rssLink RSS for all categories
 
icon_red
icon_green
icon_red
icon_red
icon_blue
icon_green
icon_green
icon_red
icon_red
icon_red
icon_orange
icon_green
icon_green
icon_green
icon_green
icon_blue
icon_green
icon_orange
icon_red
icon_green
icon_red
icon_red
icon_green
icon_red
icon_red
icon_red
icon_red
icon_orange
icon_green
 

FS#4893 — FS#8823 — vac1 http auth

Attached to Project— Anti-DDoS
Maintenance
Whole Network
CLOSED
100%
When an IP is on the VAC:

For a few days there has been some strange
occurences when a HTTP connects to a redirect in WEB requests

$ telnet 176.31.184.175 80
Trying 176.31.184.175...
Connected to 176.31.184.175.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /

Connection closed by foreign host.

According to research, this is relates to
a type of protection against attacks
that is done via a web redirection:
a browser does the redirection without problem
and the SRC IP is whitelisted.
However, when an attack script ot a robot does not
know how to do the redirection, it is blacklisted.

We have not activated this on the VAC (arbor). Bug.
To fix it, we have activated then deactivated this option.
Now it is no longer active. Bug confirmed and fixed.
Date:  Tuesday, 13 August 2013, 16:04PM
Reason for closing:  Done
Comment by OVH - Tuesday, 18 June 2013, 10:58AM

The option automatically reactivates itself after a few minutes,
without any intervention on the box.
We are consulting the arbor tech staff.


Comment by OVH - Tuesday, 18 June 2013, 10:59AM

~$ telnet 37.187.45.107 80
Trying 37.187.45.107...
Connected to 37.187.45.107.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /

Connection closed by foreign host.

we activate and deactivate the option

~$ telnet 37.187.45.107 80
Trying 37.187.45.107...
telnet: Unable to connect to remote host: Connection refused


~$ telnet 37.187.45.107 80
Trying 37.187.45.107...
telnet: Unable to connect to remote host: Connection refused


a few minutes later:

~$ telnet 176.31.224.187 80
Trying 176.31.224.187...
Connected to 176.31.224.187.
Escape character is '^]'.
GET / HTTP/1.0
HTTP/1.1 302 Found
Connection: close
Pragma: no-cache
cache-control: no-cache
Location: /

Connection closed by foreign host.

we activate and deactivate the option.

~$ telnet 176.31.224.187 80
Trying 176.31.224.187...
telnet: Unable to connect to remote host: Connection refused


~$ telnet 176.31.224.187 80
Trying 176.31.224.187...
telnet: Unable to connect to remote host: Connection refused


Comment by OVH - Wednesday, 19 June 2013, 08:26AM

we are testing a workaround.

It was implemented.


Comment by OVH - Wednesday, 19 June 2013, 08:27AM

We had the confirmation of many customers that the problem is fixed.