Massive DDoS attack blasts 123-reg offline A "massive" distributed-denial-of-service attack emanating from China has taken down 123-reg, the UK net biz that hosts 1.4 million websites. In a statement on the its service status page just after midday today, 123-reg blamed attackers in China: From 11:30 to 22:50 our network was undergoing a massive distributed denial of …
"VoIP != Internet"
Not actually ridiculous assumption to make. Bet quite a lot of companies have their VoIP systems set up like that.
If you DDoS our DC our CCTV goes offline so.. ;) Not just the uploads but actually the entire system (yeah, a really well designed system - everything outside/inside goes dark so you got no idea /what/ is going on).
But fortunately you can go back on the twitter service updates (how I managed to get some information on this current issue) and see historic reports from them.
Ironically always have problems with their email service normally, but today has been fine. Was also looking to move a load of domain names this week to 123, but now I may look elsewhere, any recommendations please (that allow a good level of control over TXT, MX, A, etc records)?
Then you cant have actually used them. Their nameservers were unreachable for a couple of hours.
MAYBE you had lookups cached, but I lost every single 123 domain because my slave nameserver follows the rules of timeouts, which in my case are quite short.
They didn't answer the phone to me, either,
Time to do domain names directly with nominet methinks.
Wrong. One of the sites and hosted email accounts in question in a purely personal project that no one else is aware of and that I last checked over two weeks ago but I happened to drop a bit of work onto late this morning and then checked the email account for spam. All worked fine.
So glad you are willing and able to tell strangers what has happened to them - you could make a bit of money filling in the blanks for hung-over revellers the morning after the night before. The fact that you got such different service at approximately the same time is interesting; sadly your opinion is not.
Only signed up a few days ago, installed wordpress, found it super-unreliable (regular timeouts, 'unable to connect to database' etc.).This was happening before the DDoS. It's an odd company - the hosting was very poor, but their service is top rate, my tickets were responded to very quickly.
Any recommendations for reliable hosting for wordpress? Nothing fancy, not heavily trafficked, but I need reliable.
"A "massive" distributed-denial-of-service attack emanating from China has taken down 123-reg, the UK net biz that hosts 1.4 million websites...."
OK, so why on Earth would anyone want to smack 123? I'm guessing either we have the good ol' Web extortion ("Pay uz wan-meelleeon dollahs or we keerash ur zite!" << in best Russian goonish), just routed out through China. Or maybe someone had some site on 123 offering support to Chinese dissidents. Have 123 recently refused to take down such a site at the request of the Chinese gubbermint or one of their pet businesses, perchance?
I heard a story, can't find it on the Net so not sure of the validity, but it was about a German company that opened an office in Shanghai a few years back and got a main telephone number with lots of sixes and threes in it. Apparently, six and three are "lucky" numbers, and about a week after they opened the office they started getting calls saying the number had been assigned to them "by accident", would they sell it? Seeing as the company had done a lot of PR, website and pamphlet work with the number already on it they said no thanks, and the next week they got DDoS'd. That continued on and off until they gave the number back to China Telecom.
... at least they got it fixed within an hour - I host a couple of hundred domains on dedicated servers with them. I could access the server intermittently. It was showing load averages barely above 0%. I got (almost) straight through to support OK at 11:20 (call queue for less than 30 seconds).
Unplanned downtime is a regrettable fact of life - International Banks, Gmail and most if not all major hosting companies all get problems - for what I pay I've historically had very high levels of server availability at Web Fusion, I guess better 99.99% taken over 10 years. When one of my dedicated servers suffered a fatal component failure at 10pm on Christmas day 3 or 4 years ago they swapped in a replacement within a couple of hours.
Just do a search for [name any big organisation] on El Reg and see how many entries relate to service outages or successful hacks - e.g. HSBC gives:" HSBC UK systems major outage Customers can't use cards, online banking or ATMs" 4 Nov 2011. And believe me service loss to a Bank HSBC means a lot more than a blog about your new kitten.
I do have gripes with Web Fusion - primarily I'd like to move to a more powerful server and their sales people said they'd transfer most of the data for a few hundred quid but I'd have to copy across email account settings and any non-default DNS settings myself - try doing that for 100 accounts...
That's the only reason I've been looking for an alternative host (but so far failed to find one I'm happy with).
Admittedly their support has gone downhill since they moved some of it to India. A recent trivial example: domain name renewal paid, email some days later from Nominet to say "not renewed" so we assumed payment to 123reg had gone wrong so paid (again) they did renew - and promptly took the payment twice. India said "non-refundable". (Got it escalated and sorted in the end but at the cost of time, incredulity and anger). But show me anyone that doesn't outsource support somewhere cheap and incompetent.
So if anyone does have a better solution at the same level of cost I'm interested but I'm not holding my breath...
We got a hosted service through Webfusion (2 dedicated servers). Their email response leaves a lot to be desired but amazingly their telephone support is extrodinarily good. They seem to really know their stuff and in the 3 or so years we been with them, the turn around to resolution from initial call has normally been within 1 hour.
Now this may not have any relation to the 123 service but I have nothing to complain about concerning the service. Our website is mostly accessed internationally and they seem to have excelent links to some core internet infrastrure with good download speeds worldwide.
The price was also substencially less than Rackspace too.
I'm only a customer and other than that not affliated with the company but thought it was fair to say not everyone is displeased with Webfusion.
A friend asked me to help them setup a website and they bought a domain and hosting package from 123-reg.
I've had nothing but problems with the hosting. You're working on the site and then suddenly it becomes unaccessible. 10 mins later and it's working again for another 5 mins. Seems to go on like this forever.
Frankly I'd be looking elsewhere for the problem - like the broadband connection or FTP settings.
I've never had that problem with web fusion servers (though I do see that kind of issue with a couple of other providers I have to use sometimes) and I and my office staff make extensive use of FTP.
This post has been deleted by its author
Recent spam hitting my website, sources mostly China, but recently Russia and North Korea. Attempted and failed SQL injection attach - source China.. A while back (before I was wiser) mobile phone was hacked and account used to send spam, source China.
These days I operate a black list of IP addresses and kick out any traffic that has an 'undesirable' origin. Sure, they could use proxies but most of them find easier targets. Just disconnect them from the Internet I say!!
"This attack was identified by our network team who made immediate changes to remove the DDOS traffic from within our core network, and within 15 minutes key work was completed routing traffic through our redundant connections and blocking the incoming traffic on our core network."
To me, that sounds like pretty good drills on the part of 123-reg.
was undergoing a massive distributed denial of service attack from China.» Hope the Reg will stay on top of this ! As most of us presumably know, the fact that the computers used in a DDOS are found in a particular location says little or nothing about the source of the attack ; has 123-reg had anything to say on what, if anything, they have been able to determine on this matter ? The major problem in China seems to be the presence of huge numbers of insecure computers - fortunately, the proportion of computers running IE6 has sunk to around 16 %, a drastic decline during the last year (http://gs.statcounter.com/#browser_version_partially_combined-CN-daily-20080701-20120524), which hopefully will lead to fewer bots being available for such attacks. But of course, since China is currently everybody's favourite bête noire and China bashing everybody's favourite pastime - a useful distraction from other, for the establishment less convenient pursuits - the incentive to investigate further is perhaps not so great....
Henri
"....since China is currently everybody's favourite bête noire and China bashing everybody's favourite pastime...." Aw, henri, didn't you recently assure us that Iran was everybody's bete noire and Iran bashing was everyone's fave past-time? Or is it just that taking any stance in ooposition to the status quo is just your fave past-time?
I posted earlier how Webfusion havent failed me.
Unfortunantly in an attempt to protect themselves from DDOS they just blocked out Asia. So got complaints from China, Taiwan, Australia and Japan that they cant access our web site. We host our own DNS server too.
Just spoke to a support guy and apparently they just lifted the restriction so hopefully our Asian customer base will now have access again........
after they screwed me with their auto renew policy (which they sent the advanced warnings to a dead account that would have bounced back as non existent), I've been moving all my hosting / domains & clients hosting / domains away slowly.
kinda lucky I only had 3 products with them during this attack.
i've found https://www.unlimitedwebhosting.co.uk to provide excellent services and lightning support at unbelievably cheap prices.
I've got 1 reseller host & 2 vps accounts with them and unless something really bad happens to them i won't be looking elsewhere ever again
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2023
