Profile

Cover photo
64 followers|61,511 views
AboutPosts

Stream

LG

Shared publicly  - 
 
http://lg.version6.net/ may have higher load than normal due some DDoS attack.

It is not yet clear what is the point of this DDoS and it is blocked from web server but it still generates good amount of additional server load. The request flood comes from random IP addresses which change over time and therefore simple firewall in server side does not work. We are looking for some IDS setup right now for that.

If anyone is interested in how these queries look like then here is on example. All requests are the same with two different router names. Here is how it looks like:

95.62.21.82 - - [15/Apr/2012:09:22:48 +0000] "OPTIONS /?query=trace&protocol=IPv4&addr=50.61.234.168&router=r9-Tln-Linx HTTP/1.1" 302 363 "hxxp://www.hiogo. com/files/jsql/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.162 Safari/535.19"

I changed referer link to avoid hyperlinking here. This is actually normal HTTP URL to the nonexisting location.

Has anyone seen such "OPTIONS" requests before?
1
Add a comment...

LG

Shared publicly  - 
 
Try this LG to see the latest features
Linxtelecom AS3327 BGP Looking Glass, Ping and Traceroute
1
Add a comment...
Have them in circles
64 people
haythem gharsalli's profile photo
Nicloue Lai's profile photo
Ami Jahani's profile photo
Андрей Кознов's profile photo
THOREN NIL's profile photo
Sunny Ver's profile photo
Repairs Universe's profile photo
Met Visoun's profile photo
TeMP Aiven's profile photo

LG

Shared publicly  - 
 
About. LG is a Looking Glass written in Perl as a CGI script. It can execute almost all BGP-related commands and do ping and traceroute in routers or relay these queries to other looking glasses. It s...
1
Add a comment...
People
Have them in circles
64 people
haythem gharsalli's profile photo
Nicloue Lai's profile photo
Ami Jahani's profile photo
Андрей Кознов's profile photo
THOREN NIL's profile photo
Sunny Ver's profile photo
Repairs Universe's profile photo
Met Visoun's profile photo
TeMP Aiven's profile photo
Story
Tagline
Looking Glass - online BGP information
Introduction
LG is a Looking Glass written in Perl as a CGI script. It can execute almost all BGP-related commands and do ping and traceroute in routers or relay these queries to other looking glasses. It supports both IPv4 and IPv6 commands, and is tested with Cisco IOS, Zebra/Quagga, and Juniper JUNOS. It can connect to a router using SSH, telnet or rsh.