Warning: Possible IP Enumeration Attack

I'm observing a very strange pattern of DDoS attacks at a large hosting provider. This particular provider has a colorful history, if you are running a market or any other hidden service and you host with them, you know what I'm talking about.

The attacks have been happening for the past 3 hrs in a "hit and run" fashion, about 50Gbps in size which is nothing to scoff at. The worrying part of this is the attacks are very short lived and are hitting sequential IPs in a range, not a pattern you typically see from your run of the mill attacker. This pattern could be someone trying to correlate downtime of a certain IP to the downtime of their target hidden service.

Could be nothing, just a heads up.


Comments


[6 Points] None:

OVH?

I'm totally convinced that something very serious is going on. This is not amateur hour. I half-jokingly suggested a deanon attack a few days ago but I think it's time to start being serious about it.


[2 Points] MitalikaSucks:

SO basically, the markets store themselfs in absolutely legit hostings, but the hostings just do not know what is running on the server ?


[2 Points] coffeencreme:

Do you think it's all LE trying to locate someone's server?