Jump to content
MDDHosting Forums

DDoS attack affecting all services


Recommended Posts

In the last hour, we experienced two periods of degraded service due to two different DDoS attacks targeting other clients in our data center. In both cases, all servers remained online, however some connections were dropped at the network level, or delayed longer than usual. In both cases, the attack was mitigated within moments and full connectivity was restored and confirmed at Pingdom in less than 10 minutes.

 

Attack 1:

At 5:23pm EST our monitoring detected increased packet loss to multiple servers. Our administrators believed this to be a DDoS attack and confirmed this fact with our data center.

At 5:30pm EST full connectivity appeared restored after our data center mitigated the DDoS attack by null routing the targets of the attack.

 

Attack 2:

At 5:43pm EST we noticed packet loss and connectivity issues to all servers again.

At 5:47pm EST full connectivity was restored.

 

 

As we were not the target of the attacks, we don't have many other details. We will continue to monitor connectivity and report any issues or news here.

 

As always, feel free to ask general questions below. Questions specific to your account, or if you think your account may still be impacted by this, should be directed to technical support.

 

 

For more information regarding DDoS (Distributed Denial of Service) attacks, please see:

https://en.wikipedia.org/wiki/Denial-of-service_attack

Link to comment
Share on other sites

We did have another DDoS incident today. This time, 60gpbp. While all servers remained online, they were largely unreachable due to high latency and approximately 75% packet loss.

 

The timeline is as follows:

 

7:52PM EST: External monitoring high levels of packet loss and dropped connections.

8:18PM EST: External monitoring showed all services back online with no packet loss or abnormal latency.

 

Once again, the target of the DDoS was located in our datacenter, but is not a client or server we control.

Link to comment
Share on other sites

Looks like the data center needs to upstream the issue of blocking to their carriers and also move the client(s) that have the issue recurring out of the main datacenter.

 

They've already taken proactive measures to reduce the chance (and effect) of this recurring with the same clients. Unfortunately, when it rains, it pours... which is to say that there seems to have been some bad luck in this same type of issue recurring a few times recently. We've gone for very long stretches of time without DC level issues like this from them.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...