Jump to content


Photo

DDoS attack affecting all services

Resolved

  • Please log in to reply
6 replies to this topic

#1 Scott

Scott

    MDDHosting Staff

  • Staff Administrator
  • PipPipPipPip
  • 421 posts
  • Gender:Male

Posted 31 March 2016 - 05:24 PM

In the last hour, we experienced two periods of degraded service due to two different DDoS attacks targeting other clients in our data center. In both cases, all servers remained online, however some connections were dropped at the network level, or delayed longer than usual. In both cases, the attack was mitigated within moments and full connectivity was restored and confirmed at Pingdom in less than 10 minutes.

 

Attack 1:

At 5:23pm EST our monitoring detected increased packet loss to multiple servers. Our administrators believed this to be a DDoS attack and confirmed this fact with our data center.

At 5:30pm EST full connectivity appeared restored after our data center mitigated the DDoS attack by null routing the targets of the attack.

 

Attack 2:

At 5:43pm EST we noticed packet loss and connectivity issues to all servers again.

At 5:47pm EST full connectivity was restored.

 

 

As we were not the target of the attacks, we don't have many other details. We will continue to monitor connectivity and report any issues or news here.

 

As always, feel free to ask general questions below. Questions specific to your account, or if you think your account may still be impacted by this, should be directed to technical support.

 

 

For more information regarding DDoS (Distributed Denial of Service) attacks, please see:

https://en.wikipedia...-service_attack


  • 0
Scott S - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#2 Scott

Scott

    MDDHosting Staff

  • Staff Administrator
  • PipPipPipPip
  • 421 posts
  • Gender:Male

Posted 31 March 2016 - 05:44 PM

We have two new pieces of info regarding the attacks:

  1. They were in the range of 25gbps
  2. The target(s) were unrelated to previous attacks and each other.

  • 0
Scott S - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#3 HoustonBrooke

HoustonBrooke

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 31 March 2016 - 05:51 PM

Good to know, thanks. I noticed the sites go down when it happened and wondered why.


  • 0

#4 SarisIsop

SarisIsop

    Advancing Member

  • Members
  • PipPipPip
  • 155 posts
  • Gender:Not Telling

Posted 01 April 2016 - 04:18 AM

Thank you for keeping us informed Scott


  • 0

#5 Scott

Scott

    MDDHosting Staff

  • Staff Administrator
  • PipPipPipPip
  • 421 posts
  • Gender:Male

Posted 03 April 2016 - 08:16 PM

We did have another DDoS incident today. This time, 60gpbp. While all servers remained online, they were largely unreachable due to high latency and approximately 75% packet loss.

 

The timeline is as follows:

 

7:52PM EST: External monitoring high levels of packet loss and dropped connections.

8:18PM EST: External monitoring showed all services back online with no packet loss or abnormal latency.

 

Once again, the target of the DDoS was located in our datacenter, but is not a client or server we control.


  • 0
Scott S - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#6 PhilD13

PhilD13

    Newbie

  • Members
  • Pip
  • 7 posts

Posted 05 April 2016 - 10:54 PM

Looks like the data center needs to upstream the issue of blocking to their carriers and also move the client(s) that have the issue recurring out of the main datacenter.


  • 0

#7 Scott

Scott

    MDDHosting Staff

  • Staff Administrator
  • PipPipPipPip
  • 421 posts
  • Gender:Male

Posted 05 April 2016 - 11:44 PM

Looks like the data center needs to upstream the issue of blocking to their carriers and also move the client(s) that have the issue recurring out of the main datacenter.

 

They've already taken proactive measures to reduce the chance (and effect) of this recurring with the same clients. Unfortunately, when it rains, it pours... which is to say that there seems to have been some bad luck in this same type of issue recurring a few times recently. We've gone for very long stretches of time without DC level issues like this from them.


  • 0
Scott S - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users