Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)DoS Attack from Telecom NZ address 122.58.191.250
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
Zeon

3918 posts

Uber Geek

Trusted

  #677822 27-Aug-2012 21:05
Send private message

Hey guys,
Just to update you all. Everything has been going fine since the upgrade to 1gbps. We started getting alternative style attacks of lots of TCP SYN requests which clogged the CPU on the router. What I ended up doing is taking the target outside of the firewall and directly attached to the border router (since firewalling takes up a lot of CPU). All has been good since with about 1 attack greater than 300mbps doing nothing.

I am happy now :)




Speedtest 2019-10-14



frizianz
105 posts

Master Geek


  #677925 28-Aug-2012 07:43
Send private message

Zeon: Hey guys,
Just to update you all. Everything has been going fine since the upgrade to 1gbps. We started getting alternative style attacks of lots of TCP SYN requests which clogged the CPU on the router. What I ended up doing is taking the target outside of the firewall and directly attached to the border router (since firewalling takes up a lot of CPU). All has been good since with about 1 attack greater than 300mbps doing nothing.

I am happy now :)

Why not try fix it instead of bandaiding it?



Just my 2c.

mjb

mjb
996 posts

Ultimate Geek

Trusted

  #677926 28-Aug-2012 07:52
Send private message

frizianz: Why not try fix it instead of bandaiding it?


That was my exact thought after reading this thread for the first time last night..




contentsofsignaturemaysettleduringshipping



freitasm
BDFL - Memuneh
79323 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #677930 28-Aug-2012 08:07
Send private message

Zeon: Hey guys,
Just to update you all. Everything has been going fine since the upgrade to 1gbps. We started getting alternative style attacks of lots of TCP SYN requests which clogged the CPU on the router. What I ended up doing is taking the target outside of the firewall and directly attached to the border router (since firewalling takes up a lot of CPU). All has been good since with about 1 attack greater than 300mbps doing nothing.

I am happy now :)


Hmmm. So instead of getting this stopped you rather just waste bandwidth, put more resources that cost money?

There's a reason why abuse@telecom.co.nz and abuse@xtra.co.nz exist.





Please support Geekzone by subscribing, or using one of our referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSync 

plambrechtsen
1948 posts

Uber Geek
Inactive user


  #677950 28-Aug-2012 08:51
Send private message

freitasm:
Zeon: Hey guys,
Just to update you all. Everything has been going fine since the upgrade to 1gbps. We started getting alternative style attacks of lots of TCP SYN requests which clogged the CPU on the router. What I ended up doing is taking the target outside of the firewall and directly attached to the border router (since firewalling takes up a lot of CPU). All has been good since with about 1 attack greater than 300mbps doing nothing.

I am happy now :)


Hmmm. So instead of getting this stopped you rather just waste bandwidth, put more resources that cost money?

There's a reason why abuse@telecom.co.nz and abuse@xtra.co.nz exist.


Yep.. And if you need me to chase up you can e-mail me pl at telecom dot co dot nz and we can see what's going on.

However just because the source IP shows it from a Telecom IP address range doesn't necessarily mean it is. :(  Such as things can be that source IP addresses can be spoofed using LOIC when someone wanted to DDos you.

Zeon

3918 posts

Uber Geek

Trusted

  #678022 28-Aug-2012 10:07
Send private message

The rest of the attacks have been DDoS - not from a Telecom source specifically anymore. I went to the police but they declined to help...




Speedtest 2019-10-14

raytaylor
4017 posts

Uber Geek

Trusted

  #678205 28-Aug-2012 14:38
Send private message

It is quite possibly a botnet.

I get them all the time - invalid logins from all sorts of ip addresses trying random logins on my email server.

We have the NZNOG (New Zealand Network Operator Group) mailing list hosted by the university of waikato.
You can often get in touch with a technical person with regard to things like botnet attacks by asking on the mailing list for a contact within a company. Its not really for average helpdesk enquiries, and more upper level technical issues such as tracking down offending users and inter-isp communication.

So if abuse@xtra didnt help, that would be the next place i would try.




Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

1 | 2 
View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

Gen Threat Report Reveals Rise in Crypto, Sextortion and Tech Support Scams
Posted 7-Aug-2025 13:09

Logitech G and McLaren Racing Sign New, Expanded Multi-Year Partnership
Posted 7-Aug-2025 13:00

A Third of New Zealanders Fall for Online Scams Says Trend Micro
Posted 7-Aug-2025 12:43

OPPO Releases Its Most Stylish and Compact Smartwatch Yet, the Watch X2 Mini.
Posted 7-Aug-2025 12:37

Epson Launches New High-End EH-LS9000B Home Theatre Laser Projector
Posted 7-Aug-2025 12:34

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00

eero Pro 7 Review
Posted 23-Jul-2025 12:07

BeeStation Plus Review
Posted 21-Jul-2025 14:21

eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01

WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32

RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26

Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24

Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01

Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.







RSS feeds
Main feed
Forums feed
Copyright
©2002-2025 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Affiliate links
Samsung
AliExpress
Wise
Sharesies
GoodSync
Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright