Cool Ideas suffers massive outage due to DDoS

Bradley Prior

MyBroadband Journalist
Super Moderator
Joined
Oct 16, 2018
Messages
1,807
Cool Ideas suffers massive outage due to DDoS

Internet service provider Cool Ideas has been hit by a DDoS attack which has affected its ability to provide a stable Internet connection to its customers.

“We are currently experiencing a distributed denial of service attack that is affecting all customers on our network,” said the company in a statement.
 

Tinuva

The Magician
Joined
Feb 10, 2005
Messages
8,647
This is where their choice of upstream provider will hurt them. I like HE.net for IPv6, but I dislike when ZA ISPs use them as their upstream provider. HE.net is actually a horrible tier1 provider. Even Cogentco is miles better.

Having access to nullroute ips in London before it hits your backhaul to SA using BGP communities helps bucket loads in these situations, especially if automated.
 

furpile

Expert Member
Joined
Jul 14, 2014
Messages
2,683
This is where their choice of upstream provider will hurt them. I like HE.net for IPv6, but I dislike when ZA ISPs use them as their upstream provider. HE.net is actually a horrible tier1 provider. Even Cogentco is miles better.

Having access to nullroute ips in London before it hits your backhaul to SA using BGP communities helps bucket loads in these situations, especially if automated.
From the CI thread it seems they did move over to Cogent now.
 

Happy Days

Senior Member
Joined
Feb 14, 2017
Messages
509
This is where their choice of upstream provider will hurt them. I like HE.net for IPv6, but I dislike when ZA ISPs use them as their upstream provider. HE.net is actually a horrible tier1 provider. Even Cogentco is miles better.

Having access to nullroute ips in London before it hits your backhaul to SA using BGP communities helps bucket loads in these situations, especially if automated.
Sounds like you should be consulting for Cool Ideas :thumbsup:
 

Tinuva

The Magician
Joined
Feb 10, 2005
Messages
8,647
Sounds like you should be consulting for Cool Ideas :thumbsup:
I think there are many people better than me.

That said, seeing the post above yours, they just need to automate the process now that detects the ips receiving abnormal traffic and nullroute them in realtime using bgp route injection.

When we did this at my previous work place, it made life so much better not having to figure out what is going on each time, just look at the dashboard and received email updates on whenever something happens. 1 person may have been affected, but the rest of the network was usually fine.
 

TheRoDent

Expert Member
Joined
Aug 6, 2003
Messages
3,524
This is where their choice of upstream provider will hurt them. I like HE.net for IPv6, but I dislike when ZA ISPs use them as their upstream provider. HE.net is actually a horrible tier1 provider. Even Cogentco is miles better.

Having access to nullroute ips in London before it hits your backhaul to SA using BGP communities helps bucket loads in these situations, especially if automated.
We have both Cogent and HE :)
 

TheRoDent

Expert Member
Joined
Aug 6, 2003
Messages
3,524
I was wondering why Netflix was buffering on rewind, now I'm grateful that I was able to watch anything at all when I got home this evening.



Good to know that you're on top of this Mr RoDi :thumbsup:
What were you streaming BTW? We have several red Netflix boxes in our network.
 

GhostSixFour

Mafia Addict
Joined
Nov 9, 2009
Messages
12,641
O. Is this what happened? I received an email from Vumatel saying there has been maintenance done, and marked it down to that. :(
 

Tinuva

The Magician
Joined
Feb 10, 2005
Messages
8,647
We have both Cogent and HE :)
Thats great. Only need to drop HE now and then add a DDoS detection system that is scripted to inject BGP null route rules, which will then drop the traffic on Cogent's edge long before it even reaches your network. The detection system is needed to automate the whole process, then you guys can sleep at night :)
 

TheRoDent

Expert Member
Joined
Aug 6, 2003
Messages
3,524
Thats great. Only need to drop HE now and then add a DDoS detection system that is scripted to inject BGP null route rules, which will then drop the traffic on Cogent's edge long before it even reaches your network. The detection system is needed to automate the whole process, then you guys can sleep at night :)
We have this. :)
 
Top