Second DDOS Attack... this guy has no life

Just got DDOSed again, took me a little while to block this one, because i blocked myself by mistake lol

anyways...

last ddos attack i reported it to the FBI, which i really doubt they will do anything...

so who else can i report it to?

here is a list of the ips of the attackers, if you are interested: http://hotnoob.com/share/ddos_ips_oct19-2011.txt
---

this attack was much different, from the looks of it, the attacker(same as before), tried to brute force into my mail system, so i had to disable that.
fail2ban wasn't seeming to work; if it were working, my server would have never had 67 of the cpu cores running full blast.


at the same time there was a brute force attack at the lpad, and AGAIN a 3 combo ddos attack was hitting(because of my current security, the combo ddos basically did nothing). seemed to be a mixture of a java based ddos program, and possibly LOIC (really pathetic that they used it lol); i'm not sure if it was a stupid skid group or a botnet who did this; seems to be a botnet due to how organized it is, but there is a lot of evidence that its not.
also like before, shortly after i blocked it all, the attack stopped; does this loser have no life?

also, this is a real issue with my bandwidth, i'm already at 2.3TB for this month, and its only half way through.

any ideas on what i should do?

 

FBI won't do anything unless you can prove over $5000 in damages.

Is this a webserver or do you run multiple services on this?

 

More effectively write abuses to ISP. If you can not cope with DDoS attacks alone, you'd better use the services of companies providing DDoS protection.

 

This guy doesn't listen.

I looked and I gave him advice to fix this almost 2 weeks ago. He seems to prefer to insult the people who are ruining him in posts like this and probably will post something in two weeks saying that it has gotten worse.

 

cloudflare does not work for video streaming.

 

I would recommend buying a hardware based firewall for your server or moving to a host that offers DDoS protection.

Also, write a script to send abuse emails to the ISPs of all those IP addresses.

 

You can setup a server firewall based on FreeBSD + Nginx + PF
If you want to learn more i can teach you for free.

Don't buy expensive DDoS protection

 

I was under the impression that DDOS was almost impossible to protect against due to the attacker changing their IP address at certain intervals to avert the IP blocking?

 

Since when you can report to the FBI?

But may I ask what are you hosting?

 

Depends on the budget you have and size of attack whether you can fight it or not. If it is not consuming your port and you have enough processing power on the box you have a fighting chance. If it is consuming port there is a number of things you can do from setting up failover clusters to getting more bandwidth/ram and such.

And yes you can do nearly all this for a fraction of the cost of these expensive ddos protection services.

 

67 cpu cores?? What kinda server is that? Also what was the traffic that you encountered in PPS?

 

CSF + LFD works awesome and it is free. I use it and it offers great protection.

 

with some specific rules or use as it is if you have no experience

Note: The Node must support iptables modules for runnig CSF