Thread

I don’t actually remember if those were on a front end page somewhere before.  I know Nevin has said they are working on a way to be able to better alert people of issues and progress in solving them when even their own servers are hit by something as was the case this time I think.

To add to this, yes.  We have been working on rolling out a new support ticket system, status system, and completely independent email system in our business continuation data center to allow us a better way of communicating with our clients during events that affect our primary data centers in any way.

Likewise from the information gathered today we have already made some, and will be making more changes to our internal infrastructure to both limit issues like Tuesdays to be less of an impact on our internet systems, and to more quickly identify if the issues are strictly inbound, outbound or both. These will not be focused strictly on this specific type of attack, as next time it will like be different still.  Yes, I said next time, as this is the Internet and with the increases in spam, script abuse, and general wide scale DoS and DDoS attacks.  These are done as ways to annoy people, gain bragging rights with “peers” or even by organized crime to extort money from small and large businesses alike.

So as our our hosting clients that have been with us for going on 5 years now will tell you, anytime we face any type of an issue, we address it head on, as the money and resources to implement change and protection is all part of this business.  Well at least for some of us 😉

Cisco Guard is just one solution, but they most certainly do manage DDoS attacks and allow normal traffic to run barely noticing it. But you’re saying DOS and then describing DDoS attacks. They are two very different things. DDoS is distributed. A DoS is a single source attack.

I wanted to touch on one more topic 😊

We do have systems in place to assist with a number of types of external DoS and DDoS attacks and I am well aware of Cisco’s offerings as actually they bought the technology a few years ago by buying a company called Riverhead.

The detection portion of their solution last time we looked at it runs about $90k per box, and those are only the systems to identify and alert the mitigation portion of that solution to do its thing.  But in this case it would only assist in the event it was purely an external attack or likely an attack between two separate clients within a data center.  This would not be effective within a private network setting even within their data center.  So in this case it would have been a few $100k worth of equipment that would have not helped. 😊

Edit: Also a Denial of Service attack is any type of attack that is designed to deny access in one form or another.  You running a script on a server in an infinite loop to cause all CPU resources to be used and affecting other clients on that box, or flooding a users email box with 1,000’s of email messages an hour on a remote server, even if you send them from multiple email servers (or a million other ways, intentional or not) would still be considered a denial of service attack 😊

As I said I was quite sure you had steps in place to manage it.

My point was clearly not to say you didn’t. All i said lol was that to say you cannot stop DDoS attacks is completely incorrect.

JT,

Actually I just wanted to truly just follow up what you did post, not that you said we did not.  Sorry if it came off wrong, as you can imagine it was a long day. 😊 

Yes, typical external DDoS attacks with enough hardware and also enough bandwidth, to exceed the amount being pushed at you in the DDoS attack, then yes, they can be.  With growing botnets, some estimates in the 10’s of millions of compromised PCs under botnet controls, some DDoS attacks exceeding several Gigabits per second now, it does get expensive to outrun the free bandwidth the botnets are supported with though, even for large data centers. 😉

Thanks JT!