Michael D. Posted November 18, 2018 Report Share Posted November 18, 2018 Hello! It's been a while since we've seen a decent DDoS attack - something large enough that our facility would take any sort of proactive action against it. A decently sized DDoS attack started hitting our network this morning on the order of 8 or 9 GBPS. Our facility saw this traffic and began to proactively put blocks in place resulting in some IP addresses showing offline. Only a few were affected by this due to the very targeted nature of this attack. Our network is capable of absorbing attacks of this size so for now we've asked the facility to rescind the blocks so that we can just absorb this attack. All services are online and operational at this time. If there are any major changes we'll update this thread. Quote Link to comment Share on other sites More sharing options...
SarisIsop Posted November 18, 2018 Report Share Posted November 18, 2018 Thank you for keeping us in the loop. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted November 18, 2018 Author Report Share Posted November 18, 2018 For clarity there is a lot of detail I am not providing here in this thread due to the nature of the attacks - but we are aware of them and working to resolve them as they change and adapt. Quote Link to comment Share on other sites More sharing options...
bobptz Posted November 18, 2018 Report Share Posted November 18, 2018 First thing I did was go to the twitter channel. I did not see anything so I opened a ticket. I think it is better to announce it there. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted November 18, 2018 Author Report Share Posted November 18, 2018 First thing I did was go to the twitter channel. I did not see anything so I opened a ticket. I think it is better to announce it there. It's only affecting a very extremely tiny subset of clients - so I didn't want to get everybody concerned about it unless the attack gets to the point that we can't manage it or have to take drastic steps. To be completely straightforward - these attacks aren't big enough to take anything we have offline - but our facility is proactively trying to protect us. I've asked that they stop doing this [stop null-routing IPs] which will result in things staying online. If the attack does get to the point that our infrastructure can't handle it - we do have other options available to us other than de-routing IPs and we'll use those first. It's been a LONG time since we've had any DDoS attacks much less of this magnitude and our infrastructure has changed substantially since the last time so our facility is doing their best to protect us and is being a bit ... too overprotective . Quote Link to comment Share on other sites More sharing options...
mdd_shared_user Posted November 21, 2018 Report Share Posted November 21, 2018 Any update on this? Thanks. Quote Link to comment Share on other sites More sharing options...
Michael D. Posted November 21, 2018 Author Report Share Posted November 21, 2018 Any update on this? Thanks.Nothing to update. The attacks were absorbed and ended. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.