back to article 123-Reg drowns in ongoing DDoS tsunami

Beleaguered web host 123-Reg has suffered a "huge scale" distributed denial of service (DDoS) attack to its data centre – knocking the Brit outfit's website offline and a number of users' services. The attack began this morning and is still ongoing but no performance-related issues have been reported since the traffic was …

  1. arobertson1

    "Our protection systems kicked in immediately and the attack was contained by 10:40am"

    That will be why my website is still down at 15.10 - some containment!

    123 Reg Support Tickets are useless - they always wait until the problem is fixed several hours later and then proceed to tell you (cut and paste style) that they just checked your website and it is fine, just like there was nothing wrong in the first place.

    I get that this is an unusually large DDoS, but at least be honest to everyone when they claim everything is fixed - it's not and it's still ongoing. Tumbleweed....

  2. Dwarf

    Kicked in immediately

    The marketing spiel says immediately, but 10:40 - 10:00 = 40 minutes.

    This sounds like "it took us 40 minutes to sign up for a DDoS protection service and make appropriate DNS changes to route our sites traffic via it"

    The trick is to sign up for these services before there is an issue, that way nobody notices when someone has a pop at your data centre as the service does what its supposed to - filtering out the bad traffic.

    1. Oliver Burkill

      Re: Kicked in immediately

      You can't sign up for a DDOS protection service in 40 miutes when you run your own datacentres and multi-homed network. It just doesn't work like that. I would guess they changed their BGP announcements so that some or all of the traffic was routed via their parent companies DC in Germany where it could be more effectivly filtered. a 40 minute turn around for that is not bad,

      1. Dwarf

        Re: Kicked in immediately

        Cloudflare (as an example) seem to disagree with you. I don't believe they are using BGP to do that - given the global distributed network they use and that you don't have to apply it to all services on your netblock.

        See Cloudflare

        I'm not affiliated to Cloudflare,but have seen traffic flipped to them quickly when another customer had similar issues.

        My point on the original post was that preparation is key here, get DoS protection in place for WHEN you get targeted, not when you realise you are no longer on the Internet.

        1. lurker

          Re: Kicked in immediately

          @dwarf To truly make use of cloudflare/similar you need to hide your DNS behind theirs, which is the 30 minute job, and then move onto a completely different network so that the attackers can't simply bypass cloudflare and continue to attack you directly. (an attacker launching a large organised attack is likely to have done some preparation which would include making note of network addresses etc). This process will take more than 30 minutes.

  3. Anonymous Coward
    Anonymous Coward

    As someone who works in this industry, I'd like to add that "+30Gbps" is not a "huge scale" attack. Services like ours get attacked at that scale and more daily.

    No properly equipped provider would have an issue mitigating "+30Gbps".

  4. MadMic

    How not to handle it...

    Your main site is down - so send out a tweet saying 'to find out the latest, visit our status page on our website'...

    Particularly enjoyed that one!!

  5. Anonymous Coward
    Anonymous Coward

    Melton Gig Guide still not working

    My Website Melton Gig Guide is still not working and no one is sorting this out. Been dire for weeks and now I can't update it!

    I have not missed one single week since I startded to provide Live Band and Entertainments for my Town Melton Mowbray #MeltonMowbrayRuralHeartofMusic

    But alas no one is helping and it looks like I will let my town down for the first time in nearly three years.

    Very annoyed! I've worked in Germany, Italy, Switzerland and Brussels for months at a time with my real day job, never failed once.

    The Service has become unusable

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like