I notice I often get DDoS'd when I post here, to NANOG, usually w/in
2-3 hours, so owing to this note it'll probably happen again tonight!
The typical attack is some mixture of DNS whacking from dozens or
hundreds of hosts, plus usually UDP packets being flung at basically
round-robin ports
Slabbert
Sent: February 8, 2021 2:19 PM
To: Compton, Rich A
Cc: Mike Hammett ; Jean St-Laurent ; NANOG
list
Subject: Re: [EXTERNAL] Re: Retalitory DDoS
Was gonna come to add that. That and maybe some UDP frags.
You may want to have your hosting provider block all inbound traffic from
8, 2021 at 10:58 AM
> *To: *Jean St-Laurent
> *Cc: *NANOG list
> *Subject: *[EXTERNAL] Re: Retalitory DDoS
>
>
>
> *CAUTION:* The e-mail below is from an external source. Please exercise
> caution before opening attachments, clicking links, or following guidance.
>
> I
Cc: NANOG list
Subject: [EXTERNAL] Re: Retalitory DDoS
CAUTION: The e-mail below is from an external source. Please exercise caution
before opening attachments, clicking links, or following guidance.
I don't have RTBH, no. It's just a web server.
Now how my hosting provider handled it, I'm
urent"
To: "Mike Hammett"
Cc: "NANOG list"
Sent: Monday, February 8, 2021 11:59:32 AM
Subject: RE: Retalitory DDoS
I would not for 2.5 Gbps
So if you were down for 1 hour with 2.5 Gbps and it’s probably not a black
hole.
There might be something else valuable in
.
Peace
Jean
From: Mike Hammett
Sent: February 8, 2021 12:56 PM
To: Jean St-Laurent
Cc: NANOG list
Subject: Re: Retalitory DDoS
I don't have RTBH, no. It's just a web server.
Now how my hosting provider handled it, I'm not sure. I don't know if they just
dropped me internally
y 8, 2021 11:53:43 AM
Subject: RE: Retalitory DDoS
You got RTBH?
From: Mike Hammett
Sent: February 8, 2021 12:50 PM
To: Jean St-Laurent
Cc: NANOG list
Subject: Re: Retalitory DDoS
In my case, it was against a server not on my own network, so my impact was a
blackhole for an hou
You got RTBH?
From: Mike Hammett
Sent: February 8, 2021 12:50 PM
To: Jean St-Laurent
Cc: NANOG list
Subject: Re: Retalitory DDoS
In my case, it was against a server not on my own network, so my impact was a
blackhole for an hour at 4 AM local time. I likely wouldn't have even noticed
Midwest Internet Exchange
The Brothers WISP
- Original Message -
From: "Jean St-Laurent"
To: "Mike Hammett" , "NANOG list"
Sent: Monday, February 8, 2021 11:42:12 AM
Subject: RE: Retalitory DDoS
Nice report,
If you would have to pick up just
: February 8, 2021 8:43 AM
To: NANOG list
Subject: Re: Retalitory DDoS
Mike,
I've attached the full information we got from our DDOS protection system below.
We had a large number of ping loss and data loss tickets begin opening up for
devices sharing the cabinet chi18-313. The high traffic
Peace,
On Mon, Feb 8, 2021 at 2:48 PM Mike Hammett wrote:
> I got an e-mail explaining why I was getting DDoSed. Is that aspect common?
Not quite. But it happens sometimes.
> Is it safe to assume that they completely anonymized the email they sent to
> me?
Likely, but not necessarily. Look
Not an official club, but the unofficial club is full of members including
myself unfortunately...little you can do except consider DDoS mitigation
service if it continues.
It is a criminal activity, so you can report the attack to the FBI...they can't
do much to be honest, but at the very
Mike,
I've attached the full information we got from our DDOS protection system
below.
We had a large number of ping loss and data loss tickets begin opening up for
devices sharing the cabinet chi18-313. The high traffic and interference was
determined to be caused by incoming traffic to
13 matches
Mail list logo