API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 6th, 2013
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.42 KB | None | 0 0
raw download clone embed print report
  1. Earlier today MPEx was hit by a moderate to respectable DDOS. We measured it peaking around 20-30 Gb/s, but on average it was probably under 10. Still, that's a lot.
  2.  
  3. One of the advantages of being well popular (other than being DDOS'ed, of course) is you find out about it immediately :
  4.  
  5. <blockquote>[12:30] {jurov} mircea_popescu, mpex.co is not even DNS resolving ?!
  6. [12:30] {mircea_popescu} hm
  7. [12:30] {mircea_popescu} looking into this.
  8. [12:38] {mircea_popescu} looks like a little bit of ddos.</blockquote>
  9.  
  10. So after the initial moment of surprised confusion (wait, what ?!) the traffic was nulled and the eternal story of filtering begun. The server itself was not affected, in fact it was happily churning along at 0.01 loads and the like, muchly surprised that suddenly the world is quiet. A router upstream however was cooking eggs at about the same time.
  11.  
  12. The attack did however cause a lot of trouble for a lot of people : those who became (through no fault of their own) unable to resolve mpex.co - the fix was both trivial to implement and obvious, except nobody on the outside would have had any reason to intuit it ; the ISP people stuck with a blown router and having to filter traffic for their other customers and so forth.
  13.  
  14. I suppose this is where you expect me to go into details of how I've made arrangments for much larger pipes, DDOS mitigation, protection and whatnot. I will dissapoint. I'm not getting a larger pipe at this time, I already have a large one and it's just not economically sound to compete in that field and on these terms. Any two bit neckbeard can gather <em>da jiggabits</em>, it'd be much like trying to win a war by having more children.
  15.  
  16. I'm not getting DDOS protection, either. I have a much simpler solution : <a href=http://mpex.5gbfree.com/>mpex.5gbfree.com</a> ; <a href=http://mpex.host56.com/>mpex.host56.com</a> ; that sort of stuff. They run a very simple php proxy for MPEx, something like
  17.  
  18. <code><?
  19.  
  20. $url = 'http://xx.xx.xx.xx/';
  21. if ($_GET["mpsic"]) $url.= "?mpsic=".$_GET["mpsic"];
  22. if ($_POST["msg"]) {
  23.  
  24. $params = array('http' => array('method' => 'POST', 'content' => http_build_query(array("msg" => $_POST["msg"]))));
  25. $ctx = stream_context_create($params);
  26. $fp = @fopen("http://xx.xx.xx.xx/", 'rb', false, $ctx);
  27. $resp = @stream_get_contents($fp);
  28. fclose($fp);
  29. echo $resp;
  30.  
  31. }
  32. else echo str_replace("http://mpex.co/","http://mpex.host56.com/",file_get_contents($url));
  33.  
  34. ?>
  35. </code>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!