Are any of you using DataWeb Global Group B.V. as an Internet Service Provider? It's based in Ashburn, Virginia. It seems to be a legitimate ISP and hosting company, but a lot of the DDOS attack pings that we've been getting over the past few days is coming from there. That doesn't mean that the company itself is involved. More likely, someone has hacked their way into accounts from that ISP and are using them in DDOS attacks, or something on that order. I wouldn't know how to do that myself so I won't pretend to fully understand it. The reason I am asking is that I am thinking of blocking large chunks of ISP numbers assigned to DataWeb Global Group but I don't want to block anyone who is actually a member here.
I don't think so...my Hot Spot is through T-Mobile and the new one that should be arriving any day will be with Sprint from what I understand.
That's pretty much what it is. It's not as if there are thousands of actual people visiting the site. Wikipedia has a reasonably easy to understand definition of it.
I have a program that I use to check links on my own sites, and I also used it while reviewing web directories. It is an automated program that would quickly go through every page of a site, trying to follow every link that was there, then reporting back the ones that worked versus didn't work. I inadvertently crashed a couple of directories that didn't have enough resources/bandwidth to withstand even that one program. If thousand of these programs were to be run on the same site at the same time, that would be a DDOS attack, but the automated programs usually used are ones that have no legitimate purpose, but are intended simply to make superfluous requests, overloading the capability's of the site.
I've blocked a bunch of ISPs assigned to DataWeb Global Group. In a couple of days, I'll unblock them because it's unlikely that the next attack will come from the same place, and I am less likely to be blocking actual people that way. Given that an ISP might serve thousands of people, I wouldn't want to ban all of them because one of them was involved in a DDOS attack, particularly since he may not even be aware that his computer and connection was being used for that purpose.