Bossland's Blog

Auth faster, Forum slower , Zombies anywhere you go

Rate this Entry
7 Comments
by
Bossland
on 19.01.2010 at 08:01 (1788 Views)
You must have realized that we not only have updated to vBulletin, but also moved the Forum to another Server, a nice one Intel Quad.

However we moved some of the Zombies along with it. The good thing is, the AUTH Server is now nice and fast, the bad thing is, the Forum is now a bit slow

Look at the nice pic i added, and the traffic we get. And then do understand why we are sometimes a litte bit slow
Attached Thumbnails Attached Thumbnails blogs/bossland/attachments/252-auth-faster-forum-slower-zombies-anywhere-you-go-traffic.jpg  

Submit "Auth faster, Forum slower , Zombies anywhere you go" to Twitter Submit "Auth faster, Forum slower , Zombies anywhere you go" to Facebook Submit "Auth faster, Forum slower , Zombies anywhere you go" to Mister Wong Submit "Auth faster, Forum slower , Zombies anywhere you go" to YiGG.de

Tags: None Add / Edit Tags
Categories
Life as an Admin

Comments

  1. happel's Avatar
    Those days with nearly 700GB transferred were due to the ddos'es? Sheesh such a waste of resources :C.
  2. jimmytimmy's Avatar
    Not finding the forums to bad good job on the layout btw its looking nice.
  3. bobert's Avatar
    700 MB not GB buddy

    700 MB transfer isn't a ton, 700 GB is ridiculous!
  4. Bossland's Avatar
    Its not 700 MB its 631.000 MB or nearly 700 GB
  5. verbo's Avatar
    And here we see how numeric notation in different countries can cause confusion
    I would have thought the host would have some sort of defense against DDoS, ie. automatic blacklisting of IP's for X amount of hours.
  6. newuser's Avatar
    Quote Originally Posted by verbo
    I would have thought the host would have some sort of defense against DDoS, ie. automatic blacklisting of IP's for X amount of hours.
    Hey - im a bit late for an answer but just read this today

    It is nearly impossible to shield you against a DDoS Attack because of the first 'D' in it - which stands for distributed.

    The difference between a DoS and a DDoS is that DoS comes from more or less a single (or just a very limited number) of source IP's - mostly they stuck in the same (sub)net.

    A DDos comes in very low frequent requests from a very big number of sources and theres is very limited way to see if that's real (wanted) traffic or part of an attack.
    Unless the attack packets itself are somehow identifiable you can't say which source IP is hostile and which is your clients. So it is not possible to safely build blacklists.
  7. verbo's Avatar
    It's true, but there are steps you can take. A properly tuned IDS system can identify malformed packets with the occasional false positive.
    Steps the host could take to help defeat DDoS:

    1. Utilise Unicast RPF.
    2. Filter all RFC-1918 traffic using ACL's.
    3. Apply Ingress and Egress fltering (RFC-2267) using ACL's.
    4. Use CAR to rate limit ICMP packets is using Cisco hardware.
    5. Configure rate limiting for SYN packets.

    But they are probably too lazy or just don't care about providing that standard of service. Oh well.