audrey

Well-Known Member
Oct 18, 2006
104
4
168
Hi

There is a Google+ flaw allows hackers to execute DDoS attacks using Google servers
and one of my servers is experiencing this type of DOS attack

It is a constant attack - been going on for over 18 hours

I see lots of entries in
/usr/local/apache/domlogs
for the site under attack
like this - all referencing the same Google IP
66.249.73.196 - - [28/Oct/2013:08:04:00 -0400] "GET /name.html
HTTP/1.1" 404 - "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.h
tml)"

I blocked the IP 66.249.73.196 in the CSF firewall and in the IP deny manager in cPanel for the site
Neither of these blocks helped at all.

Any advice would be appreciated

Thanks
Audrey
 

MissionTech

Registered
Nov 2, 2013
1
0
1
cPanel Access Level
Root Administrator
If the flood is bigger than your port size it doesn't matter what software you got, is your site offline? If the attack continues your datacenter may null route your connection

- - - Updated - - -

The user may be spoofing a flood from google's servers anyway