Knowledgebase

Eleven2 Outage

Posted by JenniH, 11-13-2006, 06:27 PM
We have a small site with these guys.... but it appears to be down... and we cannot get to them. On eleven2.com, Alerta gives: 11/13/2006 17:22:29 Atlanta USA Error N/A 30.00 N/A 11/13/2006 17:22:29 Orlando USA Error N/A 30.00 N/A 11/13/2006 17:22:29 Frankfurt GERMANY Error N/A 30.00 N/A 11/13/2006 17:22:29 Chicago USA Error N/A 29.99 N/A 11/13/2006 17:22:29 London UK Error N/A 29.99 N/A 11/13/2006 17:22:29 Oklahoma City USA Error N/A 30.07 N/A A traceroute gives: Hop T1 T2 T3 Best Graph IP Hostname Dist TTL Ctry Time 1 0 0 0 0.7 ms 66.36.240.2 AS14361 HOPONE-DCA c-vl102-d1.acc.dca2.hopone.net. 255 US Unix: 22:24:46.658 2 0 0 1 0.8 ms [+0ms] 66.36.224.249 AS0 IANA-RSVD-0 gec3.core2.dca2.hopone.net. 0 miles [+0] 254 US Unix: 21:54:26.675 3 3 5 2 2.6 ms [+1ms] 66.36.224.169 AS0 IANA-RSVD-0 gi1-0-0.ar2.wdc2.gblx.net. 0 miles [+0] 252 US Unix: 22:24:18.390 4 45 32 32 32 ms [+29ms] 67.17.70.30 AS3549 GBLX pos1-0-0-155m.ar1.hou1.gblx.net. 0 miles [+0] 252 US Unix: 22:24:18.400 5 42 38 38 37 ms [+5ms] 67.17.211.130 AS3549 GBLX internap-ken-schmid.pos10-0-0.ar1.hou1.gblx.net. 0 miles [+0] 242 US Unix: 22:24:18.478 6 44 37 37 37 ms [+0ms] 216.52.168.81 AS13791 INTERNAP-BLK3 border8.ge3-0-bbnet2.hou.pnap.net. 0 miles [+0] 242 US Unix: 22:24:18.532 7 46 38 39 38 ms [+0ms] 216.52.170.50 AS13791 INTERNAP-BLK3 vericenter-2.border8.hou.pnap.net. 0 miles [+0] 241 US Unix: 22:24:18.565 8 80 40 41 40 ms [+1ms] 65.38.110.84 AS20183 VERICENTER ip-65-38-110-84.hou.vericenter.com. 0 miles [+0] 240 US Unknown: 831ebfe8 9 * 40 40 40 ms [+0ms] 65.38.104.252 AS20183 VERICENTER hou1-edge1.eleven2.com. 0 miles [+0] 47 US [Router did not respond] 10 59 41 40 40 ms [+0ms] 65.38.104.126 AS20183 VERICENTER nfrwy1-core2.eleven2.com. 0 miles [+0] 13 US [Router did not respond] 11 * * * 40 ms [+0ms] [Unknown] [Unknown - Firewall did not respond] 0 miles [+0] 12 * * 40 40 ms [+0ms] 65.38.105.10 AS20183 VERICENTER [Reached Destination][Timeout] 0 miles [+0] 46 US [Router did not respond Has anyone had any better luck getting in touch with them? Any idea what is going on there?
Posted by JenniH, 11-13-2006, 06:59 PM
I have managed to get broken access to their status page before it went again. It says the following: -------------------------- Update - 4:25PM - We had the attack fully fixed for about 2 hours, it is now back, we are working to get this fixed with our upstream providers and should have a update for you shortly. Update - 11:09Am - The attack is still going, its very small, but still coming, we went ahead and blocked the IP ranges of 80.0.0.0-89.0.0.0 which is part of Europe and Israel where the attacks are coming from. Our upstream providers are still working to get things mitigated here. About 30 min ago we started suffering a DDOS attack on our network. This attack is too large for us just to blokc a single or a few IPs, so our upstream providers, Internet and MCI are working to mitigate the attack as we speak. ------------------------------- It has the 12th on there as the date.... although today is the 13th.... so who knows. This certainly feels like a DDOS attack in terms of getting through only now and again. Jenni
Posted by MSV_AR, 11-14-2006, 12:50 AM
maybe "your mom's" site was the one being attacked. http://img222.imageshack.us/img222/8659/yourmomwj0.png
Posted by JenniH, 11-20-2006, 05:40 PM
Oh dear... it looks like it's happening again. Hop T1 T2 T3 Best Graph IP Hostname Dist TTL Ctry Time 1 0 0 0 0.6 ms 66.36.240.2 AS14361 HOPONE-DCA c-vl102-d1.acc.dca2.hopone.net. 255 US Unix: 21:36:12.136 2 1 3 0 0.8 ms [+0ms] 66.36.224.249 AS0 IANA-RSVD-0 gec3.core2.dca2.hopone.net. 0 miles [+0] 254 US Unix: 21:05:51. 6 3 2 1 2 1.9 ms [+1ms] 66.36.224.169 AS0 IANA-RSVD-0 gi1-0-0.ar2.wdc2.gblx.net. 0 miles [+0] 252 US Unix: 21:35:44.954 4 44 32 32 32 ms [+30ms] 67.17.70.30 AS3549 GBLX pos1-0-0-155m.ar1.hou1.gblx.net. 0 miles [+0] 252 US Unix: 21:35:45. 1 5 55 45 38 37 ms [+5ms] 67.17.211.130 AS3549 GBLX internap-ken-schmid.pos10-0-0.ar1.hou1.gblx.net. -1 miles [+0] 0 miles [+0] 242 US Unix: 21:35:45. 71 6 45 39 37 37 ms [+0ms] 216.52.168.81 AS13791 INTERNAP-BLK3 border8.ge3-0-bbnet2.hou.pnap.net. -1 miles [+0] 0 miles [+0] 242 US Unix: 21:35:45.103 7 45 37 38 37 ms [+0ms] 216.52.170.50 AS13791 INTERNAP-BLK3 vericenter-2.border8.hou.pnap.net. -1 miles [+0] 0 miles [+0] 241 US Unix: 21:35:45.154 8 46 40 39 39 ms [+2ms] 65.38.110.84 AS20183 VERICENTER ip-65-38-110-84.hou.vericenter.com. -1 miles [+0] 0 miles [+0] 240 US [Router did not respond] 9 * 40 * 40 ms [+0ms] 65.38.104.252 AS20183 VERICENTER [Timeout] 0 miles [+0] 47 US [Router did not respond] 10 45 43 * 42 ms [+2ms] 65.38.104.126 AS20183 VERICENTER [Timeout] 0 miles [+0] 13 US [Router did not respond] 11 * * 42 42 ms [+0ms] 65.38.105.10 AS20183 VERICENTER [Reached Destination][Timeout] 0 miles [+0] 46 US [Router did not respond] And out time outs bear all the hallmarks of another DDOS.
Posted by layer0, 11-20-2006, 05:59 PM
You cannot derive that the problem is a (D)DoS from that traceroute. The box itself appears offline, doesn't mean it's (D)DoS.
Posted by JenniH, 11-20-2006, 06:03 PM
Alerta gave down from every location, as did proxies we tried. The sites loaded sometimes.... very very slowly, and then not at all. Then occasionally normally. These from my experience are hallmarks of such an attack. Regardless of the cause, access to our sites, and eleven2 is limited.
Posted by JenniH, 11-20-2006, 06:23 PM
We seem to be back again now.... I hope we do get an explanation from them. There is nothing posted on their status board yet.
Posted by JenniH, 11-21-2006, 06:12 PM
It was apparently a "congested pipe". Right... The bad news: down again today: 11/21/2006 17:08:13 Atlanta USA Error N/A 29.99 N/A 11/21/2006 17:08:13 Orlando USA Error N/A 30.00 N/A 11/21/2006 17:08:13 Chicago USA Error N/A 29.99 N/A 11/21/2006 17:08:13 London UK Error N/A 30.00 N/A 11/21/2006 17:08:13 Frankfurt GERMANY Error N/A 29.99 N/A 11/21/2006 17:08:13 Oklahoma City USA Error N/A 30.01 N/A Yes, I think we have just about had enough of this now. Far too bumpy.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
i need a good reseller hosting. help! (Views: 585)
A decent Intrustion detection system. (Views: 640)
URPAD (K-disk, Root Level, FTNHosting) SUSPENDED a PAID hosting without BACKUP (Views: 545)
Enom DNS down? (Views: 617)
alphaomegahosting, linkstream, resellerspace (Views: 591)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.