NeoProtect down
Looks like they ate a massive attack and Datapacket(their only upstream that was also used for mitigation of large attacks) has nullrouted them. All locations are down, and downstreams are affected.
Last update:
https://bgp.tools/as/199414
https://status.neoprotect.net/incidents/kdmtx0wk3h1l
Comments
I've never used Neoprotect or any services like them so excuse my ignorance, but do they just rely on CDN77/DP for volumetric mitigation? I always assumed they had their own filtering and could use any upstream.
Edit: There's many large dedicated server companies like Limestone that use Neoprotect, I'm guessing that means all of the clients of those datacenters/server providers that have IPs for mitigation are also down eh, pretty bad situation to be in.
For them to get dropped from CDN77/DP is surprising. I use them in Singapore and they've eaten multi-terabit attacks against some of my clients with no problems.
ExtraVM - KVM NVMe VPS in USA, EU, APAC -|- RackColo - Find Colo - Discord: mikea (DM before adding)
They use them for pre-filtering basically, they have their own filtering for more sophisticated and application layer attacks, but all these big attacks are tanked by DP.
NeoProtect doesn't have much of their "own" capacity, they heavily rely on Datapacket filtering large attacks.
They have updated their status with this, now
Spicy, now they know a few TB's will make the BGP sessions drop.
It doesn't even have to last for one hour to take them down for 1 day or more.
Free NAT KVM | Free NAT LXC
To be fair, I don't blame Datapacket for dropping them at all, realistically NeoProtect are a small customer abusing the fuck out of DP's dirt cheap, large capacity ddos protection.
Datapacket charges only $100 for their "advanced" protection, that they use all the time to tank massive attacks, its their entire business model.
As i said, they had little of own capacity, and only filtered what wasn't already filtered by DP protection.
Afaik these recent attacks caused issues for the whole Datapacket infra.
It reminds me of TCPShield getting kicked out of OVH recently, because entire Miami location was having issues due to their attacks. It operated in a similar fashion, abusing low-cost mitigation.
Edit: I have no idea if NeoProtect also paid $100 per location, like I was quoted, they could have some special agreement that I'm not aware of, but judging by how this situation was handled, I doubt it.
So you telling me, they gonna Deadpool next week?
Free NAT KVM | Free NAT LXC
Afaik pretty much their all infra was just dedis from Datapacket, rented. So if they were to get kicked out entirely, I could see it being a massive issue, larger than it already is.
Still down, 16h and counting. So are many of their downstreams, which appeared to be singlehomed with NeoProtect.
No further updates have been posted to their status page.
Latest update: they've been completed booted by CDN77.
https://status.neoprotect.net/incidents/kdmtx0wk3h1l
The Ultimate Speedtest Script | Get Instant Alerts on new LES/LET deals | Cheap VPS Deals | VirMach Flash Sales Notifier
FREE KVM VPS - FreeVPS.org | FREE LXC VPS - MicroLXC
Sucks, we all benefit from more DDoS protection providers, but its completely reasonable for DP to pull the plug considering the issues these attacks brought.
Hopefully their backup "game protection" infra at OVH won't get targeted, as they would also get kicked out from there.
I would love to see their on-premise offering be competitive to something like Wanguard, there is even less of good on-premise mitigation companies, than remote.
R.I.P NeoProtect
Bad news for all other DDOS protection providers that use CDN77/DP ?