I have a question related DDOS attack. My hosting provider told me that my Server was DDos attacked few days ago. But in those days my server worked fine only apache server was down. The strange fact is that in the same day with this "DDOS attack" one of theyr admins worked something on SSL section of my server and during this operation the SSL hosts were down and httpd worked slow.
Inthe passed 3 months httpd worked very slow and after 2-3 restarts of httpd service the load droped down below 3.00 . I believe theyr httpd service was already with problems and that SSL configuration cause that apache failure in that day with "ddos attack"
I repeat in that day ONLY ssl hosts worked fine and non SSL hosts were down.
It's possibile on DDOS attack that load to be unde 0.5 , SSL hosts to work fine, FTP, Mail and other stuf to work like there is nobody on server (VERY FAST) ?
Please tell me if they bullsh...g me or that was a DDOS attack. I know that these attacks load processor with high levels and access via ssh is broked
the ddos I have been talking about that comes from dc++ hubs will do this. In the last few weeks I have been seeing all kinds of new ddos attacks that pass right through ddos filters and have to be banned at the server, they are low bandwidth and they just knock out the target port they are hitting.
I have been babysitting servers all week because these types of attacks so I wouldnt call them liars right off. Then again, Ive had datacenters mess up hardware or something before and claim ddos attack - usually that happens right after an upgrade or hardware swap.
But anyway they can be telling the truth, Ive been slammed with similar attacks all week getting by all ddos firewalls on a few different ddos protected networks.