2021 DDoS Issue

[JoshPlz]

In the 10GBps space, the best cost/performance ratio (Aside from used hardware that is.) I've found is Mikrotik -- something along the lines of https://mikrotik.com/product/crs326_24s_2q_rm if you're rolling fiber, or https://mikrotik.com/product/crs312_4c_8xg_rm if you need 10Gbps rj45. Configuration isn't that far off of Cisco, and budget minded IT dudes tend to swear by them. I dunno how much hardware you have but most of your options here are going to be <1k us shekels.
I personally run some shit through some of their lower-port-count-lower-end 10Gbps switches and can say that they're pretty much problem-free, and while their support isn't Cisco-tier, they are good for people that aren't afraid of rolling their own config for some autistic shit.

While having 10Gbps ports, it looks like both of those models would be a lot weaker in terms of CPU and RAM.

This is Null's current router: https://mikrotik.com/product/CCR1016-12G
It has a 12-Core CPU with 1.2Ghz each and 2GB RAM. So the new one would have to be similar or better than that.

 

[Right Wing Boomer Squads]

What's the difference? I'd have to ask upstream.

What does your ISP hand off your connection on at the moment? Either way, going for a device with SFP (1Gb) or SFP+ (10Gb) is better if possible - you can just buy RJ-45 SFPs if you need to go run copper out of your SFP ports. Fibrestore sell 10G-copper SFPs as well

 

[StuffedBallot]

While having 10Gbps ports, it looks like both of those models would be a lot weaker in terms of CPU and RAM.

This is Null's current router: https://mikrotik.com/product/CCR1016-12G
It has a 12-Core CPU with 1.2Ghz each and 2GB RAM. So the new one would have to be similar or better than that.

Yep, but we're looking for a switch & router. Which to me means that in addition to the switch I linked before, Null would probably want to upgrade to something like https://mikrotik.com/product/CCR1036-8G-2SplusEM for the router, since you get the 36 cores @ 1.2ghz, and SFP+ connectivity to the SFP+ switch.

What's the difference? I'd have to ask upstream.

I personally find that 10gb fiber is generally cheaper, especially for short runs than 10gb ethernet. Price of copper be dumb these days.


Edit: The fortinet advice given earlier in the thread is also super solid. Rolling your own router seems like a great techie idea, but Null did ask for idiot-proof solutions.

 

[Ralph Barnhardt]

You'd think that these DDOS morons would figure out that every time they do this we get better stuff and more abilities to have fun that they'll be mad about.

You think guys who cut their own dick off to magically become a woman are great at planning?

 

[The Big Bad D]

Yep, but we're looking for a switch & router. Which to me means that in addition to the switch I linked before, Null would probably want to upgrade to something like https://mikrotik.com/product/CCR1036-8G-2SplusEM for the router, since you get the 36 cores @ 1.2ghz, and SFP+ connectivity to the SFP+ switch.


I personally find that 10gb fiber is generally cheaper, especially for short runs than 10gb ethernet. Price of copper be dumb these days.

These obscure TILE architecture CPUs are fucking garbage, modern linux kernels don't even support them anymore

 

[Suiglide]

I find it funny how everything Twitter faggots claim Kiwi Farms does is done tenfold by them.

Twitter as a whole is 4chan and the weaponized autism of /b/ except for the fact that all the anonymous users are mentally ill children and adults actively trying to get one with the numerous journos there.

 

[JoshPlz]

View attachment 2307788
View attachment 2307789

Is that troon speaking the truth? Looks like the newest RouterOS release and Firmware would be 6.48.3 and 3.41

Yep, but we're looking for a switch & router. Which to me means that in addition to the switch I linked before, Null would probably want to upgrade to something like https://mikrotik.com/product/CCR1036-8G-2SplusEM for the router, since you get the 36 cores @ 1.2ghz, and SFP+ connectivity to the SFP+ switch.

Oh, alright. I didn't see that those were just switches, fren.

 

[StuffedBallot]

These obscure TILE architecture CPUs are fucking garbage, modern linux kernels don't even support them anymore

Modern linux kernels are also developed by a herd of retarded commies, so not sure that's a measure of anything.

You are right, that it's probably not beefy enough, but for DDOS protection I would possibly not try to do that in the router & look at some sort of appliance sitting in front of it, but I've been out of that game for ten years, so no fucking clue what to recommend.

 

[Scented Candle]

Have you considered buying a Corero or Fortinet router? They aren't cheap but they also are a permanent solution to this kind of attack.

 

[Secret Asshole]

I can't use my BAT, but these assmad troons just made me donate all of it. Its better than just sitting there.

 

[Onion Guide]

Threw assorted shitcoins at you as LTC. Much better off spent holding the line than losing value in my wallets.

 

[Maldavius Figtree]

Honestly you should keep the farms up for as cheap as possible just so that they burn through their cash financing those attacks - afaik DDoS services of this scale are expensive as fuck.
Maybe it's not even worth putting too much effort into mitigating the attack as long as your hosting provider doesn't kick you off and the Farms will be back whenever the attackers run out of money. In the end, they'll have spent a fortune and gained nothing at all from this.

 

[Snusmumriken]

Honestly you should keep the farms up for as cheap as possible just so that they burn through their cash financing those attacks - afaik DDoS services of this scale are expensive as fuck.
Maybe it's not even worth putting too much effort into mitigating the attack as long as your hosting provider doesn't kick you off and the Farms will be back whenever the attackers run out of money. In the end, they'll have spent a fortune and gained nothing at all from this.

Agreed, what is their plan in all this? They can’t sustain the attacks forever and once they cease the farms will be back to normal. Do they think Jersh will just get frustrated and take down the site because they showed him the power of weaponized tranny autism friendship?

 

[Yamamura]

Alright, I'll kick in my BAT as soon as the next payment rolls in.

Sorry, I'm dumb when it comes to this type of stuff. But if I'm understanding the situation correctly you're saying there's no way to actually combat the attacks, rather we're upgrading how much load we can take so that it doesn't affect the site? So if the troons want to DDoS us again it would cost them even more or something?

 

[HTTP Error 404]

View attachment 2307788
View attachment 2307789

Ez Clap Farms (@Ezclapfarms) | Twitter

The latest Tweets from Ez Clap Farms (@Ezclapfarms). Litecoin: LST4bf1qmCLcXJbs3tYzcAcFFj5s1dpdzt Monero: 468gFZ5VVyBQq1wMRpXMwnY1HB7JC82CnXAShefiXpY9UW65EvGAxyML5qazkiL1XPX3ktsTu3v5NPoT8GygBPe73EjHAnK

web.archive.org

@Null
According to the support page, latest update for that router is routeros-tile-6.48.3.npk

MikroTik

MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world.

mikrotik.com

 

[Ellesse_warrior]

Mad at the Internet

A weekly presentation covering what it takes to keep a one-man enterprise online when it makes everyone Mad at the Internet.

madattheinternet.gumroad.com

 

[Car Won't Crank]

Is that troon speaking the truth? Looks like the newest RouterOS release and Firmware would be 6.48.3 and 3.41

It's true. I manage a few Mikrotiks and 6.48.3 is the latest for RouterOS.

 

[The Big Bad D]

@Null
According to the support page, latest update for that router is routeros-tile-6.48.3.npk

MikroTik

MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world.

mikrotik.com

Mikrotik has multiple branches of RouterOS, see
https://mikrotik.com/download

all of these are up to date

 

[HTTP Error 404]

All you heros doing BAT donations are awesome. Doing God's work, you are!

As mentioned in the shitshow I want to get Null up to +$1000 USD so he can say not only did we weather this storm, the rainbow haired retards on twitter made it profitable to do so. Hell, lets aim for enough to buy a fancypants router.

With that in mind, I did my part:

Support the forum thread: https://kiwifarms.net/threads/supporting-the-forum.27022/

Mad at the Internet

A weekly presentation covering what it takes to keep a one-man enterprise online when it makes everyone Mad at the Internet.

madattheinternet.gumroad.com

This too.

 

[AngryTreeRat]

No idea if your ISP will, but assuming you got a static IP when I say this and you aren't using a dynamic DNS service, I know my ISP will, for 10 bucks a pop mind, flip my IP with 20 minutes of processing time for the payment to clear and their tech to smack a button, I've dealt with paid for bot nets a few times since script kiddies get mad when you ban them from Minecraft.

After doing that announce KF is going .onion only for a week, and have the clear net addresses point to a page explaining where to get Tor and how to connect to the .onion until you got a permanent solution in place.

They will find it a bit of a bitch to DDoS a .onion and get bored, and we suffer mild inconvenience at worse.