth attacks. (syn floods, http(s) floods, etc)
We are doing rate-limiting and connection throttling.. It is just not on software (iptables) level. Its a huge help.