Learn More
Resend Email
7
retoor
11h

My server is under heavy attack, many IP's.

Here's a part of requests per ip all in same range:
```
509: 47.82.11.166
509: 193.41.206.202
512: 47.82.11.183
521: 47.82.10.30
548: 47.82.11.8
553: 47.82.11.177
559: 47.82.11.230
606: 47.82.11.41
659: 47.82.11.249
675: 47.82.10.139
684: 136.243.228.177
700: 47.82.11.27
865: 85.25.210.70
```

Al together, but my server died for a second. I thought, how is that possible? All my request limiters gone somehow. I have no idea how that's possible. Implemented a few days ago and tested it.

Meh, server is handling quite well, i have time to write this rant before to fix it. But dammit. I tested it together with people on Snek. I'm flabbergasted.

Fucking scriptkiddies. YOu were lucky.. Somehow..

Will disable ping, that's where the issues start with i guess.

rant

ddos

rate limiting
Favorite
Ranter
Comments
  • 7
    11h
    I remember getting a spammer kicked off an ISP 20 some years ago. They responded by DDOSing my ISP. Fun times.
  • 4
    11h
    @Demolishun The logic of some fuckers...

    > 'You banned be from your services for doing something I wasn't supposed to? I'll show you!'.

    ...the scum.
  • 4
    11h
    @D-4got10-01 back then it was pretty easy to find the server the spam came from. Then I would find the admin/abuse contact and let them know about the spammer.

    Now there is so much obfuscation and a lot of places don't care.
  • 5
    11h
    @Demolishun this one is from Hetzner. Will contact them.
  • 4
    11h
    @Demolishun I contacted the hosting company of JAMES THE HACKER also. But they ignored me. But doesn't matter anymore. He works with Buffon at molodetz now.
  • 2
    11h
    @retoor Locked up in the basement? Just like all the moderation teams?
  • 4
    11h
    @BordedDev in my sex dungeon. They're getting ballbusted daily.
  • 3
    11h
    I just recompiled a server with the right plugins and replaced it while snek users didn't notice anything. Can your devops do that? I don't freaking think so! :D
  • 4
    10h
    I'm getting a serious 'Pulp Fiction' gimp vibe here.
  • 3
    9h
    @D-4got10-01 wow, and previous time requeem for a dream. You always get the good movie vibes.
  • 3
    9h
    Any way to fingerprint it? User agents, end points, packet size of requests?

    Fire it into the access log and point fail2ban on it
  • 3
    9h
    @lungdart I'm sure the rate limiter does such stuff. I configured it, tested it with a few people and now it's gone. I a huge wtf. Don't have to as far as user agent. I don't want it even read the headers if someone is on limit. Else they could do tricks like connect and send headers very late to keep a process open. I have 200% cpu with a mountain of 0.1% usage processes. That's what they do, keeping line open. I ddos and crawl my server so often, no issue. But they request a certain file dozens of times.
Related Rants
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment