top | item 10825694

(no title)

cpqq | 10 years ago

Work in IT. Server was stable & online for 189 days before the 25th, knew them for stability.

No notification from them, just a handful of downtime alerts during time with the family. They were completely gone from BGP tables in Newark.

Used backups and moved sites to OVH. Don't know who they pissed off, I suspect another NJ competitor, who is known for taking cheap shots at other VPS companies.

It's a pain in the ass, but at the same time, how is their network so fragile? You would think at least some of the fragile systems being attacked would be firewalled or at least ACL'd off from the public net.

This is what happens when you don't run your own network and rely on other ASN's and uplinks to do the work for you. When it comes to other customers being affected, they will simply null you. Unlike your network ops who would be trying anything they could from OOB to rectify such.

discuss

StanAngeloff|10 years ago

What you are saying has been somewhat confirmed in Linode's latest update on the Atlanta outages [1]. I can't help it but to wonder if Linode were prepared or had a plan in place in case of a DDoS? It appears their upstream provider cuts them off completely once an attack starts/resumes and gradually puts them back on. The cycle then repeats.

We are also duplicating in OVH, read good things about their built-in DDoS protection on HN.

[1] http://status.linode.com/incidents/cbbcjnhhpkgm

cpqq|10 years ago

Wow.

I mentioned FastNetMon to them, but I just read the status update. They're blocking entire continents by communities... Holy shit. This is not some skiddie, this is likely state sponsored or BTC ransom.

Worrisome how the attacker knows so much of their infrastructure, makes me think ex-employee as he knows where to hit their servers, etc.

So glad I replied 'nope' to taking the cheaper SysAdmin position, after hand feeding them how I did mitigation. They asked me how, and were very interested in why. This was a week before this happened.

It's all making sense now. But even FastNetMon couldn't help this, you need a shitload of bandwidth (OVH size) and thousands (hundreds in cases for arbor) of equipment to match.

They need to GRE their /24's from Voxility or some large ass provider, as this is beyond fucked. I just read the status, they're cutting off parts of the internet to VMs. What in actual fuck.

I've worked in cloud for 10 years, and recently left, and will not be going back. Bare metal and OVH FTW. I can understand the 'going above and beyond' during holidays, but the lawyers I work for just want their 'f email online NOW' (direct quote)

gingerlime|10 years ago

What kind of VPSs are you guys using with OVH? I had a look at OVH, but to be honest got really confused with too many options to choose from... (not to mention I wasn't sure which site I should sign up to, the .com / .co.uk - is this based on the VPS location in any way?).

Linode clearly wins on simplicity and clarity. I guess under the current circumstances, I'd be willing to compromise simplicity for better availability though.