Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@JoshBent Idk, vps and don't know the hardware specifics.
Nope, just CSF but it doesn't even have to block anything yet.... -
Loic via an AWS ec2 swarm. Will try harder. Needs something more sophisticated it seems.
-
SZenC8157y@windlessuser it's essentially sending a long post body at a ridiculously slow speed in the hopes of filling up memory.
-
C0D4681457yWho bothers with 500h/s?
What do they expect it to be running on, a brick?
Did I see a challenge request @linuxxx ? -
@linuxxx reading the comments - I think you're soon going to get hit by some mirai IOT botnet ddos, if you keep asking for it 😆
-
Byomeer22097yI might know someone who could help you with this... https://devrant.com/rants/1047285/
-
That's not a DDoS, that's just me refreshing again waiting for some content to appear. :P
-
Noob64667yIt sounds more like someone with a proxy list, trying to fill your visit counter.
#90sWebTactics -
@Synth-Synapses It generates big amounts of traffic, multiple ip's and it seems like it's a SYN flood :)
-
@bahua It's not an HTTP attack, it seems to be SYN flooding. For some reason my firewall isn't blocking them, gotta investigate why haha
-
too lazy to read all comments, but how do you protect your self from this thing? I installed fail2ban for ssh attempts but for ddos?
-
@gitpush Tbh right now the firewall isn't even having a hard time but it'd be good if it started to block this haha
-
hjk10157317yNever smart to make a change out of it especially here!
Cashing and nginx help stave off almost all attacks here. -
kurtr127557yJust commenting to keep up to date. I have a feeling this might get interesting ☺ btw where does one find a link to the blog?
-
@JoshBent My current limit at the company I host the vps is 100 mbit/s. Even with 65K+ connections I don't even get above 5mbs. Also, my host has network level ddos protection so I should be fine for now :P
-
@linuxxx then still, just maybe don't stress the idea of ddosing them too much, they might not like it 😄 also what kind of ddos protection do they have, most hosts really just nullroute you if it reaches a specific threshold, which in return would cut you off until resolved.
-
jakobev24027yyet i dont have much experience in IT safety and so on. yeah i know.. i have to know that... but anyways how do you go against this shit?
-
@jakobev many will probably jump on a fence, but the easiest often is something like cloudflare, since if its an actual dedicated ddos, there is mostly nothing you alone can do (especially layer7-mass), because if a request reaches you, its already game over, so you would need some actual hardware or protection from your server host or location you host it in, to handle that, BEFORE it reaches anything your resources. Theres configurations you can do to prevent basic things, but as said, won't protect you against dedicated DDOS.
-
@JoshBent Something like cloudflare is good indeed only there's one problem. Cloudflare strips off secure connections at its own level. Meaning that they could pretty much see anything coming through.
Next to that, good software based firewalls could, when configured correctly, fend off big ass attacks. It depends on the resources of the server a lot. -
@linuxxx that's true, but thats with any ssl frontend or else it wouldn't work to redirect it to your server. I still have to encounter a server though that is affordable, that could handle massive ddos, with only software (please do enlighten me if I am wrong), especially if somebody is dedicated enough or your hoster just fucks you up by nullrouting it all - until it pauses, basically bringing you down themselves. Those kids usually just pay some stresstester or booter, which are becoming more and more powerful it seems, so most software solutions really don't help imho.
-
@JoshBent Very very heavy DdoS attacks probably can't be bend off indeed, it also depends on the Mbps allowed.
-
Orionss28977yIt reminds me the time when I tried to DDOS a minecraft server where I got banned when I was twelve and all I got was getting my box to reboot 😂
Related Rants
-
saiprasad52Developer: We have a problem. Manager: Remember, there are no such things as problems, only opportunities. Dev...
-
drRoss24"The server is flooded!" "With requests? DDoS?" "No."
-
kavan4Want to understand a DDOS attack? Imagine trying to work while being interrupted every few seconds.. forever. ...
So someone is constantly ddos'ing the privacy/security blog.
Just wondering if they really think that 500 hits a second will bring the site down?!
500 h/s consumes about 0.1 percent CPU and 1mb/s.
At least give me a challenge 😥
rant
attacks
really
ddos