Author

Topic: Bitcoinduit DDOS Attack Yesterday (Read 1045 times)

full member
Activity: 224
Merit: 100
August 27, 2011, 07:25:42 AM
#3
Also britcoin was taken out by a ddos attack yesturday
full member
Activity: 224
Merit: 100
August 26, 2011, 05:20:53 PM
#2
Hmm i would host everything on a VPS with a good host, can get them around $30 a month for basic
donator
Activity: 392
Merit: 252
August 26, 2011, 03:16:46 PM
#1
It looks like it was a malicious attack on me directly..

Quote
Thank you for your patience yesterday and we are terribly sorry for all the mishaps. The first problem was yes it was dropped for some unknown reason still, but it seems to still be working now after all those hours, we have been monitoring it.

I am the personal tech who works on the 2 bitcoin servers, since it's only one tech has access to both servers for security reasons. I was able to find out why you were not able to connect yesterday though, I found out last night while talking to a Tech at the NOC where the servers are.

There was an apparent DDoS attack on our bitcoin server, the one you are on. The reason I didn't know about it is that the DDoS attack didn't make it past our hardware firewall. Since all our company IPs are whitelisted in the hardware firewall this is why we were able to get in and you were not. This DDoS took down the Node our first bitcoin server is on, the one you are on. This is why I asked you for a traceroute, if I had seen the traceroute while you were still blocked out I would have noticed it failed right before our Node and would have immediately contacted NOC techs, but without a traceroute there is no way of knowing where the fail is.

The good news is this tested our defenses and we past with flying colors. Unfortunately no host in the world can totally 100% block DDoS attacks, if a port is open then it's fair game until the NOC detects it then shuts it down. They did, but as you can see it took them awhile, over 20,000 connections from 7 IPs over a few seconds, hence it took down the Node.

I was not prevy to this information since it was at the NOC level and they don't immediately let us know until the problem is fixed and that took a bit.

But that might have been what knocked you off in the first place since the main attack was against your port on our server, so it seems someone has been sniffing your sites connections to our server and found your port, hence the DDoS attack.

Again we are sorry for this but as any NOC will tell you it is impossible to block DDoS attacks until they happen, we can detect them then shut them down. So it took a bit to detect, but that is what brought down your client. Then wouldn't let you connect for obvious reasons.

Now I have talked to Billing, because of this problem we are able to discount you next months bill, we will take 50% off the bill so you can get a minor discount for the trouble. I will go ahead and apply that discount for next month and the next invoice you will see this price down for that month.

Once again we are terribly sorry for this problem, if there is anything else let us know.

Microtronix ESolutions
Support / Sales staff
Thank you for choosing Microtronix for all your web needs
Jump to: