04:17:44.106781 IP protected.hyperfilter.com.15557 > 저의.서버도메인.컴.domain: 472+ [1au] ANY? webpanel.sk. (40)
04:17:44.323050 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323053 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323056 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323059 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323062 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323065 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323067 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323070 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323074 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323077 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323080 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323085 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323088 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323091 IP protected.hyperfilter.com.11578 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323094 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323097 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323100 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323103 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323106 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323109 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323112 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323115 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323118 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323121 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323282 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323288 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.323291 IP protected.hyperfilter.com.35750 > 저의.서버도메인.컴.domain: 33926+ [1au] ANY? webpanel.sk. (40)
04:17:44.334728 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334736 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334739 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334742 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334745 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334748 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334751 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
04:17:44.334754 IP protected.hyperfilter.com.14774 > 저의.서버도메인.컴.domain: 64743+ [1au] ANY? webpanel.sk. (40)
이런게 수없이 찍히는데 하이퍼필터가 뭔가해서 봤더니 DDoS 차단 업체에요....
저 도메인은 조작된 것 ? 혹은 업체가 일부러 돈내라고 저러는 건가요?
지금도 간헐적으로 계속 간 보듯이 2700 p/s 정도 찍히네요 헐헐...
니 고객이 해킹 당해서, 나에게 DDoS 하고 있다고.
사이트 운영자나 고객이 우리 웹사이트는 보호가 필요하다고 하면 DNS 1차경로를 DOS 존에 넘겨줍니다. 즉 필터링 1차 지역이죠. 안전하다고 처리된 패킷이 다시 원래 서버로 갑니다. 즉 저건 정상이라는겁니다.
니 고객이 해킹이 아니고 저기서 걸러지고 걸러져서 정상적인 패킷을 본서버로 보내는 패턴인데 니 고객 해킹당했다?라고 하면 거기서 일하는 사람들의 비웃음 거리가 될겁니다. 옛날에는 같은 인프라에 방화벽이나 공격보호를 위한 장비가 위치가 제한적이였는데 클린존은 위와 같은 방법으로 패킷을 필터링 라우팅 해주는 역할이라고 보면 됩니다.
DOS 방어존이 1차구역이 되면 클라이언트 위치를 분석할 기회가 없어지므로 그런 부분은 감수해야 됩니다. 모든 패킷이 도스존 아이피 로그로 찍히기 때문입니다.