Well guest what?

My servers are down again!

Well they may be up but none of my customers can get to them! :angry:

You would think that Burst.net would take steps to block DDoS attacts.

In the 5 years of hosting and 4 NOC's I have never had more DDoS than I have on Burst.net.

I am not sure why they get hit with so many DDoS attacts.

Any one know what is going on?:eek:

I assumed this outtage is what NOCSter is.:mad:

Yep.... Our servers have also been down... Going on 3 hours now.

My customers don't want to hear it is the data center and not us.

All they know is they can't get to their web pages and they are paying us!

It is cut and dry!

No access - No Money!

Do you hear that sucking sound? "@&%@&%....$$$$$$$" It is hosting accounts moving off us!

Regards,
CrowMan

You are not alone....I lose customers faster than gain them... I may have to resort to buying more small companies to stay ahead of the game.....damn Burstnet

:angry: :kaioken: :uzi: Doss

Sure it's a DOS attack?

Boy am I glad we never leased any servers with BurstNET -- I was tempted at one stage, but thankfully decided against it after the complaints started to surface.

I rememember once reporting an illegal web site to them which they hosted. They did not remove the site, nor even respond. I emailed them several times about it to make sure they had received my email to abuse@burst.net. While I don't have the URL anymore, I believe that site is still up.

While I don't have the URL anymore, I believe that site is still up.
What makes you think the *spooky* illegal site is still up? Got a gut feeling?
Before making an accusation like that, I believe I would make sure it had some substance.
Otherwise, you just look like an idiot.

Originally posted by sbrad

What makes you think the *spooky* illegal site is still up? Got a gut feeling?
Before making an accusation like that, I believe I would make sure it had some substance.
Otherwise, you just look like an idiot.

All I can say is that;
1. I stumbled across the site by accident
2. I reported it to abuse@burst.net
3. I didn't get a response, so I emailed them again
4. About a month later it was still online

Even if I did still have the URL, I don't think anyone would want me to post it here. :eek:

Originally posted by vnet
You would think that Burst.net would take steps to block DDoS attacts.

In the 5 years of hosting and 4 NOC's I have never had more DDoS than I have on Burst.net.

I am not sure why they get hit with so many DDoS attacts.

Well, they do offer IRC shells, and IRC is allowed on their dedicated servers.

Is there anyone from burst net can confirm this?

They just announced their new service...

Why don't you all colo with a reliable company. Cutting costs to save money is one thing but when it directly related to you loosing customers is it really worth it.

Well, they do offer IRC shells, and IRC is allowed on their dedicated servers.

So what?

Originally posted by jayjay


So what?

Most hosts don't allow that because it compromises their servers.

Most hosts don't allow that because it compromises their servers.

Just because people IRC from boxes located in a NOC, doesn't mean that's why they get DOS'd. It goes far beyond IRC. I'm not saying if some idiot gets a shell, goes into #conf on EFnet (or something similar) and acts like a retard. They won't get DOS'd. But, still..

All I was saying was that they also offer IRC shells, which most providers don't, which might be why they have more denial of service attacks than other providers. I agree that it goes far beyond IRC. I'm not saying that they shouldn't offer IRC shells or allow IRC on their dedicated servers because that just ruins it for the people like me that don't ever cause problems, and it's hard to find a provider that allows IRC these days. I'm just offering a possible reason why they have a higher incidence of denial of service attacks.

Another possible reason could be that one of their clients has a site that really pushes the boundaries of free speech, so some immature people are trying to take the site down.

Maybe it's a disgruntled customer of a provider that has a server there. Who knows? :confused: It's a crazy world we live in. :(

wouldnt this be in the dedicated hosting forum

and yeah

people rant about how burst should take steps to block dos attacks.

well here's some news, its not as easy as you think it is.

and dos attacks are not as simple as you think it is

there is more to it then just someone "pinging" the server or something stupid.

and yeah

people rant about how burst should take steps to block dos attacks.

well here's some news, its not as easy as you think it is.

and dos attacks are not as simple as you think it is

there is more to it then just someone "pinging" the server or something stupid.

If the money is there, it can be prevented. But not 100%.

It's not rocket science. But it isn't cake.

true

someone who understands :)

DDoS shouldn't be a problem to prevent effectively considering the size of BurstNET.

if you think DOS attacks are easy to take care of read this, if it doesn't scare the crap out of you, you are not in hosting.

http://grc.com/dos/drdos.htm

Oh and I might add it is a great tutorial 101 on TCP/IP networking.

Monte Roberts

You think we should forward this to our hosts?

http://grc.com/dos/drdos.htm

The fact that you posted that URL. You loose all creditability.
That guy is an idiot.

That's not to say DOS attacks are scary.

Almost anybody can launch a DDOS at anytime, from anywhere.
Alot of companies on the internet don't take security seriously. Heck, I'm sure people on this board have rootkits on their boxes, and they don't even know.

But that's not to say that some DOS attacks cannot be stopped. Look at httpd.net and equinix. (I don't know many others.. But I'm sure that they are out there.)

Originally posted by jayjay
http://grc.com/dos/drdos.htm

The fact that you posted that URL. You loose all creditability.
That guy is an idiot.

You, sir, are the idiot.

it is not much of a loss. :bawling:


Some peope think he is a nut others think he is a genius to each his own. But the point being a DrDOS attack is a scary thing that can happen and to stop one once it starts is not an easy task. To prevent it even harder.


Monte

Originally posted by Monte
if you think DOS attacks are easy to take care of read this, if it doesn't scare the crap out of you, you are not in hosting.

http://grc.com/dos/drdos.htm

Oh and I might add it is a great tutorial 101 on TCP/IP networking.

Monte Roberts

I own one of the largest shell providers and just started dedicated/virtual hosting. I will admit, I'm not the brains behind it. I have an EXCELLENT colocation facility with great support. They also specialize in DDoS.

Maybe they should start consulting also.

Originally posted by Sharpnet


I own one of the largest shell providers and just started dedicated/virtual hosting. I will admit, I'm not the brains behind it. However, we have an EXCELLENT colocation facility with great support. Their speciality is DDoS.

Maybe they should start consulting too.

<typos>

Originally posted by jayjay
http://grc.com/dos/drdos.htm

You loose all creditability.

That's like tight all credibility, only different. Right?

-B

Don't the firewalls like the netscreen100 filter traffic that could be dos attacks? Isn't a dos attack a ton of packets from a certain IP? Can you have your machines automaticly block IPs that send and extra ordinary amount of packets?

Originally posted by ClusterMania
Don't the firewalls like the netscreen100 filter traffic that could be dos attacks? Isn't a dos attack a ton of packets from a certain IP? Can you have your machines automaticly block IPs that send and extra ordinary amount of packets?

A distributed denial of service attack originates from many different networks, so you can't just filter one particular IP address. Also, IP addresses can be spoofed.

If you go read the article I posted you will see how they can use some of the biggest servers on the net like Yahoo's, Google, etc to attack you.
In a normal DDOS attack they use robots to put trojans in machines all over the world then they fire them off all at once so you can have 200 or 300 machines with differrent IP's attacking you. With a real DDOS attack it can get very hard to block it but it can be blocked at the router level.

With the DRDOS attack they use normal internet routers that are part of the back bone and turn it against a certian server. That one becomes almost impossible to stop other than unplugging the server for awhile.

Monte

Hmm, aren't dos attacks like pings? Can't you totally deny users to ping your servers or network?

a simple attack might be a ping attack. But a real attack makes contact just like someone requesting your web page the difference is that you have hundreds of request all at once. The only way to deny that is to deny your server as a server on the internet.

The DRDOS attack spoofs your IP and sends request packets to major servers around the world then they try and answer you, as they should, but you will have hundreds trying to answer you at once flooding your IP with packets and effectivly shutting your server down.

As I said if anyone thinks a serious DDOS attack is easy stop they are fooling themselves.