I just got a call from Jeff. www.surbl.org is under what appears to be a DDOS attack :)
Wheeeeeee!!!
Which means.......not much. It has no effect on the SURBL lists. All it does it slowdown whitelist requests, and make it difficult for people to read about SURBL :) And Jeff won't be able to reply to people right away.
I'm sure Jeff will post when the storm is over. He already had a backup site half done, so this will be fixed soon.
A big thanks to all the public mirrors of SURBL! You are what keeps this running!!
Chris Santerre System Admin and SARE/SURBL Ninja http://www.rulesemporium.com http://www.surbl.org 'It is not the strongest of the species that survives, not the most intelligent, but the one most responsive to change.' Charles Darwin
Chris Santerre wrote:
I'm sure Jeff will post when the storm is over. He already had a backup site half done, so this will be fixed soon.
A big thanks to all the public mirrors of SURBL! You are what keeps this running!!
Maybe it would be a good idea to have a rsyncable 'disposable' site that can be run under boa or something small, so in an instance such as this, one can simply switch the DNS on www.surbl.org (the TTL is low, right?) and move it somewhere else.
If you want me to host something, let me know. My upstreams are pretty good about blackholeing attacks and I can move stuff around IP blocks really easily and quickly.
David
Seconded.
Maybe a few of us can all host a mirror, and just use round-robin DNS to balance the requests among all of us..
DDoS'ing one site is one thing, but when you have to launch a DDoS against 10-15 mirrors you tend to attract some attention (and it spreads the zombie "troops" a bit thin)..
This is all pending that we have enough mirrors to make a DDoS attack not worth it (meaning we need 10-15+ mirrors, not 2-3).. :)
Frank
On Mon, Jan 31, 2005 at 07:03:04PM -0500, David Coulson wrote:
Chris Santerre wrote:
I'm sure Jeff will post when the storm is over. He already had a backup site half done, so this will be fixed soon.
A big thanks to all the public mirrors of SURBL! You are what keeps this running!!
Maybe it would be a good idea to have a rsyncable 'disposable' site that can be run under boa or something small, so in an instance such as this, one can simply switch the DNS on www.surbl.org (the TTL is low, right?) and move it somewhere else.
If you want me to host something, let me know. My upstreams are pretty good about blackholeing attacks and I can move stuff around IP blocks really easily and quickly.
David
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
Frank Precissi wrote:
Maybe a few of us can all host a mirror, and just use round-robin DNS to balance the requests among all of us..
Good idea. However, it's going to hurt more of one web server is out of action, than if a DNS server is out of the loop. Limiting the number of hosts in a RR DNS for web is always a good idea :-)
DDoS'ing one site is one thing, but when you have to launch a DDoS against 10-15 mirrors you tend to attract some attention (and it spreads the zombie "troops" a bit thin)..
Right. I'd trade being able to move the site from A to B quickly, rather than having lots of active sites around the Internet. Of course, a lot depends upon the type of DoS attack experienced, and how it can be filtered effectivly upstream of the hosting service.
David
Hi!
DDoS'ing one site is one thing, but when you have to launch a DDoS against 10-15 mirrors you tend to attract some attention (and it spreads the zombie "troops" a bit thin)..
This is all pending that we have enough mirrors to make a DDoS attack not worth it (meaning we need 10-15+ mirrors, not 2-3).. :)
Nice idea. However, lets first wait and see what is/was happening.
A big thanks to all the public mirrors of SURBL! You are what keeps this running!!
Maybe it would be a good idea to have a rsyncable 'disposable' site that can be run under boa or something small, so in an instance such as this, one can simply switch the DNS on www.surbl.org (the TTL is low, right?) and move it somewhere else.
We allready talked it over but Jeff was still busy taking out some parts of the site that could not easilly be mirrored at this time. I guess he will prioritize it a little now.
Bye, Raymond.
-
Chris Santerre -
David Coulson -
Frank Precissi -
Raymond Dijkxhoorn