d_ostap
Nov 21 2005, 08:01 AM
Dear Customers,
The server 70.86.93.66 is under DDoS attack.
We do have firewal filtering and it is enabled for the server.
We have to block wide ranges of the ips to keep server protected and it is unreachable
from many places. When atack from those ip ranges stops we leaft block.
We leaft blocks once every half hours in order not to risk too much and decreased chances of server being compromised during route restarts.
Sorry for the temporary inconveniences.
Thank you.
Lehrer
Nov 21 2005, 04:16 PM
the attack still continues. We are doing all the possible to prevent something bad from happening.
apsoda
Nov 21 2005, 06:21 PM
can you at least do something so that those of us with secondary nameservers that actually do something can do their job and redirect elsewhere?????
Serge
Nov 21 2005, 08:13 PM
The server exeprienced lack of kernel semaphores because of DDOS. So we had to increase number of semaphores and reboot the server.
The server is protected with dedicated Cisco guard but some of the requests reach it because they are formed as normal httpd requests we tweaked apache to ignore them at night and it allowed spache to serve sites and not to be pumped with atackers requests. But it reuired to much kernel semaphores to filter off requests that get to the server.
As I write this I checked all teh sites on the server and they load ok.
Serge
Nov 21 2005, 08:14 PM
Just forfot to mentioned that we already moved away the customer who was a target of the attack on this server about 10 hours ago, but DDOS to the server ip continues.
Alexandre
Nov 22 2005, 12:33 AM
DDoS seems to be gone.
Thank you.
apsoda
Nov 22 2005, 11:39 PM
then what's the problem now... the last two accounts I've got left after my clients have all given up on me are now showing a 'suspended' page...
I've submitted a support ticket about that and the fact that I apparently have no login for WHM any more
I'm sure you're doing 'all you can', but this really is ridiculous and unacceptable
MartinB
Nov 23 2005, 01:09 AM
QUOTE
Just forfot to mentioned that we already moved away the customer who was a target of the attack on this server about 10 hours ago
You are sure than you are not that guy?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.