Metasploit DDoS Redux

Feb 13, 2009
1 min read
Rapid7

Last updated at Wed, 07 Feb 2024 21:32:47 GMT

The good news is that the DDoS against the Metasploit web servers has stopped, the bad is that I won't have time to go into the details of the attack and the mitigation methods until next week. All Metasploit services should be operational again, please let me know if you find something broken. I would like to thank everyone who offered us assistance during the attack, without their help this would have been much more frustrating.

The bandwidth graph for the affected period can be seen below. The green represents packets coming out of our server, the blue represents the incoming . The thin line of blue is the DDoS stream (full connection attempts against port 80); we swapped DNS records around to redirect the stream elsewhere during the majority of the attack. From Monday night until Thursday afternoon, there was a 15Mbps flood of SYN requests pointed at our A records for www.metasploit.com and metasploit.com.

Metasploit DDoS Redux

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Metasploit DDoS Redux

POST TAGS

SHARING IS CARING

AUTHOR

Topics

Popular Tags

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.

Never miss a blog