科技回声

9 条评论

tempnow987大约 3 年前

I thought OVH and Hetzner were the source of a ton of these DDoS attacks. Their IP ranges always seem to be in abuse logs.Cloudflare write in a recent attack:The top networks included the German provider Hetzner Online GmbH (Autonomous System Number 24940), Azteca Comunicaciones Colombia (ASN 262186), OVH in France (ASN 16276), as well as other cloud providers.<a href="https://blog.cloudflare.com/15m-rps-ddos-attack/" rel="nofollow">https://blog.cloudflare.com/15m-rps-ddos-attack/</a>

评论 #31290453 未加载

评论 #31290226 未加载

ricardobeat大约 3 年前

At their size, don’t they have some kind of hardware-level packet filtering ability like cloudflare to protect against these attacks?

评论 #31289961 未加载

评论 #31289975 未加载

评论 #31290063 未加载

评论 #31290695 未加载

xmpir大约 3 年前

I am wondering what the attacker's intent is

评论 #31290722 未加载

xmpir大约 3 年前

Last time it took about 9 hours: <a href="https://status.hetzner.com/incident/129728ce-ba25-49b6-96cc-aafcd39ab0b7" rel="nofollow">https://status.hetzner.com/incident/129728ce-ba25-49b6-96cc-...</a>

davidtinker大约 3 年前

Anyone know if it is possible to mitigate the impact of Hetzner blocking UDP traffic on port 9000+? These outages whacked our Kubernetes clusters (Calico + vxlan + Wireguard). <a href="https://serverfault.com/questions/1100482/how-to-limit-udp-port-range-with-k8s-calico-wireguard" rel="nofollow">https://serverfault.com/questions/1100482/how-to-limit-udp-p...</a>

ffhhj大约 3 年前

Excuse the ignorance, but couldn't ISPs block the attacks?

评论 #31290320 未加载

评论 #31290470 未加载

_-david-_大约 3 年前

>This concerns UDP traffic on port 9000-65535.Does anybody know what usually runs on those ports?

评论 #31289801 未加载

评论 #31289813 未加载

评论 #31290086 未加载

评论 #31289802 未加载

评论 #31290235 未加载

评论 #31290323 未加载

评论 #31289812 未加载

评论 #31289792 未加载

评论 #31289797 未加载

walrus01大约 3 年前

[spiderman-pointing-at-spiderman.gif]seriously, aren't they commonly the SOURCE of many DoS attacks...any hosting provider where some random person on the internet and $5 of credit on a prepaid visa card will have this problem.

评论 #31292399 未加载

评论 #31290951 未加载

unnouinceput大约 3 年前

Maybe, just maybe, rely less on embedded framework on embedded framework that spit JavaScript that gets 95% unused. If for a simple outage apology page the output was 1.7MB, I can only imagine for their normal pages how much it is. At this size I feel only like 10k legit users would unwillingly do the outage anyway. But hey, Kubernetes and Node.js is all the rage nowadays.

评论 #31290187 未加载

9 条评论

tempnow987大约 3 年前

评论 #31290453 未加载

评论 #31290226 未加载

ricardobeat大约 3 年前

At their size, don’t they have some kind of hardware-level packet filtering ability like cloudflare to protect against these attacks?

评论 #31289961 未加载

评论 #31289975 未加载

评论 #31290063 未加载

评论 #31290695 未加载

xmpir大约 3 年前

I am wondering what the attacker's intent is

评论 #31290722 未加载

xmpir大约 3 年前

Last time it took about 9 hours: <a href="https://status.hetzner.com/incident/129728ce-ba25-49b6-96cc-aafcd39ab0b7" rel="nofollow">https://status.hetzner.com/incident/129728ce-ba25-49b6-96cc-...</a>

davidtinker大约 3 年前

ffhhj大约 3 年前

Excuse the ignorance, but couldn't ISPs block the attacks?

评论 #31290320 未加载

评论 #31290470 未加载

_-david-_大约 3 年前

>This concerns UDP traffic on port 9000-65535.Does anybody know what usually runs on those ports?

Second large Hetzner outage in a week caused by DDoS attack

9 条评论

Second large Hetzner outage in a week caused by DDoS attack

9 条评论