[AusNOG] DDOS mitigation

Heinz N ausnog at equisoft.com.au
Sun May 12 15:51:48 EST 2013


That is a very good question. Sorry, I wish there was a practical 
solution. There will HAVE to be a solution at some stage as DCs cannot 
continue to wear the ludicrous CPU demands of PHP forever, and the network 
traffic of all those BOTs will clog everything up.

To mitigate the completely ridiculous CPU needed, I have been searching 
for a PHP compiler, but have had no such luck as yet. PHP is NOT a serious 
programming or even scripting language as the syntax changes from version 
to version! It is some stupid toy that was free way-back-when and everyone 
now supports it.

For larger database clients I have developed a general purpose C++ based 
middleware engine that understands WWW, SQL, security, low network 
bandwidth and how to marry all of that together and is also very fast. 
However, as there is no provisioning tool (it is currently done manually), 
it is a pain to set up. So, I suppose I have done the "design it yourself" 
thing as there hasn't been anything decent around for the last 13 years 
with security designed right into the base of it right from the start.

Regards,
Heinz N

On Sun, 12 May 2013, James Hodgkinson wrote:

> On this topic, is there a good non-PHP alternative that I can hand to people
> that Just Works? Every time I've asked this question I've been told
> Jekyll/build-your-own-in-django etc, which is not a solution.
> James
> 
> 
> On 12 May 2013 13:29, Heinz N <ausnog at equisoft.com.au> wrote:
>       +1
>
>       I have LOTS of attempts on the Mambo, Joomla & Wordpress sites
>       that I host. They spray the Administrator pages with login
>       attempts. It is damn annoying as it fills the logs up too!
>       Please, please everyone set a directory password on all
>       administrator directories (as well a secure admin login
>       password).
>       See :
>       http://www.thesitewizard.com/apache/password-protect-directory.shtml
>       to set a directory password. It is easy to do! I HATE PHP with a
>       vengence!!! It is 10X slower than a compiled application: it is
>       easy to see if they are trying to exploit you, just look at the
>       massive spike in CPU on the servers!. It seems that I am reading
>       about a new PHP exploit every few weeks. It is so easy to
>       mis-configure the stupid thing as well. </rant>
>
>       Regards,
>       Heinz N
> 
>
>       On Sun, 12 May 2013, Zone Networks - Joel wrote:
>
>             Its all those damn Joomla/Wordpress websites that
>             have been compromised and
>             I don't see it stopping either, since they are
>             millions of these websites
>             that wont get patched/upgraded until its exploited.
>
>             -----Original Message-----
>             From: ausnog-bounces at lists.ausnog.net
>             [mailto:ausnog-bounces at lists.ausnog.net] On Behalf
>             Of Dobbins, Roland
>             Sent: Sunday, 12 May 2013 12:58 PM
>             To: ausnog at lists.ausnog.net
>             Subject: Re: [AusNOG] DDOS mitigation
> 
>
>             On May 12, 2013, at 7:15 AM, Joshua D'Alton wrote:
>
>                   and this is why it falls back on the
>                   originating networks to fix their
>
>             problems ie udp spoof so that they arent sending so
>             much traffic in the
>             first place.
>
>             FYI, the ongoing attack campaign against US
>             financial institutions regularly
>             hits ~35gb/sec - ~70gb/sec, non-spoofed.
>
>             -----------------------------------------------------------------------
>             Roland Dobbins <rdobbins at arbor.net> //
>             <http://www.arbornetworks.com>
>
>                       Luck is the residue of opportunity and
>             design.
>
>                                    -- John Milton
>
>             _______________________________________________
>             AusNOG mailing list
>             AusNOG at lists.ausnog.net
>             http://lists.ausnog.net/mailman/listinfo/ausnog
> 
>
>             _______________________________________________
>             AusNOG mailing list
>             AusNOG at lists.ausnog.net
>             http://lists.ausnog.net/mailman/listinfo/ausnog
>
>       _______________________________________________
>       AusNOG mailing list
>       AusNOG at lists.ausnog.net
>       http://lists.ausnog.net/mailman/listinfo/ausnog
> 
> 
> 
>


More information about the AusNOG mailing list