Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

DDoS Effecting AVS ISP

2»

Comments

  • avsispavsisp Member, Patron Provider

    @zed said:
    i suspect canada

    Or those darn Yankees :wink:

  • x0x0xx0x0x Member

    @Alyx said:
    Probably better for the future to not make accusations if you are not sure about it.
    LET user doing LET things is one thing. A company doing an official statement is something else.

    This isn't the first time they're announcing they're being DDoSed. Any hosting provider would be aware that DDoS attacks can happen, but public announcements and following it up with geopolitical accusations seem unnecessary when all of this should have been communicated directly to affected customers only.

  • avsispavsisp Member, Patron Provider
    edited June 26

    @x0x0x said:

    @Alyx said:
    Probably better for the future to not make accusations if you are not sure about it.
    LET user doing LET things is one thing. A company doing an official statement is something else.

    This isn't the first time they're announcing they're being DDoSed. Any hosting provider would be aware that DDoS attacks can happen, but public announcements and following it up with geopolitical accusations seem unnecessary when all of this should have been communicated directly to affected customers only.

    Affected customers are all customers and the majority of our customers are from LET. There's a reason LET has the Outages section.

    We don't post any DDoS that happens, we get them often. We only post when it's severe enough it knocks off majority of clients.

    Also, our email systems and website even have been effected - it's hard to send an announcement to clients when systems are up and down.

    We are a very transparent host. We don't go hiding when we have these issues and wait for he flood of posts complaining and people calling us a scam and asking for refund. The few times we didn't post quick enough, someone else will email, call, and message everywhere calling us a scam. Better to be transparent and upfront with all clients - past, present, and future.

    Thanked by 1rpqu
  • AlyxAlyx Member, Host Rep

    As much as I disagree with the "lets blame state actors" thing.
    I do respect that you are communicating issues and posting updates.

    Definitly more than you can say about some other providers.

  • seoworldseoworld Member

    Oh, come on—there were outages all morning in Macedonia; did the cat walk across the cable? That just doesn't add up! Your expertise might be good, but for the international business—count me out!

  • wldtrvwldtrv Member

    It's definitely still on-going, Albania is out again this morning.

  • @seoworld said: did the cat walk across the cable?

    No! it was state sponsored of russian hackers. They cut the cable.
    I don't have proof. But I have so much evidence, cannot be a coincidence. ;)

  • avsispavsisp Member, Patron Provider

    @wldtrv said:
    It's definitely still on-going, Albania is out again this morning.

    Was rerouted again. Monitors detected 6Mpps hitting AL and MK this morning and flipped back to GSL routing.

    Thanked by 1forest
  • wldtrvwldtrv Member

    @avsisp said:

    @wldtrv said:
    It's definitely still on-going, Albania is out again this morning.

    Was rerouted again. Monitors detected 6Mpps hitting AL and MK this morning and flipped back to GSL routing.

    Working again, thank you for the update.

    Thanked by 2avsisp forest
  • angstromangstrom Moderator

    People, please stay on-topic. The topic is described in the opening post

  • edited June 27

    @avsisp said:

    @luckypenguin said:

    @avsisp said: a lot of our IPs were apparently added to the famous Russian drop lists - with traffic being blackholed by all Russian ISPs

    That's a sign that you host public VPN services focused on russian users. They detect multiple RU sources connecting to the same IP with large traffic volumes and block it.
    The government doesn't order anything, it's a semi-automated system like DPI.
    From that, to jump to a conclusion it was a state sponsored attack was a huge stretch :)
    They have a fuel crisis now, not exactly the perfect timing to DDoS a small Albanian ISP.

    Again, we said we suspect it to be. We gave the signs. The biggest isn't only that they blackholed it - but that they un-blackholed it long enough to start a full blown DDoS - which only the government can turn those blocks on and off at will. The majority of that source traffic came across links with high Russian ISPs - like links using GNM-IX for example.

    We've not given a definitive "IT'S THEM, THEY DID IT" - we gave the signs and our opinion on where we believe it originates along with a "we can't prove it, but we suspect" disclaimer.

    Even a (semi-serious) suspicion would need some kind of motive. What would make you so important to them that they'd burn resources they could otherwise direct elsewhere? As far as VPN activity is concerned: As @luckypenguin already said that's exactly what gets you blocklisted over there but this is nothing really personal or special.

    Unless you are hosting some kind of Ukrainian drone backend or whatever i don't see why the Russian government would even notice your existence let alone spend resources on you. No offense but in the grand scheme of things most of us just aren't much of a big deal. It's natural.

  • angstromangstrom Moderator

    I'm closing this thread for a couple of hours

  • angstromangstrom Moderator

    I've done a massive clean-up of this thread

    Thread reopened

    People, please stay on-topic

    @avsisp , it would be useful if you gave an update on the situation that you described in the opening post

    Thanked by 2tentor avsisp
  • avsispavsisp Member, Patron Provider

    @angstrom said:
    I've done a massive clean-up of this thread

    Thread reopened

    People, please stay on-topic

    @avsisp , it would be useful if you gave an update on the situation that you described in the opening post

    At this time the only updates we have are:
    1) Last night the DDoS ended from around 11pm until about 9am this morning (CEST) at which time it resumed
    2) We re-routed locally last night, however as the DDoS is ongoing again, we were forced to reroute again this morning to GSL for filtering.
    3) We are awaiting confirmation from GSL when the DDoS has ended for several hours before rerouting back.
    4) We've implemented automatic monitoring and rerouting to GSL is now automated should it start again after that.

    Also - thank you for taking the time to handle the cleanup of thread. Appreciate your efforts @Armstrong

    Thanked by 1angstrom
  • jsgjsg Member, Resident Benchmarker

    @avsisp said:
    We are a very transparent host. We don't go hiding when we have these issues and wait ...

    Kudos for that!

    Thanked by 3avsisp forest bbmmsvr4u
Sign In or Register to comment.