>- see footer for list info -< can you filter as well on the nameserver provider end eg zoneedit provide a failover monitor so when it can't connect it can point to a backup ip/zone even on another isp, http://www.esecurityplanet.com/best_practices/article.php/11779_3297581_3 some defensive tools on http://staff.washington.edu/dittrich/misc/ddos/
cheers Colm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Allan Cliff Sent: Friday, April 22, 2005 9:54 AM To: CF Developer Subject: [work] Re: [CF-Dev] cfhttp error >- see footer for list info -< By the way its a way cheaper to pay them off than the infrastructure needed to combat a DDOS attack. Obviously what they are doing is illegal and I am not saying you should pay but the fact is it could cost you about �20000 a year in hardware/bandwidth/etc for a BASIC defence and �500/�1000 to pay them off. We got attacked twice in two years and spent the money on DDOS defence and when they attacked again we couldn't handle it. Look at the numbers and make your choice. Maybe if the companies are bigger they will ask for more money, I don't know. Remember you always depend on your upstream router cos when you get attacked you have to ask them to start filtering to stop the attack reaching you. If they don't respond then 100Mb can be expensive! ----- Original Message ----- From: Tomo To: Allan Cliff ; Coldfusion Development Sent: Friday, April 22, 2005 10:03 AM Subject: Re: [CF-Dev] cfhttp error are you saying you paid these people to stop the attack? Allan Cliff wrote: >>- see footer for list info -< > > We have been DDOSsed and we had to pay to make them stop. > The second time we put in some hardware to stop it with a 100Mb burstable > line behind and it even filled that up (estimated at a 150Mb attack). Time > to pay again. > We were only a small company and could not do anything to stop it. It was > just out of our league. > Maybe a company like M$ would have the bandwidth to cope?!? > But someone like protx probably wouldn't have more than 100Mb. Even if you > do have that bandwidth, IP changes / DNS changes the DDosers are usually > only 15 minutes behind you. > > You then depend on the upline routers to filter stuff out and unless you > have plenty of influence they aren't interested, and if they are you have to > find the person who knows how to configure the filters. They prefer to block > calls to the whole domain rather than filter out the crappy packets. > > Some 12 year old romanians have nothing better to do! LOL. > My 2p worth > > Allan > > > ----- Original Message ----- > From: "Russ Michaels (Snake)" <[EMAIL PROTECTED]> > To: "'Coldfusion Development'" <[email protected]> > Sent: Thursday, April 21, 2005 5:16 PM > Subject: RE: [CF-Dev] cfhttp error > > > >>>- see footer for list info -< >> >>So if all your switches are being DDOS attacked, how do you allow the > > legit > >>traffic through and ignore the rest. And how do you make your firewall, >>switches and network cards deal with more traffic than they are physically >>capable of dealing with. >> >>Yes you can have a backup system on a totally different IP range and > > switch > >>over to that, but what if that then gets attacked as well. >>Do you just have infinite backup plans and hope the attackers eventually >>give up. >> >>I very much doubt attacker would bother with the MM or M$ websites as that >>serves no purpose. But they have attacked for example the passport.net >>servers and taken them down on many occasions. And I'm sure M$ do have the >>money and to provide a lot of redundant backup solutions. >> >>The list of BIG companies that have been taken down by DOS attacks is > > pretty > >>extensive. >> >>So do you also thing, Worldpay, Barclays, IBM, M$, Symantec etc are > > shysters > >>as well ? >> >>Russ >> >> >> >>>-----Original Message----- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of >>>Robertson-Ravo, Neil (RX) >>>Sent: 21 April 2005 15:51 >>>To: Coldfusion Development >>>Subject: RE: [CF-Dev] cfhttp error >>> >>> >>>>- see footer for list info -< >>> >>>Erm, why did I know you would come up with something ;-) >>> >>>You are showing your hardware and network ignorance here my man. >>> >>>OK, true you cannot prevent a DOS attack - but it is also >>>true that you can alleviate and combat them within MINUTES of >>>an attack taking place allowing 'real' customers to gain >>>access to services. Do you think that Microsoft or >>>Macromedia do not suffer DOS attacks? They do, probably >>>everyday - and I have never seen the M$ go offline. >>> >>>True it costs money - and it needs some serious hardware and >>>infrastructure but it can be done. >>> >>> >>> >>> >>> >>> >>> >>> >>> >>>-----Original Message----- >>>From: [EMAIL PROTECTED] >>>[mailto:[EMAIL PROTECTED] On Behalf Of Russ Michaels >>>(Snake) >>>Sent: 21 April 2005 15:48 >>>To: 'Coldfusion Development' >>>Subject: RE: [CF-Dev] cfhttp error >>> >>> >>>>- see footer for list info -< >>> >>>That is an idiotic remark Neil. >>>There is not a lot anyone can do if being DOS attacked. >>>Worldpay have been taken down several times by it, even >>>Microsoft have as well. >>> >>> >>>>-----Original Message----- >>>>From: [EMAIL PROTECTED] >>>>[mailto:[EMAIL PROTECTED] On Behalf Of >>>>Robertson-Ravo, Neil (RX) >>>>Sent: 21 April 2005 13:35 >>>>To: Coldfusion Development >>>>Subject: RE: [CF-Dev] cfhttp error >>>> >>>> >>>>>- see footer for list info -< >>>> >>>>Also, try and visit their company site.......you will get >>>>nothing....everything is down.. >>>> >>>>Nice to see they have the infrastructure in place to deal with DOS >>>>attacks...if I were you I would move from that company first chance >>>>you get >>>>- they are obviously shiesters. >>>> >>>> >>>> >>>>-----Original Message----- >>>>From: [EMAIL PROTECTED] >>>>[mailto:[EMAIL PROTECTED] On Behalf Of >>> >>>Simon Baynes >>> >>>>Sent: 21 April 2005 13:26 >>>>To: [email protected] >>>>Subject: [CF-Dev] cfhttp error >>>> >>>> >>>>>- see footer for list info -< >>>> >>>>I use a 3rd party company to handle my Credit Card >>> >>>transactions called >>> >>>>Protx. I build the interface last year and it has been working fine >>>>since July last year. This morning the chttp call that >>> >>>initiates the >>> >>>>transaction is producing the following error. >>>> >>>>Connection Failure: Status code unavailable >>>> >>>>Now I can navigate to the page manually and it is there and >>> >>>I cannot >>> >>>>for the life of me work out what the problem is. >>>> >>>>So any help would be great. >>>> >>>>Attach Code >>>> >>>><cfhttp url="#paymentServer#" method="POST" >>>>throwonerror="YES" timeout="20"> >>>><cfhttpparam name="VPSProtocol" value="#VSPVersion#" >>>>type="FORMFIELD"> >>>><cfhttpparam name="TxType" value="#TxType#" type="FORMFIELD"> >>>><cfhttpparam name="Vendor" value="#vendor#" type="FORMFIELD"> >>>><cfhttpparam name="VendorTxCode" value="#TransferReference#" >>>>type="FORMFIELD"> >>>><cfhttpparam name="Amount" value="#Price#" type="FORMFIELD"> >>>><cfhttpparam name="Currency" value="#currency#" >>>>type="FORMFIELD"> >>>><cfhttpparam name="Description" value="#Description#" >>>>type="FORMFIELD"> >>>><cfhttpparam name="NotificationURL" value="#PayLink#" >>>>type="FORMFIELD"> >>>></cfhttp> >>>>_______________________________________________ >>>> >>>>For details on ALL mailing lists and for joining or leaving >>> >>>lists, go >>> >>>>to http://list.cfdeveloper.co.uk/mailman/listinfo >>>> >>>>-- >>>>CFDeveloper Sponsors:- >>>> >>>>>- Hosting provided by www.cfmxhosting.co.uk -< >>>>>- Forum provided by www.fusetalk.com -< >>>>>- DHTML Menus provided by www.APYCOM.com -< >>>>>- Lists hosted by www.Gradwell.com -< >>>>>- CFdeveloper is run by Russ Michaels, feel free to >>>> >>>>volunteer your help >>>> >>>>>-< >>>> >>>>This e-mail is from Reed Exhibitions (Oriel House, 26 The Quadrant, >>>>Richmond, Surrey, TW9 1DL, United Kingdom), a division of Reed >>>>Business, Registered in England, Number 678540. It contains >>>>information which is confidential and may also be >>> >>>privileged. It is >>> >>>>for the exclusive use of the intended recipient(s). If you are not >>>>the intended >>>>recipient(s) please note that any form of distribution, >>> >>>copying or use >>> >>>>of this communication or the information in it is strictly >>> >>>prohibited >>> >>>>and may be unlawful. If you have received this >>> >>>communication in error >>> >>>>please return it to the sender or call our switchboard on >>> >>>+44 (0) 20 >>> >>>>89107910. The opinions expressed within this communication are not >>>>necessarily those expressed by Reed Exhibitions. >>>>Visit our website at http://www.reedexpo.com >>>>_______________________________________________ >>>> >>>>For details on ALL mailing lists and for joining or leaving >>> >>>lists, go >>> >>>>to http://list.cfdeveloper.co.uk/mailman/listinfo >>>> >>>>-- >>>>CFDeveloper Sponsors:- >>>> >>>>>- Hosting provided by www.cfmxhosting.co.uk -< >>>>>- Forum provided by www.fusetalk.com -< >>>>>- DHTML Menus provided by www.APYCOM.com -< >>>>>- Lists hosted by www.Gradwell.com -< >>>>>- CFdeveloper is run by Russ Michaels, feel free to >>>> >>>>volunteer your help >>>> >>>>>-< >>>> >>> >>>_______________________________________________ >>> >>>For details on ALL mailing lists and for joining or leaving >>>lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo >>> >>>-- >>>CFDeveloper Sponsors:- >>> >>>>- Hosting provided by www.cfmxhosting.co.uk -< >>>>- Forum provided by www.fusetalk.com -< >>>>- DHTML Menus provided by www.APYCOM.com -< >>>>- Lists hosted by www.Gradwell.com -< >>>>- CFdeveloper is run by Russ Michaels, feel free to >>> >>>volunteer your help >>> >>>>-< >>> >>>This e-mail is from Reed Exhibitions (Oriel House, 26 The >>>Quadrant, Richmond, Surrey, TW9 1DL, United Kingdom), a >>>division of Reed Business, Registered in England, Number >>>678540. It contains information which is confidential and >>>may also be privileged. It is for the exclusive use of the >>>intended recipient(s). If you are not the intended >>>recipient(s) please note that any form of distribution, >>>copying or use of this communication or the information in it >>>is strictly prohibited and may be unlawful. If you have >>>received this communication in error please return it to the >>>sender or call our switchboard on +44 (0) 20 89107910. The >>>opinions expressed within this communication are not >>>necessarily those expressed by Reed Exhibitions. >>>Visit our website at http://www.reedexpo.com >>>_______________________________________________ >>> >>>For details on ALL mailing lists and for joining or leaving >>>lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo >>> >>>-- >>>CFDeveloper Sponsors:- >>> >>>>- Hosting provided by www.cfmxhosting.co.uk -< >>>>- Forum provided by www.fusetalk.com -< >>>>- DHTML Menus provided by www.APYCOM.com -< >>>>- Lists hosted by www.Gradwell.com -< >>>>- CFdeveloper is run by Russ Michaels, feel free to >>> >>>volunteer your help >>> >>>>-< >>> >> >>_______________________________________________ >> >>For details on ALL mailing lists and for joining or leaving lists, go to > > http://list.cfdeveloper.co.uk/mailman/listinfo > >>-- >>CFDeveloper Sponsors:- >> >>>- Hosting provided by www.cfmxhosting.co.uk -< >>>- Forum provided by www.fusetalk.com -< >>>- DHTML Menus provided by www.APYCOM.com -< >>>- Lists hosted by www.Gradwell.com -< >>>- CFdeveloper is run by Russ Michaels, feel free to volunteer your > > help -< > > > > > _______________________________________________ > > For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo > > -- > CFDeveloper Sponsors:- > >>- Hosting provided by www.cfmxhosting.co.uk -< >>- Forum provided by www.fusetalk.com -< >>- DHTML Menus provided by www.APYCOM.com -< >>- Lists hosted by www.Gradwell.com -< >>- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -< > > _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -< --- avast! Antivirus: Outbound message clean. Virus Database (VPS): 0516-7, 04/22/2005 Tested on: 4/22/2005 2:25:11 PM avast! - copyright (c) 1988-2004 ALWIL Software. http://www.avast.com _______________________________________________ For details on ALL mailing lists and for joining or leaving lists, go to http://list.cfdeveloper.co.uk/mailman/listinfo -- CFDeveloper Sponsors:- >- Hosting provided by www.cfmxhosting.co.uk -< >- Forum provided by www.fusetalk.com -< >- DHTML Menus provided by www.APYCOM.com -< >- Lists hosted by www.Gradwell.com -< >- CFdeveloper is run by Russ Michaels, feel free to volunteer your help -<
