Skip to Content.
Sympa Menu

dns-operations - Re: [opennic-dns-operations] Large number of T2 servers being removed from the database

dns-operations AT lists.opennicproject.org

Subject: Dns-operations mailing list

List archive

Re: [opennic-dns-operations] Large number of T2 servers being removed from the database


Chronological Thread 
    < Chronological >      < Thread >
  • From: Jeff Taylor <shdwdrgn AT sourpuss.net>
  • To: dns-operations AT lists.opennicproject.org
  • Subject: Re: [opennic-dns-operations] Large number of T2 servers being removed from the database
  • Date: Tue, 18 Sep 2012 11:59:44 -0600
Yeah that is really poor customer service!  I see stories online now and then about how a datacenter helped their client get through a DDoS attack.  They have to know that ANY website can be attacked, and if the datacenter isn't ready to handle the situation when it happens, they never should have tried to host servers in the first place.


On 09/18/2012 09:28 AM, Abraão Caldas wrote:
Well I disabled my server because the datacenter sent me the second warning about DoS: "He can´t host your server because you are begin DDoSed..." blah blah blah, when I find a decent DC i will host it again. :(

2012/9/18 Jeff Taylor <shdwdrgn AT sourpuss.net>
I agree that you can't prevent a DDoS attack, however the kind that we normally see are from folks trying to use an amplification attack on another target.  Our servers are not the target, just the vehicle for their attack.  By running my perl script, it prevents your server from becoming part of the attacks.  In an amplification attack, most of your bandwidth is used up by your own server trying to respond to the queries.  If you don't respond, the attacker is just wasting their own bandwidth, and they usually figure out that your IP is not helping them.



On 09/18/2012 07:47 AM, Abraão Caldas wrote:
There is no software solution for DDoS, it can help, but if they want the attack will fill your pipe and iptables can only help on last mile. 

2012/9/18 Brian Koontz <brian AT opennicproject.org>
On Tue, Sep 18, 2012 at 09:12:23AM -0400, Abraão Caldas wrote:
> Some bandwith, and you need to secure your server, because some people
> (that don´t have anything better to do) will DoS your server down, like
> mine server. The solution, take it down forever.

I disagree that this is the only solution.  Jeff has a DDOS script
that works well; I posted some iptable rules that utilize hashtable to
block offenders quite effectively.  With these measures in place, my
T2 server runs anywhere from 100kbit/s to 1Mbit/s on occassion.  You
can view all of my T2 traffic logs at gopher://pongonova.gopher.

  --Brian

--
OpenNIC (the sequel) co-founder and wikimaster
IRC: Freenode.net channel #opennic

----
To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org





Archive powered by MHonArc 2.6.19.

Top of Page