Back on topic about HostUS, I've been following a thread on LowEndTalk where seemingly Alexander's been updating ( https://www.lowendtalk.com/discussion/comment/1791998/#Comment_1791998) - seems like Atlanta and LA are still down ATM based on latest reports - nearly 10 hours now.
Tks. Regards, Neo Soon Keat 2016-08-03 22:28 GMT+08:00 Robert Webb <rwfireg...@gmail.com>: > Apologies to all as the hostname in my subject is incorrect. > > It should be hostus.us... > > > > On Wed, Aug 3, 2016 at 10:25 AM, Robert Webb <rwfireg...@gmail.com> wrote: > > > Not sure if it is related to the PokemonGO or not. This started around > > 23:00 EDT last night per my monitoring. > > > > Seems like a pretty big attack at 300Gbps and to also temporarily take a > > down a Tier 1 POP in a major city. > > > > I was interested as to if this might be a botnet or some type of > > reflection attack. > > > > > > Robert > > > > On Wed, Aug 3, 2016 at 10:16 AM, Alain Hebert <aheb...@pubnix.net> > wrote: > > > >> Well, > >> > >> > >> Could it be related to the last 2 days DDoS of PokemonGO (which > >> failed) and some other gaming sites (Blizzard and Steam)? > >> > >> > >> And on the subject of CloudFlare, I'm sorry for that CloudFlare > >> person that defended their position earlier this week, but there may be > >> more hints (unverified) against your statements: > >> > >> https://twitter.com/xotehpoodle/status/756850023896322048 > >> > >> That could be explored. > >> > >> > >> On top of which there is hints (unverified) on which is the real bad > >> actor behind that new DDoS service: > >> > >> > >> > >> > http://news.softpedia.com/news/pokemon-go-ddos-attacks-postponed-as-poodlecorp-botnet-suffers-security-breach-506910.shtml > >> > >> > >> And I quote: > >> > >> "One thing LeakedSource staff spotted was that the first payment > >> recorded in the botnet's control panel was of $1, while payments for the > >> same package plan were of $19.99." > >> > >> ( Paypal payments btw ) > >> > >> > >> There is enough information, and damages, imho, to start looking for > >> the people responsible from a legal standpoint. And hopefully the > >> proper authorities are interested. > >> > >> PS: > >> > >> I will like to take this time to underline the lack of > >> participation from a vast majority of ISPs into BCP38 and the like. We > >> need to keep educating them at every occasion we have. > >> > >> For those that actually implemented some sort of tech against > >> it, you are a beacon of hope in what is a ridiculous situation that has > >> been happening for more than 15 years. > >> > >> ----- > >> Alain Hebert aheb...@pubnix.net > >> PubNIX Inc. > >> 50 boul. St-Charles > >> P.O. Box 26770 Beaconsfield, Quebec H9W 6G7 > >> Tel: 514-990-5911 http://www.pubnix.net Fax: 514-990-9443 > >> > >> On 08/03/16 09:41, Robert Webb wrote: > >> > Anyone have any additonal info on a DDOS attack hitting host.us? > >> > > >> > Woke up to no email this morning and the following from their web > site: > >> > > >> > > >> > > >> > *Following an extortion attempt, HostUS is currently experiencing > >> sustained > >> > large-scale DDOS attacks against a number of locations. The attacks > were > >> > measured in one location at 300Gbps. In another location the attacks > >> > temporarily knocked out the entire metropolitan POP for a Tier-1 > >> provider. > >> > Please be patient. We will return soon. Your understanding is > >> appreciated. > >> > * > >> > > >> > > >> > >From my monitoring system, looks like my VPS went unavailable around > >> 23:00 > >> > EDT last night. > >> > > >> > Robert > >> > > >> > >> > > >
