Answer to “blackmail”
response to habrahabr.ru/blogs/infosecurity/68131
Our company tried to blackmail in a similar way.
We have a WWW server on VPS (Linux) of informational character and our own processing servers listening to port 443 from the world (FreeBSD).
The attackers tried to hinder the work of the information site and one of the least significant servers (the rest are not known to the general public, only to our clients).
')
Naturally, no one was going to pay anything. The attack on the information site at first was successful. After talking with the host, we were still given the right to configure iptables. By adjusting the protection accordingly, the load was significantly reduced, the server was still experiencing the load, but was no longer lying. Part of the network from which the attack was made, were manually blocked.
Pf was configured accordingly on FreeBSD - there were no problems at all - the main load fell on the information server.
The incident was reported to the relevant authorities.
In general, gentlemen, set up security screens. Those who are hosted, it remains only to rely on the literacy of the administrators of the host.
Another tip: if you have apache, if possible, put nginx in front of it, it holds the load much better.
Our company tried to blackmail in a similar way.
We have a WWW server on VPS (Linux) of informational character and our own processing servers listening to port 443 from the world (FreeBSD).
The attackers tried to hinder the work of the information site and one of the least significant servers (the rest are not known to the general public, only to our clients).
')
Naturally, no one was going to pay anything. The attack on the information site at first was successful. After talking with the host, we were still given the right to configure iptables. By adjusting the protection accordingly, the load was significantly reduced, the server was still experiencing the load, but was no longer lying. Part of the network from which the attack was made, were manually blocked.
Pf was configured accordingly on FreeBSD - there were no problems at all - the main load fell on the information server.
The incident was reported to the relevant authorities.
In general, gentlemen, set up security screens. Those who are hosted, it remains only to rely on the literacy of the administrators of the host.
Another tip: if you have apache, if possible, put nginx in front of it, it holds the load much better.
Source: https://habr.com/ru/post/68302/
All Articles