Sign up with GoogleI can barely open MYBB.
-
Ask a question and get free supportUnlock new privileges and see hidden discussionsWin prizes and earn reputation
-
Question of the day ~ How often do you braai?
-
Afristay giveaway.Win a 2-night stay for two people at an establishment of your choice with R1,000 in spending money. Enter here.
Cool Ideas Fibre ISP – Feedback Thread 2
- Thread starter rpm
- Start date
- Status
I can barely open MYBB.
r00igev@@r
Honorary Master
- Joined
- Dec 14, 2009
- Messages
- 12,114
International to London? I'm seeing about 4% actual packet loss.
r00igev@@r
Honorary Master
- Joined
- Dec 14, 2009
- Messages
- 12,114
Who is your FNO?
Sadv
jannier
Expert Member
- Joined
- Jul 31, 2005
- Messages
- 2,075
Speedtest by Ookla - The Global Broadband Speed Test
Use Speedtest on all your devices with our free desktop and mobile apps.www.speedtest.net
Speedtest by Ookla - The Global Broadband Speed Test
Use Speedtest on all your devices with our free desktop and mobile apps.
The door to internet bliss is always open. I'll even hold it open for you.
This is CISP to London Coreix when they are not mitigating DDOS attacks.
Vuma Trenched, 1Gbps, CPT
j4ck455
Executive Member
- Joined
- Jan 2, 2006
- Messages
- 7,503
That explains why so many have been posting about using Express VPN.
Looney
Executive Member
- Joined
- Nov 18, 2009
- Messages
- 5,347
This is CISP to London Coreix when they are not mitigating DDOS attacks.
Vuma Trenched, 1Gbps, CPT
Very nice! That’s a good result. But they are still suffering DDOS attacks.
jannier
Expert Member
- Joined
- Jul 31, 2005
- Messages
- 2,075
Sure, but it will end eventually and blow over, then we are back to blissful high speeds.
I just turned on a VPN when all this started and really haven't been bothered by it.....
Murmaider
Expert Member
- Joined
- Jan 16, 2008
- Messages
- 1,005
To those ranting at CISP, do you realize this is not their fault right? That's like blaming a company in Sandton because the M1 has traffic congestion.
For those who are asking "when will it be sorted", the truthful answer is "when the attackers stop and move onto their next target". The question should be directed at the attackers and not CISP, cool ideas has absolutely no idea of when these guys are going to stop attacking them.
Last week Domains.co.za was attacked, so was RSAWEB, now CISP and their next target will be another hosting company or connectivity provider in South Africa.
For those who think CISP could do something about it, you do not understand how a DDoS works.
Here is the best way I can explain it.
Think of CISP's international connections in London as a 2 line highway directly to their office.
Currently the highway can manage 2 cars per/sec to their office without any congestion occurring or people having to wait in order to get onto the on ramps.
When there is only a few cars getting onto the highway and arriving at their office, we call it light traffic (5am).
When the highway gets busier, traffic moves along nicely and although the traffic is busy, you not sitting still in the traffic at the on ramps. (normal traffic) 10am.
Now imagine if someone (attackers) suddenly turned 1 million random people into zombies and instructed them to drive to the CISP office. These 1 million zombies climb into their cars and start driving (7am - 8am traffic) and make their way to the on ramps.
Suddenly the on ramps become congested and traffic starts backing up at the on ramp and up the roads leading to the on ramps.
So to combat this, Their office pays the council to upgrade the highway and on ramps to 5 lanes wide and this allows for 5 cars per second to freely through the on ramp and go up the newly upgraded 5 lane highway.
Now the attackers go "Oh.. they upgraded the highway and on ramps to their office, lets turn another 5 million people into zombies (7:30am on a monday) and make them drive to the CISP office.
Once again the newly built 5 lane highway is backed up exactly the same way as their 2 lane highway was and no legitimate drive is even able to get near to the on ramps since all the roads leading to it are now congested with zombie drivers.
Once again, their office pays money to council to upgrade the on ramp and highway to 10 lanes across, this now allows for up to 10 cars per second to feed onto the on ramps and down the 10 lane highway to their office.
The attacks look at this and decide to turn another 20 million people into zombies and instruct them to drive to their office. Now their 10 lane high is blocked just as much as the original 2 lane high was and no real human can get anywhere near the on ramps (Anytime trying to get into Cape Town).
Now based on this example, is it CISP's (or any provider being targeted) fault because attackers kept turning more and more people into zombies to constantly exceed the highways capacity causing the on ramp congestion?
Q & A:
--------
Why don't just pay to have the highway upgrade to 50 lanes across?
Well, because upgrading the highway is very very expensive, so expensive that if did try upgrade it to 50 lanes, they would run out of money and close down.
Couldn't they get the police involved and setup a roadblock (Firewall) by the on ramps to screen the drivers and only let legitimate humans onto the on ramp, which blocking the zombie drivers?
Yes they could, but that only stops the zombies from getting to their office, it doesn't relieve the congestion at the on ramps. In fact, because the police need to check each and every single car manually, it makes access to the on ramps even slower and perpetuates the problem.
Ok ok.. so why don't they just get the police to setup a wackton of road blocks much further out from the on ramps, like in each town surrounding them, that way the policy can stop the zombie driver heading towards the on ramps in the first place?
The really really _really_ want to, except the mayors of these surrounding towns (other providers) said no, they won't let you send your police into their town. They don't trust your police, they worried that your police might harass their town's residents.
But can't they ask these other mayors to use their own police to setup the road blocks and screen the drivers?
They did, but those mayors said no, their cops were busy and were more concerned about their people and not your problems.
What happens if they went and took down all the road signs in the other towns that have directions to their office or got google maps to hide their location so the zombies won't know where their office is, so they won't drive to the on ramps (blackholes).
Well they can and this will remove the congestion on the on ramps and highway. Except legitimate humans now also have no idea how to get to their office. They just as confused as the zombie drivers.
Providers don't ask or want to be DDoS'd in the same way you as a human do not ask or want to be held up at gun point in your house, but it still happens. Would you blame victim or the attackers?
Even if you are held up in your house, but you had 4 meter walls, dual electrified fences, bomb proof gate, bullet proof windows, maybe even armed security guards, but the attackers were military trained personal with ak47's, bombs, grenades and a tank... a freaking tank. Would you still blame the victim or blame the attacker?
The objective of these attacks is to cause companies to lose customers, money and tarnish their brand.
For those who are asking "when will it be sorted", the truthful answer is "when the attackers stop and move onto their next target". The question should be directed at the attackers and not CISP, cool ideas has absolutely no idea of when these guys are going to stop attacking them.
Last week Domains.co.za was attacked, so was RSAWEB, now CISP and their next target will be another hosting company or connectivity provider in South Africa.
For those who think CISP could do something about it, you do not understand how a DDoS works.
Here is the best way I can explain it.
Think of CISP's international connections in London as a 2 line highway directly to their office.
Currently the highway can manage 2 cars per/sec to their office without any congestion occurring or people having to wait in order to get onto the on ramps.
When there is only a few cars getting onto the highway and arriving at their office, we call it light traffic (5am).
When the highway gets busier, traffic moves along nicely and although the traffic is busy, you not sitting still in the traffic at the on ramps. (normal traffic) 10am.
Now imagine if someone (attackers) suddenly turned 1 million random people into zombies and instructed them to drive to the CISP office. These 1 million zombies climb into their cars and start driving (7am - 8am traffic) and make their way to the on ramps.
Suddenly the on ramps become congested and traffic starts backing up at the on ramp and up the roads leading to the on ramps.
So to combat this, Their office pays the council to upgrade the highway and on ramps to 5 lanes wide and this allows for 5 cars per second to freely through the on ramp and go up the newly upgraded 5 lane highway.
Now the attackers go "Oh.. they upgraded the highway and on ramps to their office, lets turn another 5 million people into zombies (7:30am on a monday) and make them drive to the CISP office.
Once again the newly built 5 lane highway is backed up exactly the same way as their 2 lane highway was and no legitimate drive is even able to get near to the on ramps since all the roads leading to it are now congested with zombie drivers.
Once again, their office pays money to council to upgrade the on ramp and highway to 10 lanes across, this now allows for up to 10 cars per second to feed onto the on ramps and down the 10 lane highway to their office.
The attacks look at this and decide to turn another 20 million people into zombies and instruct them to drive to their office. Now their 10 lane high is blocked just as much as the original 2 lane high was and no real human can get anywhere near the on ramps (Anytime trying to get into Cape Town).
Now based on this example, is it CISP's (or any provider being targeted) fault because attackers kept turning more and more people into zombies to constantly exceed the highways capacity causing the on ramp congestion?
Q & A:
--------
Why don't just pay to have the highway upgrade to 50 lanes across?
Well, because upgrading the highway is very very expensive, so expensive that if did try upgrade it to 50 lanes, they would run out of money and close down.
Couldn't they get the police involved and setup a roadblock (Firewall) by the on ramps to screen the drivers and only let legitimate humans onto the on ramp, which blocking the zombie drivers?
Yes they could, but that only stops the zombies from getting to their office, it doesn't relieve the congestion at the on ramps. In fact, because the police need to check each and every single car manually, it makes access to the on ramps even slower and perpetuates the problem.
Ok ok.. so why don't they just get the police to setup a wackton of road blocks much further out from the on ramps, like in each town surrounding them, that way the policy can stop the zombie driver heading towards the on ramps in the first place?
The really really _really_ want to, except the mayors of these surrounding towns (other providers) said no, they won't let you send your police into their town. They don't trust your police, they worried that your police might harass their town's residents.
But can't they ask these other mayors to use their own police to setup the road blocks and screen the drivers?
They did, but those mayors said no, their cops were busy and were more concerned about their people and not your problems.
What happens if they went and took down all the road signs in the other towns that have directions to their office or got google maps to hide their location so the zombies won't know where their office is, so they won't drive to the on ramps (blackholes).
Well they can and this will remove the congestion on the on ramps and highway. Except legitimate humans now also have no idea how to get to their office. They just as confused as the zombie drivers.
Providers don't ask or want to be DDoS'd in the same way you as a human do not ask or want to be held up at gun point in your house, but it still happens. Would you blame victim or the attackers?
Even if you are held up in your house, but you had 4 meter walls, dual electrified fences, bomb proof gate, bullet proof windows, maybe even armed security guards, but the attackers were military trained personal with ak47's, bombs, grenades and a tank... a freaking tank. Would you still blame the victim or blame the attacker?
The objective of these attacks is to cause companies to lose customers, money and tarnish their brand.
Last edited:
It's only my problem to the extent that I'm with CISP. Other than that it's not my problem and I don't care about the reasons etc. Its annoying as hell that this is the 2nd weekend I've lost because I'm with CISP. Fortunately for all of us, we aren't beholden to 1 road in your analogy. There are many many routes to get to the Internet/Sandton. I'm going to sell up and go to a neighbourhood where I don't need to live in a fortress, and where tanks don't roam around the streets trying to find my fortified house.
In summary, CISPS problems are not my problems. I only have 1 care on the internet, and that is reliable service. If they cant sort their problems out and give me what I'm paying them for, I can sort my problem out and leave and give the money to someone who knows how to handle this stuff better. That's all there is to it.
John Tempus
Executive Member
- Joined
- Aug 8, 2017
- Messages
- 6,121
Great long post that actually missed the entire point.
The internet doesn't operate like a freaken road, glad you drank the coolaid when every tom dick and harry company tried to play the road game to justify their pricing.
The DDOS attacks and I am suspecting CISP is being affected in this way is usually targeting exploitable networks more than just throwing random traffic at the network.
Stuff like DNS flooding, SYN flooding etc. does not actually mean the attackers send 500Gbit of traffic, it is just the receiving routers translate the traffic into 500Gbit due to exploitation such as packet splitting that translate in extra overhead traffic so as much of a pain a DDOS is the fact of the matter exploitable networks will suffer from these attacks over and over.
It doesn't take a genius to find targets either, there are multiple online network exploitation scanners that even the dumbest "hacker" can utilize to find their targets.
There is zero chance that CISP network was just directly selected as a direct target from day 1 and more likely their network got caught up with these exploitation scanners as a viable target. The attackers probably didnt and perhaps still doesn't even know who CISP is.
The internet doesn't operate like a freaken road, glad you drank the coolaid when every tom dick and harry company tried to play the road game to justify their pricing.
The DDOS attacks and I am suspecting CISP is being affected in this way is usually targeting exploitable networks more than just throwing random traffic at the network.
Stuff like DNS flooding, SYN flooding etc. does not actually mean the attackers send 500Gbit of traffic, it is just the receiving routers translate the traffic into 500Gbit due to exploitation such as packet splitting that translate in extra overhead traffic so as much of a pain a DDOS is the fact of the matter exploitable networks will suffer from these attacks over and over.
It doesn't take a genius to find targets either, there are multiple online network exploitation scanners that even the dumbest "hacker" can utilize to find their targets.
There is zero chance that CISP network was just directly selected as a direct target from day 1 and more likely their network got caught up with these exploitation scanners as a viable target. The attackers probably didnt and perhaps still doesn't even know who CISP is.
Enzo Matrix
Honorary Master
- Joined
- Dec 15, 2006
- Messages
- 13,814
Its highly likely you are wrong and that there is a ransom
GlassMirror
Expert Member
- Joined
- Dec 11, 2015
- Messages
- 2,726
I thought I was going crazy earlier when I saw all these 2009, 2010 and 2011 accounts posting here with just 30-40 posts to their names. It's so weird and suspicious that all these accounts are advocating for Supersonic all of a sudden, or it's some regular member's troll accounts
So who do you recommend then?
TheRoDent
Cool Ideas Rep
- Joined
- Aug 6, 2003
- Messages
- 6,218
We are still under attack, but we are mitigating it as best we can. And in fact, the internet does operate like a road.
A volumetric DDOS attack, is exactly that. Exploitable routers on the internet are used to send huge volumes of garbage traffic towards the target, by spoofing the source address of a small packet, and the vulnerable device replies back to the spoofed network (us) with a much larger packet. UDPprotocols like DNS and LDAP is the go-to exploit for this...
It's not that our network is "exploitable", it's just that when dealing with a huge volume of traffic, your uplink ports get congested, and packet loss occurs. This leads to poor TCP performance, and general network performance problems. This is why we upgraded our UK infrastructure to 14 times it's original capacity. Our routers didn't "amplify" any incoming traffic. It was just that literally every uplink port we had in the UK was saturated. Even local ports were getting saturated at times.
As a small example, this was our NAP Africa Cape town traffic today. We simply peer with Microsoft in Cape Town for Azure. Yet there are thousands of vulnerable hosts in Azure that can easily be convinced (when sent a small 64 byte DNS or LDAP UDP packet) to return a response 10-20 times larger than the original, hence the amplification factor.
This is but one peer that was sending us garbage.
"Update 24 Nov 18:15: Cool Ideas engineers are seeing improvements in latency and throughput and are continuing to work on improving connectivity internationally."
Anyone else not seeing any difference ? Local seems screwed for me this side too for the most part.
Anyone else not seeing any difference ? Local seems screwed for me this side too for the most part.
And clearly some people here are incapable of reading the entire context of a discussion. As I said repeatedly, if you're not happy, by all means, go. It's your money, do whatever the want you with it.
BUT STOP WHINING REPEATEDLY ON A SUPPORT THREAD THINKING IT'S SOMEHOW GOING TO MAKE THINGS BETTER.
I know this may seem obvious but have you tried rebooting everything? I'm able to game and stuff again my side.
BrendanMc
Expert Member
- Joined
- Jan 14, 2008
- Messages
- 1,965
WTF package are you on that you get those speeds?This is CISP to London Coreix when they are not mitigating DDOS attacks.
Vuma Trenched, 1Gbps, CPT
So two members who joined in 2010 are now suddenly supersonic supporters?
Not sure how you deduced from my asking someone a question about how Supersonic mitigates DDoS attacks that I'm a supporter of the company. I know nothing about them. Hence the point of asking the question.
I don't know the details. That's the whole reason I was asking Markd about it. I'm not comparing anything to anything. I'm trying to find out info about different ISPs, different DDoS events, and how each mitigates these attacks.
Honestly not sure how some people on this forum come to the assumptions they do.
- Status