Posted by: 3490006?
Posting time: 1.1 years ago on
Last edit time: never edited.
Archived on: 1/27/2020 10:00:00 AM
Views: 1491
SCP: 294
297 upvotes, 3 downvotes (99% upvoted it)
~91 user(s) here now
Subverse anonymized: usernames are hidden and votes don't count.
NSFW: Yes
Authorized: No
Anon: Yes
Private: No
Type: Default
view the rest of the comments →
[–] 21113029? 0 points 1 point 1 point (+1|-0) ago
Been on and off for weeks or longer but hasn't it always been attacked by DOS attacks?
[–] 21114572? ago
How would that work? Wouldn’t not being able to get past login prevent that?
[–] 21117013? 0 points 2 points 2 points (+2|-0) ago
No.
DDoS usually focuses on the connection establishment handshakes which take place well before the login page is served. That's why it's difficult to counter.
There's not (inherently) anything distinguishing a connection from a DDoS attack from a legitimate connection.
The only way to discriminate between the two is by correlation with other factors like "Is the source IP establishing too many connections at this time ?".
Correlation is expensive (needs a bunch of logs and log parsing), prone to false positives and sometimes impossible.
[–] 21113875? ago
6million hits a second, every second, all day
[–] 21116984? ago
6 gorillion