I have recently been DDoSed multiple times by 10+ servers hosted at SoftLayer.
The attacks started a couple of weeks ago and since then I've been attacked about 5 times with over 200 Mbit/s and 20.000 PPS.
I contacted the abuse section at SoftLayer after the first attack, and they replied that I should provide logs. So I did. A few days later I was attacked again (from the very same IPs) and my server went offline. I contacted them again with but no reply. A few days later I had my third attack, and I contacted them again, once again with no reply.
Lately I've been attacked almost every day, and it really hurts my business.
Short term: Contact your provider and have them filter the traffic for you. Or null route the source IP's on your Router...
█ Owner Media-Hosts.com AS14442 Canadian Web Hosts Since 2002
█ 24/7 365 Support, 100% Network Up-time Guarantee
█ Web Development Specialists (E-Commerce, Inventory, Design)
█ OpenVZ.ca Reliable, Affordable VPS Servers and Web Hosting. IPv6 Available
Simply saying, "contact them by phone" doesn't always help.
Most larger hosting companies you contact by phone will simply say, "sorry we don't deal with abuse issues via phone, send an email to [email protected]" or it gets answered with a "we've forwarded your complaint on." Gee, thanks for telling the person who are attacking me that they are attacking me. They probably know it. If they don't know it (because they've been compromised) they probably don't know how to stop it either.
It's frustrating and sad when the only solution sometimes is to null-route a customer who might not even be doing anything controversial.