from Hacker News

Second large Hetzner outage in a week caused by DDoS attack

by xmpir on 5/6/22, 9:15 PM with 53 comments

  • by tempnow987 on 5/6/22, 10:10 PM

    I thought OVH and Hetzner were the source of a ton of these DDoS attacks. Their IP ranges always seem to be in abuse logs.

    Cloudflare write in a recent attack:

    The top networks included the German provider Hetzner Online GmbH (Autonomous System Number 24940), Azteca Comunicaciones Colombia (ASN 262186), OVH in France (ASN 16276), as well as other cloud providers.

    https://blog.cloudflare.com/15m-rps-ddos-attack/

  • by ricardobeat on 5/6/22, 9:53 PM

    At their size, don’t they have some kind of hardware-level packet filtering ability like cloudflare to protect against these attacks?

  • by xmpir on 5/6/22, 10:05 PM

    I am wondering what the attacker's intent is

  • by xmpir on 5/6/22, 9:26 PM

  • by davidtinker on 5/9/22, 7:08 AM

    Anyone know if it is possible to mitigate the impact of Hetzner blocking UDP traffic on port 9000+? These outages whacked our Kubernetes clusters (Calico + vxlan + Wireguard). https://serverfault.com/questions/1100482/how-to-limit-udp-p...

  • by ffhhj on 5/6/22, 10:11 PM

    Excuse the ignorance, but couldn't ISPs block the attacks?

  • by _-david-_ on 5/6/22, 9:27 PM

    >This concerns UDP traffic on port 9000-65535.

    Does anybody know what usually runs on those ports?

  • by walrus01 on 5/6/22, 10:44 PM

    [spiderman-pointing-at-spiderman.gif]

    seriously, aren't they commonly the SOURCE of many DoS attacks...

    any hosting provider where some random person on the internet and $5 of credit on a prepaid visa card will have this problem.

  • by unnouinceput on 5/6/22, 10:07 PM

    Maybe, just maybe, rely less on embedded framework on embedded framework that spit JavaScript that gets 95% unused. If for a simple outage apology page the output was 1.7MB, I can only imagine for their normal pages how much it is. At this size I feel only like 10k legit users would unwillingly do the outage anyway. But hey, Kubernetes and Node.js is all the rage nowadays.