Profile

Cover photo
64 followers|11,180 views
AboutPosts

Stream

LG

Shared publicly  - 
 
http://lg.version6.net/ may have higher load than normal due some DDoS attack.

It is not yet clear what is the point of this DDoS and it is blocked from web server but it still generates good amount of additional server load. The request flood comes from random IP addresses which change over time and therefore simple firewall in server side does not work. We are looking for some IDS setup right now for that.

If anyone is interested in how these queries look like then here is on example. All requests are the same with two different router names. Here is how it looks like:

95.62.21.82 - - [15/Apr/2012:09:22:48 +0000] "OPTIONS /?query=trace&protocol=IPv4&addr=50.61.234.168&router=r9-Tln-Linx HTTP/1.1" 302 363 "hxxp://www.hiogo. com/files/jsql/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.162 Safari/535.19"

I changed referer link to avoid hyperlinking here. This is actually normal HTTP URL to the nonexisting location.

Has anyone seen such "OPTIONS" requests before?
1
Add a comment...

LG

Shared publicly  - 
 
Try this LG to see the latest features
Linxtelecom AS3327 BGP Looking Glass, Ping and Traceroute
1
Add a comment...
Have them in circles
64 people
Abdinasir Harbi's profile photo
Doai Lucky's profile photo
visoun Met's profile photo
Paul Park's profile photo
Pawel Stefanski's profile photo
charbel dagher's profile photo
方帅帅's profile photo
邢海波's profile photo
kwame saidi's profile photo

LG

Shared publicly  - 
 
About. LG is a Looking Glass written in Perl as a CGI script. It can execute almost all BGP-related commands and do ping and traceroute in routers or relay these queries to other looking glasses. It s...
1
Add a comment...
People
Have them in circles
64 people
Abdinasir Harbi's profile photo
Doai Lucky's profile photo
visoun Met's profile photo
Paul Park's profile photo
Pawel Stefanski's profile photo
charbel dagher's profile photo
方帅帅's profile photo
邢海波's profile photo
kwame saidi's profile photo
Story
Tagline
Looking Glass - online BGP information
Introduction
LG is a Looking Glass written in Perl as a CGI script. It can execute almost all BGP-related commands and do ping and traceroute in routers or relay these queries to other looking glasses. It supports both IPv4 and IPv6 commands, and is tested with Cisco IOS, Zebra/Quagga, and Juniper JUNOS. It can connect to a router using SSH, telnet or rsh.