Win27 shared IP taking DDOS attack

Stephen

Stephen

US Operations
Staff member
Seeing over 300Mb/s steady coming in against the shared IP on win27 we are trying to ID and help stop it.
 
we have an app pool down that the target site is housed within, working to whittle it down from here.
 
We are trying to remove the shared IP for a few minutes, as we don't want to do a null route of the IP like upstreams are requesting.
 
Upstream providers not being particularly helpful today just wanting to null route all traffic to here not help us block the top incoming sources of attack.

the IP has been re-added as it was not helping to remove it, the attack kept coming in
 
ok so after all this, they did apply the ACL as we'd wanted.

Right now you CAN'T ping Win27, but services are up :)
 
The site that is being attacked, still has attacking coming in and we've got it mitigated as best possible.

There are over 9,300 IPs attacking, and no one more than 60000 hits

the main impact at the moment is on server CPU, network is very manageable.
 
You must log in or register to reply here.
Back
Top