[plug] ADSL problems
Craig Ringer
craig at postnewspapers.com.au
Thu May 15 16:00:28 WST 2003
> Thing is, DDOS attacks have the capability to swamp *any* mail setup. iiNet
> have multiple servers - perhaps if they had 100 they'd be able to block the
> source address before they all got drowned, but with DDOS as opposed to DOS,
> even that's unlikely. And they don't have 100 mail servers :-)
Nah, they have well less than 10. (6?). Perhaps there is nothing they
can do but wait for the server to flush its queues afterwards. Doesn't
change the fact that their servers aren't really useable, though it may
in fairness be simply because they're a "big, juicy target" for
undiciplined little turds.
That said, before I switched to self-hosted mail I got "We had a DoS
attack, which has been blocked, but the servers will take 24 to 36 hours
to recover" too often from their support folk. S'pose it must be hard to
impossible to automatically delete (eg using perl + mailq) randomly
generated mail from many essentially random addrs, but a normal DoS
shouldn't really do much. Then again, p'haps their support folk never
thought the distributed nature of the attack was something they really
needed to tell the customer (and fair enough, really)
More information about the plug
mailing list