Results 1 to 10 of 14
-
08-03-2004, 11:54 AM #1
- Join Date
- Dec 2003
- Posts
- 7,868
How come all the datacenters doesn't provide IRC servers?
Hi Guys,
What are the main reasons that all the datacentes doesn't provide IRC servers?.
Thanks
DavidDataCenterTalk Rate, review and Discuss about datacenters.
DatacenterSearch Where your datacenter search ends.
-
08-03-2004, 12:46 PM #2
- Join Date
- Jan 2004
- Posts
- 3,363
They are vunerable to DDOs atacks and they use up a lot of traffic...
-
08-03-2004, 01:00 PM #3
- Join Date
- Mar 2004
- Posts
- 836
Most don't only refuse IRC servers, but alot of them also refuse IRC clients (BitchX, Bots, Bouncers, ...). Imagine a server with about 200 connections to IRC servers. Those are 200 potentional DDoS targets. Also mostly, people that access IRC via the shell account (so via the dedicated servers) think they are harmless because people don't know their real IP, so they aren't afraid to make some scriptkiddies mad and let them DDoS him. Now keep in mind, a strong DDoS can almost put down the whole backbone of a datacenter!
So, when dedicated server providers provide access to IRC, they need:
- a special connection for all IRC traffic
- auto-nullrouting routers and other security related material to prevent DDoSes
- ...
Mostly, dedicated server providers who provide IRC access, have a less stable network. Those datacenters are almost under attack by DDoS'ers DAILY. Yes indd, DAILY. So you can imagine it's alot of work and requires alot of money and stress to try and keep the network stable and online.
Here's a affordable datacenter that allows IRC access: www.staminus.net
It's relativly stableI used to have a dedi with them.
PixelFor reliable shared and reseller hosting, visit RadixHosting.
-
08-03-2004, 01:44 PM #4
- Join Date
- Jan 2004
- Posts
- 3,363
HeyI heard something to block DDOS, a way they deal with it in China.
If you are under heavy DDOS on port 80 (KEY POINT) and you KNOW (KEY POINT) which domain that is. What you can do is to change the A record (www) of that domain to 127.0.0.1 and leave it for 1 hour. All DDOS bots will die eventually because they will send all the traffic to themselves no matter the IP is spoofed or not.
I have done a small test on a spare server I have lieing around and all the bots died instantly. They killed themselves.
-
08-03-2004, 02:09 PM #5
- Join Date
- Dec 2003
- Posts
- 7,868
Tris, Thank you for explanation. It is very useful for everyone.
DataCenterTalk Rate, review and Discuss about datacenters.
DatacenterSearch Where your datacenter search ends.
-
08-04-2004, 07:12 AM #6
- Join Date
- Mar 2004
- Posts
- 836
Mostly, people first resolve the IP and then use that as target, so no domain name is involved. Then what do you do?
For reliable shared and reseller hosting, visit RadixHosting.
-
08-04-2004, 07:29 AM #7
- Join Date
- Jan 2004
- Posts
- 3,363
if its at port 80 you can still do the above. But like i said this is only for port 80. I mean they can do it on other ports. As also said you have to know which IP/domain they are going for.
-
08-08-2004, 07:18 AM #8
- Join Date
- Mar 2004
- Posts
- 836
Tris, that's only if they let the bots resolve the domain...
Let's suppose he wants to DDoS this board. He resolves webhostingchat.com, which results in 69.57.150.97. He lets his bots do a connection-flood on 69.57.150.97:80. The only thing you can do now is nullroute that IP.For reliable shared and reseller hosting, visit RadixHosting.
-
08-08-2004, 07:19 AM #9
- Join Date
- Jan 2004
- Posts
- 3,363
Well use an external hardware solution at the router
-
08-30-2004, 12:24 PM #10
- Join Date
- Jul 2004
- Posts
- 41
With IRC comes script kiddies, with script kiddies come packets... with packets come excessive use of bandwidth and network latency, none of which are fun.
Bookmarks