不好意思,这篇文章可能发的比较晚了。搬瓦工 VPS 主机最近一阵子也经常遭受到一些攻击,已经看到多个网友反馈,所以整理一下客服的答复。其实最近不止是搬瓦工商家,还有一些其他商家,包括 DMIT、GigsGigsCloud、CubeCloud 等,都经历了不同程度的攻击。时至今日可能攻击有所缓解,对付这种事情可能确实没什么好的方法,仅此分享记录一下。
一、最近遭受攻击的商家整理
最近几天看到遭受攻击的商家主要包括搬瓦工、DMIT、GigsGigsCloud、CubeCloud 等多个商家,相关文章整理如下。
- 《搬瓦工 CN2 GIA-E 套餐 DC6、DC9 等机房丢包率高/连不上/被攻击》
- 《搬瓦工中国香港 CN2 GIA 套餐全部缺货,去程暂时绕路 NTT,回程直连》
- 《搬瓦工、DMIT、GigsGigsCloud 等商家的 CN2 GIA 线路遭受持续攻击》
- 《CubeCloud 恢复 CN2 连接,香港 Pro 攻击事件最新动态》
二、搬瓦工被攻击情况说明
下面是搬瓦工客服回复的关于美国洛杉矶 CN2 GIA 被攻击情况的说明和对应中英文。
你好,
在过去几天对此问题进行故障排除时,我们发现其根本原因是同时针对数百个 IP 的周期性 UDP 泛洪。
由于每次洪水的持续时间非常短(每个目标 IP 几秒钟)并且每秒数据包数量相对较少(大约 1000 pps),因此我们的系统不足以触发警报和采取对策。
遗憾的是,中国电信的 CN2 GT/GIA 网络无法应对这种类型和规模的洪水。它根本没有所需的容量。
随着我们现在对情况有了更好的了解,我们联系了几家在中国提供 DDoS/洪水保护的公司,并联系了我们知道过去处理过类似攻击的几位业内人士。
虽然我们知道这种情况让所有相关人员感到沮丧,但我想向您保证,我们正在 24/7 全天候工作,以尽快找到解决方案。从我们目前收到的反馈来看,我们应该能够在接下来的几天内建立一个体面的保护。
同时,在我们与相关组织合作制定永久性解决方案的同时,我们对基础设施进行了更改,以便在我们制定永久性解决方案时能够更好地吸收洪水并在我们这边进行处理。今天我们还要求我们的上游供应商配置简单的 ACL 来过滤掉特定的 UDP 泛洪,而且它似乎工作得相当好。如有必要,我们将调整这些 ACL。
今天做了以上改动后,情况稳定,所有服务都正常启动运行。但我们并没有休息并继续我们的内部和外部工作,以获取永久和可靠过滤所需的资源。
谢谢你。
英文原文:
Hello,
While troubleshooting this issue over the past few days, we have discovered that the root cause of it is a periodic UDP flood targeting hundreds of IPs simultaneously.
As each flood is very short in duration (a few seconds per target IP) and relatively small number of packets per second (around 1000 pps), it was not enough for our systems to trigger alerts and engage countermeasures.
Regretfully, China Telecom’s CN2 GT/GIA networks are not capable of handling floods of this type and scale. It simply does not have the required capacity.
As we now better understand the situation, we have connected with a few companies who provide China-based DDoS/flood protection, as well as reached out to several people in the industry that we know dealt with similar attacks in the past.
While we understand that this situation is frustrating for everyone involved, I would like to reassure you that we are working 24/7 to get a solution in place — as soon as humanly possible. From the feedback we have received so far, we should be able to set up a decent protection within the next few days.
Meanwhile, while we are working with relevant organizations on a permanent solution, we have made changes to our infrastructure to be able to better absorb the floods and deal with them on our side while we are setting up a permanent solution. Today we have also asked our upstream providers to configure simple ACLs to filter out the specific UDP floods, and it seems to have worked reasonably well. We will adjust these ACLs if/when necessary.
After the above changes have been made today, the situation is stable and all services are up and running normally. But we are not resting and continuing our work internally and externally to acquire resources needed for permanent and reliable filtering.
Thank you.
以及对于搬瓦工中国香港 CN2 GIA 被攻击的情况说明。
我们已于 9 月 1 日切换到 NTT 路由和 DDoS 保护。
出站是通过 CN2 GIA – 您可以使用从您的 VPS 到基于中国电信的 IP 的 traceroute 进行测试。对于数据传输速度,出站(从我们到您)拥有 CN2 GIA 比入站更重要。
我们承认延迟较高,一旦攻击停止,我们将禁用 DDoS 保护,并恢复入站 CN2 GIA 路由。
谢谢你。
英文原文。
We have switched to NTT routing and DDoS protection on September 1.
Outbound is via CN2 GIA — you can test this with traceroute from your VPS to a CT/China based IP. For data transfer speeds, it is much more important to have CN2 GIA on the outbound (from us to you) than inbound.
We do acknowledge that the latency is higher, and as soon as the attacks stop, we will disable DDoS protection and inbound CN2 GIA routing will be restored.
Thank you.
三、搬瓦工最新优惠套餐
参考:《2022年9月最新搬瓦工优惠码/搬瓦工便宜套餐/搬瓦工CN2 GIA方案推荐》
- 搬瓦工购买教程:《2022 最新搬瓦工购买教程:新用户注册账户、选择套餐、支付宝付款》
- 搬瓦工常规优惠码:BWHCGLUKKB
下面是更多搬瓦工推荐套餐。
方案 | 内存 | CPU | 硬盘 | 流量/月 | 带宽 | 机房 | 价格 | 购买 |
---|---|---|---|---|---|---|---|---|
KVM (最便宜) | 1GB | 2核 | 20GB | 1TB | 1Gbps | DC3 CN2 DC8 ZNET (购买后在后台迁移) | $49.99/年 | 购买 |
KVM | 2GB | 3核 | 40GB | 2TB | 1Gbps | $52.99/半年 $99.99/年 | 购买 | |
CN2 GIA-E (最推荐) | 1GB | 2核 | 20GB | 1TB | 2.5Gbps | DC6 CN2 GIA-E DC9 CN2 GIA 日本软银 JPOS_1 联通荷兰 EUNL_9 | $49.99/季度 $169.99/年 | 购买 |
CN2 GIA-E | 2GB | 3核 | 40GB | 2TB | 2.5Gbps | $89.99/季度 $299.99/年 | 购买 | |
HK | 2GB | 2核 | 40GB | 0.5TB | 1Gbps | 中国香港 CN2 GIA | $89.99/月 $899.99/年 | 购买 |
HK | 4GB | 4核 | 80GB | 1TB | 1Gbps | $155.99/月 $1559.99/年 | 购买 | |
OSAKA | 2GB | 2核 | 40GB | 0.5TB | 1.5Gbps | 日本大阪 CN2 GIA | $49.99/月 $499.99/年 | 购买 |
OSAKA | 4GB | 4核 | 80GB | 1TB | 1.5Gbps | $86.99/月 $869.99/年 | 购买 |