2021 DDoS Issue

[The Beer Padawan]

Your shit is obviously different from a normal environment, but who is upstream of your router? Is there a firewall or provider before the router that is able to drop packets so the hit isn't affecting the router's resources?

Yep, but we're looking for a switch & router. Which to me means that in addition to the switch I linked before, Null would probably want to upgrade to something like https://mikrotik.com/product/CCR1036-8G-2SplusEM for the router, since you get the 36 cores @ 1.2ghz, and SFP+ connectivity to the SFP+ switch.


I personally find that 10gb fiber is generally cheaper, especially for short runs than 10gb ethernet. Price of copper be dumb these days.


Edit: The fortinet advice given earlier in the thread is also super solid. Rolling your own router seems like a great techie idea, but Null did ask for idiot-proof solutions.

Have you considered buying a Corero or Fortinet router? They aren't cheap but they also are a permanent solution to this kind of attack.

If you were considering Fortinet solution the closest thing I could find that matched the amount of traffic you have is the 1100e.

Should be all in, these babies have FW and 8x10G SFP ports, and also does BGP.

closest price is around $25,000. double that if you get the IPS protection plan.

 

[awoo]

*affected

I wonder if there is a way to auto-redirect to archive.org if the main forum is down?

 

[0x00000C1A]

FW and 8x10G SFP ports, and also does BGP.

$25,000

Cisco 550X Series Stackable Managed Switches

Our new, next-generation stackable managed switches offer 10-Gigabit Ethernet and advanced capabilities to accelerate your growing business.

www.cisco.com

Even the biggest cisco motherfuckers don't square up to that price wtf, a cisco switch and ASA would be a more reasonable approach to this

 

[MrTroll]

Finally! I really hope all of this shit will be over by then. Because this is getting fucking annoying.

Tell me about it. My whole life revolves around getting KF stickers and not being able to compulsively check it 35 times per hour is harming my mental health. If I commit suicide, whoever is DDoSing the site has my blood on their hands.

 

[Kuritan Deplorable]

Tell me about it. My whole life revolves around getting KF stickers and not being able to compulsively check it 35 times per hour is harming my mental health. If I commit suicide, whoever is DDoSing the site has my blood on their hands.

Don't threaten them with a good time. There's a reason they're working hard to push that suicide rate as hard as possible.

 

[The Un-Clit]

Ironic since GDQ starts on 4th of July. I can totally see them using this event as an excuse for pity bucks.

Ah GodBear dammit. You know damn well the troon faction is going shit up GDQ with screeching about Byuu and gibsmes to fight the Napoleon of Grime, Jersh Moon and the Internet Hate Machine known as Keereeee farms!

What a shame, I really enjoyed watching some of the featured events in years past, and the causes were usually viable charities and research foundations but I have a sinking feeling that there are going to be under-the-headlines drives for money to buy more DDOS attacks against the Farms this year.

 

[Alex Hogendorp]

It just really sucks how vulnerable we are when we piss off a cult of weird internet tough guys. Especially when they're privileged enough to get away with DDOS attacks because the law abandoned protecting people's rights years ago in favor of Political Correctness.

 

[JoshPlz]

On the bright side, the more they DoS, the more they get educated by this video on the error page:

Made me laugh quite a bit.

 

[ToroidalBoat]

It just really sucks how vulnerable we are when we piss off a cult of weird internet tough guys.

I miss when websites that went against "The Narrative" weren't routinely taken down or DoS'd.

Yet the woke still claim "oppression" despite social "justice" more or less running the show?

[honk honk]

 

[kant havand]

i've done networking and what not before, but it sounds like there are some good suggestions in the thread already. I'd love to know more about the mid-term solution, but more importantly, have you been able to determine anything more about the nature of the attack? Earlier post said it was a "game", but was that as in "for fun" or "they are using vulnerable servers from an mmo"? Do you know if the traffic is coming from known DDoS networks or

 

[Baloney Face]

Truly it is Clown World.

A trashy gossip site is the place for relative moral sanity.

 

[principle scoop]

When is the next merch run? Halloween?

 

[lumrejington]

Ever since downloading Brave, all of my BATs go to MATI. Hope it helps.

 

[Wardian]

Out of curiosity how long would you a anticipate having to wait out the DDOS assuming you don’t attempt to overhaul the website?

As far as I’m aware these attacks are coming out of someone’s pocket, an will probably stop, or at least subside to a manageable level once the perpetrators stops getting paid.

I’m not really literate in these kinds of things, so if I’m completely oblivious to some huge issue feel free to ignore me.

 

[Throwing Romans]

Tell me about it. My whole life revolves around getting KF stickers and not being able to compulsively check it 35 times per hour is harming my mental health. If I commit suicide, whoever is DDoSing the site has my blood on their hands.

the fact that I can't spend my days at work shitposting about how trannies should kill themselves has caused me to hire a therapist. I want to sue for civil damages.

 

[Thumb Butler]

the fact that I can't spend my days at work shitposting about how trannies should kill themselves has caused me to hire a therapist. I want to sue for civil damages.

Be the change you wanna be. Remove your junk and join the cult, or the other way round.

 

[Prolapsedbutt]

I hope this pic posts never tried to post one

 

[Gone Ham]

I hope this pic posts never tried to post one

These tweets dear god. I can’t tell if they’re a troll or not.

 

[supermadtranny]

All troons should be knifed.

 

[TracdacianTortoise]

Long time lurker, decided to make an account cause I like networking shit, but I'm no expert. Noticed this guy:

in the replies on Twitter. Image implies a UDP packet flood, using a tool or service called Tsunami. Dunno if you've mitigated that or not, if it's still an issue. Unsure whether you could just drop all UDP packets, cause that'll still take processing time on the router. I presume the reason CloudFlare cannot be used is due to the ASN being known, but it seems to me if push comes to shove you might be able to drop all connections not from CloudFlare, might not be doable though, and no guarantee it'd fix the issue.

As for the issue with the router UI locking up, it might be worthwhile investing in dedicated hardware for firewalling. Not an expert on hardware outside of MikroTik, but apparently the MikroTik routers lock up because they spend all their time in kernel routing requests, some sort of overall bandwidth limiting might be able to fix that, but I haven't found a way to do that in RouterOS (again, not an expert, probably is a way).

Apologies for the rambling, just figured I'd give my two cents.