What's new
By:
Filters

What are you doing today?

jaylach said:
Just got done getting my web sites back on-line. I was attacked with over 14,000 outside requests per hour. Seems like all is back to normal but will take a day or so to be sure.

To fix I went to an outfit called Cloudfare for my domain name servers on the recommendation of my hosting. Cloudfare sort of acts like a reverse proxy and has a free version which I used.
Click to expand...
So it was a dns attack ? What is your ttl ? btw 14,000 requests an hour is nothing that is only 4 request a second - how much bw did that draw (depends on size of your landing page if it was to your web server and not just dns requests). I really confused because it sounds like you are using clourfare for dns hosting but it was your website which saw too many request.

Btw did you go through the list of ips making the requests ?
 
anewbie said:
So it was a dns attack ? What is your ttl ? btw 14,000 requests an hour is nothing that is only 4 request a second - how much bw did that draw (depends on size of your landing page if it was to your web server and not just dns requests). I really confused because it sounds like you are using clourfare for dns hosting but it was your website which saw too many request.

Btw did you go through the list of ips making the requests ?
Click to expand...
I have a partial list of IPS requests that was supplied by my hosting...
14282 43.134.91.203
14273 43.159.41.195
14234 43.159.37.213
14227 43.134.165.87
14225 43.159.32.86
... (and many more)
I'm not good at server side but looks like a group attack. I'm not even sure if it was, in fact, a database attack as I'm not a server person. May have been another form of attack of which I'm not familiar.

Here is a portion of the initial email from my hosting... The computerhave.jaylach.com is actually the sub-domain associated with computerhaven.com.
Green Geeks said:
We’ve detected over 1 million requests directed at your site computerhaven.jaylach.com in a short period of time, which is causing a serious performance impact on the server.
Click to expand...

<edit>
Actually it may well have been a "DDoS" attack. I'm not really sure if database or DDoS. All I know is that it seems solved and my sites are back up and running. I asked my hosting for an explanation on what actually happened but have not yet received such info. They may of may not supply a full explanation but that isn't really their job.
 
Last edited:
jaylach said:
I have a partial list of IPS requests that was supplied by my hosting...
14282 43.134.91.203
14273 43.159.41.195
14234 43.159.37.213
14227 43.134.165.87
14225 43.159.32.86
... (and many more)
I'm not good at server side but looks like a group attack. I'm not even sure if it was, in fact, a database attack as I'm not a server person. May have been another form of attack of which I'm not familiar.

Here is a portion of the initial email from my hosting... The yyy.xxx.com is actually the sub-domain associated with xxx.com.


<edit>
Actually it may well have been a "DDoS" attack. I'm not really sure if database or DDoS. All I know is that it seems solved and my sites are back up and running. I asked my hosting for an explanation on what actually happened but have not yet received such info. They may of may not supply a full explanation but that isn't really their job.
Click to expand...
for security reasons i would delete the name of your website.

Nothing on that site seems like it would be a target though it could be random target or just random polling through the ip table. cloudfare probably has a blacklist of sites to not resolve dns request of course it would do crap if you were targeted by ip but doesn't seem likely. There are several companies like cloudfare and basically how they work is the dns is not a flat database instead it is dynamically produced on request - if you host on their site ($$); then they can pick one of their servers based on a number of factors; conversely if they have the ability to blacklist requesters they can return ips that send them to (for the sake of this conversation) never never land.

As for the ips hitting you it could just be compromised hosts but at least the ones you provided are all from the same blocks (43.134 and 43.159); i'm not really an expert on why a site is attacked but a long time ago in another life i would at least do some very primitive (and not sophisticated) look at ips when our site was attacked. For real information we had a security group that dealt with that stuff but since i no longer work at that company i no longer have access to them ;)

I said the above not very well; cloudfaire probalby have a blacklist of ips for which it will not return a website ip when a dns request is made - i.e, if 43.134.91.203 is on the blacklist when it request the ip for domain www.xxx.yyy instead of returning www.xxx.yyy's ip it returns an ip to (for this conversation) never never land.

After all there is nothing that determines how a nameserver responds to a request.

Having said that i don't know for sure how their system works just idle speculation.
 
Last edited:
Yesterday I found out that David Rockefeller and Harald V came to the city where I have lived most of my life... Rockefeller had some investments in Brazil. When Mococa celebrated its 100th birthday, David came to the small town. If you know Portuguese, there is a newspaper article mentioning the fact.

When Rockefeller came to Mococa, in Estádio Olímpico São Sebastião (more commonly known as Campo do Radium, which is currently abandoned...):


Nelson Rockefeller received the title "Honorary citizenship" from the town, too. But, since nowadays the town is not so relevant and most people mistake the city with the neighborhood "Mooca" from São Paulo, there is not so much mention of this.

Harald receiving the title "Cidadão Mocoquense" from Mococa in 1964:
1747610325429.png


Nocturnal recording I made from my Betta splendens:
 
anewbie said:
for security reasons i would delete the name of your website.

Nothing on that site seems like it would be a target though it could be random target or just random polling through the ip table. cloudfare probably has a blacklist of sites to not resolve dns request of course it would do crap if you were targeted by ip but doesn't seem likely. There are several companies like cloudfare and basically how they work is the dns is not a flat database instead it is dynamically produced on request - if you host on their site ($$); then they can pick one of their servers based on a number of factors; conversely if they have the ability to blacklist requesters they can return ips that send them to (for the sake of this conversation) never never land.

As for the ips hitting you it could just be compromised hosts but at least the ones you provided are all from the same blocks (43.134 and 43.159); i'm not really an expert on why a site is attacked but a long time ago in another life i would at least do some very primitive (and not sophisticated) look at ips when our site was attacked. For real information we had a security group that dealt with that stuff but since i no longer work at that company i no longer have access to them ;)
Click to expand...
I see no reason to remove my site name from the posts as it is already in my signature. ;)
 
jaylach said:
I have a partial list of IPS requests that was supplied by my hosting...
14282 43.134.91.203
14273 43.159.41.195
14234 43.159.37.213
14227 43.134.165.87
14225 43.159.32.86
... (and many more)
I'm not good at server side but looks like a group attack. I'm not even sure if it was, in fact, a database attack as I'm not a server person. May have been another form of attack of which I'm not familiar.

Here is a portion of the initial email from my hosting... The computerhave.jaylach.com is actually the sub-domain associated with computerhaven.com.


<edit>
Actually it may well have been a "DDoS" attack. I'm not really sure if database or DDoS. All I know is that it seems solved and my sites are back up and running. I asked my hosting for an explanation on what actually happened but have not yet received such info. They may of may not supply a full explanation but that isn't really their job.
Click to expand...

Loll. the ip block in question that cause the problem belongs to Tencent Cloud Computing (Beijing) Co. Ltd.

Do you know exactly what services (ports) where targeted ?
 
GaryE said:
I do "No Mow May"
Click to expand...

I try too, but from what is going on. Machinery wont make it. I have to cut it. The first cut are so thick you have to dump everything.

I'm able to do less than 6 cuts per year, But it really need significant power to achieve. And that could never be batteries powered.

I have the chance to have a 100% electric neighbour. To compare performances with.

In the start of summers I do his front yard a couple times to clear my carburettor. While he charges a couples time doing his back yard.

Loll... I never hear him complaining.
 
We finished our travel plans today to visit the Badlands and Rushmore in South Dakota followed by Theodore Roosevelt National Park in North Dakota. We have our flights, lodging and rental car. That will leave me two additional states to visit on my journey of visiting all 50 states. Idaho and Kentucky, you are last but not least….well maybe.
 
Hauled pea rock today using a friends dump trailer and my old truck, 6 loads in 8 hours. The loads averaged 9000 so I am now the proud owner os several piles totaling 27 tons.

Pea stone is similar to pea gravel except it is better at staying in place. Pea gravel is round and smooth and has a tendency to move and sink. Pea Stone is jagged and locks together so that it does not move much and almost never sinks.

Planning of putting it in the new mini orchard behind the pond house. Guessing at 10 yards needed and the 27 ton is about 10.5 yards. We will be getting a bale of cardboard at the recycle center tomorrow. The cardboard will go under the gravel for weed control. Linda is already dreaming about raised bed planters and red slate walkways. It will be a pleasant place to look at while using the summer kitchen.
 
Oldspartan said:
Hauled pea rock today using a friends dump trailer and my old truck, 6 loads in 8 hours. The loads averaged 9000 so I am now the proud owner os several piles totaling 27 tons.

Pea stone is similar to pea gravel except it is better at staying in place. Pea gravel is round and smooth and has a tendency to move and sink. Pea Stone is jagged and locks together so that it does not move much and almost never sinks.

Planning of putting it in the new mini orchard behind the pond house. Guessing at 10 yards needed and the 27 ton is about 10.5 yards. We will be getting a bale of cardboard at the recycle center tomorrow. The cardboard will go under the gravel for weed control. Linda is already dreaming about raised bed planters and red slate walkways. It will be a pleasant place to look at while using the summer kitchen.
Click to expand...
At first I was going to say that the cardboard would just deteriorate and go away but, from what you said about the rock, the cardboard probably lasts long enough to allow the rock to settle in place to where the cardboard is no longer needed.
 
jaylach said:
At first I was going to say that the cardboard would just deteriorate and go away but, from what you said about the rock, the cardboard probably lasts long enough to allow the rock to settle in place to where the cardboard is no longer needed.
Click to expand...
Precisely --- The cardboard, (from past experience) holds the fort for about three years. Its slow deterioration allows the pea rock to settle into place. Next year, early fall, we will add a 1/2-inch layer of stone dust. The stone dust after a period of wetting and drying will lock the small stones in place and act as a cement. The finished combination is almost as good as concrete, a great weed barrier, and plenty good for what we are using it for, which is minimalizing our yard maintenance in that area.
 
It’s the usual Wednesday morning delivering hot meals to poor people in the inner city. Then I pack for a week in Raleigh baby sitting my grand children. Tonight I go to a movie theater where the opera Salome by Ricard Strauss is streaming. It’s the story of John the Baptist, king Herod and his stepdaughter, Salome. The opera was a scandal when it premiered in 1905.
 
Cleaning the shop from the winter accumulations, since it's not heated. I don't clear up too much during that period.

I finished fixing my car for a good while. Brakes and suspension all brought back to optimal performance. The next step will be the clutch, but it could take a while, I don't understand how peoples burn them under a hundred thousands kilos... I had a civic lasted 475. I'm at 360 with this one and most of the time I do around 300.

It's raining on and off all the time this week, the place is still too muddy to start moving things and it's been cold, I had to bring back the heater on.

After that I have a failing hard disk that I'm going to replace with a Samsung 980 Pro, I bought a 4 Port NVMe to PCIe Host Controller Expansion Card, M.2 to PCIe X16... This should be fun :cool:
 
You must log in or register to reply here.

Similar threads

TwoTankAmin
Bitcoin or Money?
3 4 5
Replies
70
Views
2K
Oldspartan
Oldspartan
Magnum Man
planted Cichid tanks... what has worked for you???
Replies
6
Views
265
Uberhoust
Uberhoust
Magnum Man
Charging station for rechargeable batteries, of all kinds...
Replies
9
Views
355
Magnum Man
Magnum Man
M
Fin rot or Ich?
Replies
5
Views
185
GaryE
GaryE
newmag1659
Dojo Loach Mass Between Pelvic and Anal Fins - Help?
Replies
2
Views
187
newmag1659
newmag1659

Most reactions

POPOSOAP.com

Useful Links

Back
Top