SmartFeedSmartFeed          

Porsche Hangout


WELCOME - YOU ARE CURRENTLY VIEWING 419EATER AS A GUEST

By joining our community you will have the ability to post topics and access other forums reserved for members. Registration is quick, simple and absolutely free. Join our community today by clicking here.

ScamWarners.com - Internet Anti-Fraud Center - now open!


 WebsiteSource :-|

View next topic
View previous topic
 
Post new topicReply to topic
Author Message
justme
Master Baiter


Joined: 22 May 2009
Posts: 112


PostPosted: Thu May 28, 2009 9:27 pm Reply with quoteBack to top

My site (also the honeypot) was hosted with WebsiteSource, since they could guarantee that DDoS attacks would be handled, and there wouldn't be any problems. Today we had a single HTTP flood (that's the near-lowest level of attack you can do on a site), the used bandwidth went up to 62.5 gigabyte, and WebsiteSource tells us to buy a dedicated server, because we are giving other customers trouble.

DDoS attack-proof? Not really Neutral

So I'm asking them for a refund now... This is serious nonsense.

_________________
Little mosquito you are annoy me
The music you singing
I don’t want to hear
You can go to many places
- John Johnson, poetic lad
View user's profileSend private message
kallepromp
Not quite a Newb


Joined: 24 May 2009
Posts: 60


PostPosted: Thu May 28, 2009 9:33 pm Reply with quoteBack to top

Try to get a log over connections from host..
View user's profileSend private message
justme
Master Baiter


Joined: 22 May 2009
Posts: 112


PostPosted: Thu May 28, 2009 9:36 pm Reply with quoteBack to top

kallepromp wrote:
Try to get a log over connections from host..

No use really. I know it's a botnet, and I kinda suspect whose botnet it is.

_________________
Little mosquito you are annoy me
The music you singing
I don’t want to hear
You can go to many places
- John Johnson, poetic lad
View user's profileSend private message
kallepromp
Not quite a Newb


Joined: 24 May 2009
Posts: 60


PostPosted: Thu May 28, 2009 10:02 pm Reply with quoteBack to top

Well, then throw in the towels and move to another host.. Wink
View user's profileSend private message
Pastor Frank
Moderator


Joined: 31 Jan 2007
Posts: 11521
Location: EN34ix


PostPosted: Thu May 28, 2009 10:47 pm Reply with quoteBack to top

justme wrote:
So I'm asking them for a refund now...


I would also ask for a quality Spanish hooker, and a case of Guinness. Wink

_________________
"Father Juan are sure that you are man of God,because your behaviors showed you as unbeliever" -Mary R
View user's profileSend private messageSend e-mail
lotta
Baiting Guru


Joined: 08 Jun 2005
Posts: 13613
Location: 2 Speckled Cct Springfield Lakes QLD 4300


PostPosted: Fri May 29, 2009 5:44 am Reply with quoteBack to top

I'm so sorry justme Sad

_________________
<a href="/forum/donate.php">[Click here to donate to 419Eater.com]</a> Lead Support Contact for Missing Posts - (pm me)

Nigeria bank kills South Africa Netherlands Netherlands United Kingdom United Kingdom United Kingdom United Kingdom Spain Spain Spain United Arab Emirates
star star
Mortar Nurse Nastys Audi TT Mc Fry

Alan James Watson (AKA Bi Gal, AKA Big Al, AKA De Master Yoda) -2007, 2008, 2009, 2010 "Doos of the year" award winner

Frederick Fokker:
"I am giving you about a month to get your act together, i am cutting you and the eater a bit of slack"
Dec 11, 2007

Elton Purple Flower Black Ribbon Flying Monkey
View user's profileSend private message
justme
Master Baiter


Joined: 22 May 2009
Posts: 112


PostPosted: Fri May 29, 2009 6:01 am Reply with quoteBack to top

kallepromp wrote:
Well, then throw in the towels and move to another host.. Wink

I have already asked for a refund, and they will refund it fully. The point is, it's very hard to find a DDoS-proof (and HTTP-flood-proof) host that's actually affordable. I know HR-Developments does a very good job on mitigating attacks, but they are $20/month Sad

They recommended me SquareSpace though, which is clouded hosting.

_________________
Little mosquito you are annoy me
The music you singing
I don’t want to hear
You can go to many places
- John Johnson, poetic lad
View user's profileSend private message
wokabo
Master of Master Baiters


Joined: 23 Sep 2004
Posts: 825
Location: best beer country in onomatopoeia world


PostPosted: Fri May 29, 2009 8:48 am Reply with quoteBack to top

If you know the IP address(es) where the attack is coming from, and you have full FTP access to the place where you dump your web files, add or edit a files called .htaccess and add those IP's to the DENY FROM statement
(example: Deny From 12.226.242.136 24.82.164.148 24.233.221.185 etc...

That should make the server drop all communication with those IP's, no longer eating up your bandwidth (been there, done that).

The IP's I'm quoting here in my example are real spam addresses so I'm leaving them there for the world to see...

_________________
pony pony pony

Fight My Brute
View user's profileSend private message
Dutch
Goat hoarder


Joined: 22 Nov 2007
Posts: 4204
Location: Dislocated


PostPosted: Fri May 29, 2009 9:54 am Reply with quoteBack to top

^^ If it is a botnet causing the flood it would mean adding maybe tens of thousands of IP addresses, not really workable I guess.

_________________
SpainNigeriaNetherlandsCanadaSouth AfricaUnited KingdomAustraliaIvory CoastGhanaTogoUkraineIrelandHong KongFranceSenegalGermanyBeninTurks and CaicosIndonesiaPortugalBurkina FasoMalaysiacameroonJapanGambiaSierra LeoneKenya deadified fake websites) x 374
Mortar x11 Closed lad accountsx a couple Cellphone pony Easter Egg Nurse Nastys Audi TT Goat Golden Goat
Yes we can! (with a bit of help)
View user's profileSend private message
justme
Master Baiter


Joined: 22 May 2009
Posts: 112


PostPosted: Fri May 29, 2009 10:02 am Reply with quoteBack to top

wokabo wrote:
If you know the IP address(es) where the attack is coming from, and you have full FTP access to the place where you dump your web files, add or edit a files called .htaccess and add those IP's to the DENY FROM statement
(example: Deny From 12.226.242.136 24.82.164.148 24.233.221.185 etc...

That should make the server drop all communication with those IP's, no longer eating up your bandwidth (been there, done that).

The IP's I'm quoting here in my example are real spam addresses so I'm leaving them there for the world to see...

They would still connect and cause server load... that won't help a lot. They would have to be blocked at hardware level.

Also, I''m currently looking into cloud hosting (recommended by WebsiteSource customer support) and HR-Dev... but HR-Dev is too expensive and I doubt cloud hosting can take/mitigate a HTTP flood.

_________________
Little mosquito you are annoy me
The music you singing
I don’t want to hear
You can go to many places
- John Johnson, poetic lad
View user's profileSend private message
Badgerbait
Baiting Guru


Joined: 07 Jan 2009
Posts: 4502
Location: Alas, summer is slow in responding.


PostPosted: Fri May 29, 2009 8:41 pm Reply with quoteBack to top

@ Pastor Frank - Why a Spannish hooker? I can understand the Guiness (though I prefer Shiner Bock).

_________________
I have arrived in Moscow. Has gone to bank and to me have told that there is no such transfer for me!!!!
What does it mean? You played with me? If it so that you very much the cruel man and I am assured of that that the god will see your cruelty.
Explain to me!!!!!!!!!!!!!!!! - Alena Byk0va
-----------
Closed lad accounts x12 Goat Easter Egg Mortar x3 x4 Elite Ninja Team Member

We are Karma's soldiers.
<a href="/forum/donate.php">Mugu Gold</a>

I must be cruel, only to be kind:
Thus bad begins and worse remains behind.
-Hamlet, scene iv

View user's profileSend private messageSend e-mail
manbiteslion
Baiting Guru


Joined: 12 Dec 2007
Posts: 4816
Location: Connecting my chair and keyboard


PostPosted: Fri May 29, 2009 9:21 pm Reply with quoteBack to top

Cloud hosting could help you - try the Amazon Web Services offering - it'll take you a bit of work to get set up, but $0.11 per gigabyte means even 65 gigs will be $7-odd - but they may give up earlier once they realise your site is un DDOS-able thanks to the monsterous level of redundancy. You could even cloudfront it ($0.17/GB) which will mean every connection will get directed to a local, speed optimised server, so your site will never go down, so the DDoS becomes a hollow and useless threat.

The AWS stuff is all pay as you go, it's an easy and very cheap win. I even resell AWS Cloudfront privately for video streaming as it's so blinking fast and priced very attractively.

_________________
Premium Wimp Convincer - Click Me!
View user's profileSend private message
justme
Master Baiter


Joined: 22 May 2009
Posts: 112


PostPosted: Fri May 29, 2009 9:39 pm Reply with quoteBack to top

But if you pay per gigabyte that would mean that people could easily drive up your cost by just hitting it 24/7?
Also, I don't think the co-admin and funding guy is really ready to have a variable fee. He is jobless after all.

_________________
Little mosquito you are annoy me
The music you singing
I don’t want to hear
You can go to many places
- John Johnson, poetic lad
View user's profileSend private message
Display posts from previous:      
Post new topicReply to topic


 Jump to:   



View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



E-Mail Header Analysis


All Content © 2003 - 419Eater.com
Powered by phpBB © 2001, 2002 phpBB Group :S5: FI Theme :: All times are GMT