tbot Posted June 9, 2004 Share Posted June 9, 2004 In the past few days I saw a trend of DDoS attacks. My server, as well as another one on my uni campus got cut off because of UDP floods. Today I saw another dutch server disappear, though I have no conformation this is due to attacks. From another source I heard about him too suffering attacks, though the servers still run. I wondered if there are more servers suffering attacks. IMO it looks like somebody who really doesn't like MTA, and is going very far in his 'hate', any opinions? Link to comment
Ransom Posted June 10, 2004 Share Posted June 10, 2004 Opinions? Well I'll say a fact or two... Yes there are people that hate MTA and its creators and yes they try to retaliate anyway they can. Yes, these people have been an annoyance, but so far the damage they have caused is minimal (flooding #mta on irc until the MTA team made protection, flooding server chats until again MTA team made protection, ddosing some servers, etc.) So yes its entirely possible that could be why. Link to comment
orappa Posted June 10, 2004 Share Posted June 10, 2004 Do you have any more details? i.e. how they're flooding it so that other server admins can be aware. Link to comment
OrIoN Posted June 10, 2004 Share Posted June 10, 2004 ddos attacks usually come from someone controling a good size botnet. (100+ bots) some just packet the server so it lags then goes ofline. other just join and part a channel really fast or flood it with messages. (irc). also, if the controller of the botnet ordeded his bots to ping the ip 10 times, it would flood offline. (thats like 1000 times). Link to comment
tbot Posted June 10, 2004 Author Share Posted June 10, 2004 May I note that this is only about MTA servers (I see suggestions about IRC, etc.)... As for the damage: My server still runs, that's not the problem. The problem is in the fact that my ISP cut the server off from the internet because of the floods. If the floods continue the solution is simple, and that is to not run a MTA server anymore. So it might not cause damage to the server itself, but if it continues it does mean the end of the MTA server, which is quite harmful if this is done in a large scale (as I said, 3 major dutch servers dissappeared these days...). I don't have many details of the attacks itself, I saw a minor attack coming from IP's tracing to china. The major attack was all corrupted UDP packets, of which I don't have any information. There could be a relation between the minor and major attack though... Link to comment
Si|ent Posted June 10, 2004 Share Posted June 10, 2004 Locked, lets not give these few kiddies the pleasure of aknowledging and discussing the small temporary problems they can cause people. A reaction and publicity is what they are hoping for after all. Link to comment
Recommended Posts