The Battle of Beijing

At my current job, I take care of all things systems. That’s infrastructure, security, networking, in-house desktop support, and automation.  That’s a lot, I know, but someone has to do it.  Nonetheless, it’s a great job.  I’ve had a lot of jobs in my life, and this one is definitely top three.  That being said, there are a bunch of a-holes in China making my life very hard right now by constantly running DDOS (dynamic denial of service) attacks against our IP address space. They particularly like to target our Joomla and WordPress sites. I’ve been fighting with them off and on for a few weeks now, but this morning, they launched the mother of all attacks against us.  This was a geographically distributed, multi-datacenter DDOS attack.  They were using in excess of 100 IPs in separate subnets scattered across at least five countries.  So how did I fix this?  Let’s get into it.

Continue reading