Worst DDOS attack in saidit's history blocked 6 hours ago

submitted by magnora7 from self.SaidIt

sorted by:
top
newinsightfulfun
you are viewing a single comment's thread.

view the rest of the comments →

[–]zyxzevn 8 insightful - 3 fun8 insightful - 2 fun9 insightful - 3 fun -  (3 children)

Are the IP addresses random? From a VPN?
We may need to investigate where it is coming from.

[–]magnora7[S] 9 insightful - 3 fun9 insightful - 2 fun10 insightful - 3 fun -  (2 children)

random, from many vpns. We have a few ideas, but nothing certain

[–]zyxzevn 8 insightful - 3 fun8 insightful - 2 fun9 insightful - 3 fun -  (1 child)

Thanks for info, and I get a bit creative.

It may be that some VPNs allow requests for blocking attacks.
Did you setup some honeypots?
If they try to break in, they may be more traceable.
It is a lot of work though, and you need a separate system for that.

I suspect that they are scrip-kiddies, and probably don't run javascript. So it may be possible to have a small startup script that only loads the real page. This real page is always on a different "random" place, so people do not easily find it.

But if they do, and you can identify them, you can connect them to the worst website ever, that spams popups and downloads.
I think you can even serve the browser its own data, to congest itself.

[–]beermeem 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (0 children)

Nah boi. This be big.