Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Is it normal that a seedbox on a private tracker gets lots of DDoS attacks?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Is it normal that a seedbox on a private tracker gets lots of DDoS attacks?

I have several seedboxes, some in EU some in US. All is used on private trackers for my Linux .iso files...
On one of my seedboxes in the US, I have got a DDoS attack. I don't know what kind or how big, for Kimsufi don't tell you that, only that they have taken care of it.
The first attack lasted for almost a day, before my VPS was back on the normal network again. The server worked all the time, I got to seed, could use RDC etc.
But just 10 minutes after it was back on the normal network, I got a new message that I got a new DDoS attack on the same box.

Any way I can find out which "Linux .iso file" they go after? Or if there is some other attack on the box?

And anybody that have used Kimsufi for a long time, how many DDoS attacks do they allow on the same box before you get the boot?

Thanked by 1ManofServer

Comments

  • MikeAMikeA Member, Patron Provider

    Kimsufi (any OVH brand) doesn't terminate you for attacks. But no, there's not.

    Thanked by 1myhken
  • If I start using a VPN service on the seedbox, will that help?

  • MikeAMikeA Member, Patron Provider

    @myhken said:
    If I start using a VPN service on the seedbox, will that help?

    I've never heard of someone using a VPN on a dedicated server/VPS, but go for it.. most VPN services don't include any good mitigation.

    Thanked by 1myhken
  • ManofServerManofServer Member
    edited September 2016

    @myhken said:
    If I start using a VPN service on the seedbox, will that help?

    I've actually done this on my Linux distro/iso seeding box with 226 editions, and it works great, kind of weird how we think alike.

    On one box, I had W2012R2, connected it to a high speed VPN (set to kill the network interface if the VPN disconnects), and then started guest VM's in VMWare which were always VPN and DDOS protected. It works so well, you can even seed public tracker *nix.

    Here's my guest VM, VPN'ed from the main OS:

    Thanked by 1myhken
  • jarjar Patron Provider, Top Host, Veteran

    I had a brief outage on one kimsufi box in CA tonight. Wonder if there's any correlation? Possible that they just hit the IP for neighboring another, or for formerly being used for something else, I would think.

    Thanked by 2doghouch myhken
  • If you connected a brick to the net it would attract hacks/attacks.

    Thanked by 1ManofServer
  • Depending on how exactly the DDoS detection works, massive amount of torrent traffic can look like a DDoS, even if it is not.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @rds100 said:
    Depending on how exactly the DDoS detection works, massive amount of torrent traffic can look like a DDoS, even if it is not.

    Bingo, BT traffic is all UDP minus tracker scrapes/announcements.

    Francisco

  • @Francisco

    That's true but ovh/kimsufi has enough seedboxes with massive amount of BT traffic for long enough to know the difference.

  • Tnx for all replies. If torrent traffic should trigger the DDoS protection, why do not happen on my 4 other kimsufi seedboxes?

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @MacPac said:
    @Francisco

    That's true but ovh/kimsufi has enough seedboxes with massive amount of BT traffic for long enough to know the difference.

    You say this while their Canada location has extreme saturation issues :P

    Francisco

    Thanked by 1MacPac
  • @Francisco said:
    You say this while their Canada location has extreme saturation issues :P

    Francisco

    It's actual a Canada server I have issue with. The rest of my seedboxes is in Europe.

  • AnthonySmithAnthonySmith Member, Patron Provider
    edited September 2016

    myhken said: Tnx for all replies. If torrent traffic should trigger the DDoS protection, why do not happen on my 4 other kimsufi seedboxes?

    Without having very specific information that would be hard to say, are you seeding exactly the same stuff on each, do you limit the pps and kbps per session, how many active sessions per server, and so on and so on, so many variables, it is possible.

  • First time I had a Kimsufi seedbox working only on a tracker that has such a small private audience that even finding the link doesn't show you what it was, I got a.... 55 second DDoS (a a real one, but a very, very poor attempt) which was mitigated. I got a message about it.

    Nothing so far since.

    Thanked by 1myhken
  • MaouniqueMaounique Host Rep, Veteran

    AnthonySmith said: Without having very specific information that would be hard to say, are you seeding exactly the same stuff on each, do you limit the pps and kbps per session, how many active sessions per server, and so on and so on, so many variables, it is possible.

    This implies outgoing traffic may trigger ddos protection...

    Thanked by 1myhken
Sign In or Register to comment.