Last visit was: Sat Jul 05, 2014 5:00 pm
It is currently Sat Jul 05, 2014 5:00 pm

Nov. 2009 DDOS update


All times are UTC - 5 hours [ DST ]


 [ 8 posts ] 
Author Message
 PostPosted: Thu Nov 05, 2009 8:08 pm   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
Site is up as of 7:07pm, Nov. 5th, 2009

Let's see how long that lasts.

SiL


Top
 Profile  
 PostPosted: Thu Nov 05, 2009 9:14 pm   
You are kiillllling-a my bizinisss!
User avatar

Joined: Tue Jun 27, 2006 2:01 am
Posts: 9227
Though the site is running, it is still under a heavy DDOS attack.

Users should watch announcements on other inboxrevenge sites (Twitter, blogs etc) for updates.

Access is being limited to protect the system.


Top
 Profile WWW  
 PostPosted: Tue Nov 17, 2009 12:25 pm   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
Quick update:

Site is still under a very large-scale attack as I write this. For the moment web access is limited to a small range of known IP's, all others are denied.

More info as we get it.

SiL


Top
 Profile  
 PostPosted: Tue Nov 17, 2009 4:03 pm   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
Further update: It appears that (for now) the attack has subsided. It's unknown why.

Red and I are examining logs. More as we get it.

SiL


Top
 Profile  
 PostPosted: Sat Nov 28, 2009 1:25 am   
Spammer Killing Machine
User avatar

Joined: Thu Apr 03, 2008 4:33 pm
Posts: 590
Location: Florida
how is the site doing with deflecting these attacks?

I don't know if you all recall, but on the old CastleCops "DDoS" Forum, an user, can't remember who off hand, wrote a thread/how-to, including PDF howto, on how to defend against DDoS attacks using PeerGuardian2 (if on Windows) or "moblock" on a server/machine running Linux or other variant.

http://www.wakeupyouidiots.com/Logs2List.zip contains the source code for the "Logs2List" file, the PDF "readme", and the source code. PG2/Moblock aren't included but are both opensource, and available from sourceforge.

_________________
SpamPoison


Top
 Profile  
 PostPosted: Sat Nov 28, 2009 1:39 am   
You are kiillllling-a my bizinisss!
User avatar

Joined: Thu Mar 01, 2007 3:01 am
Posts: 5915
Castlecops' motto was "We will not be silenced," and they fought like hell to keep the forum available. They suffered such a severe DDoS (2 GB/sec) that their hardware was damaged.

We're not trying to prove we can fight some spammer with a massive botnet head on. They've got enough firepower to shut down the forum. No arguments there. When they attack us, we just shut down the server and continue to communicate off-line. Then we come back when they get bored.

We are taking advantage of other venues like blogspot, live.com, wordpress, twitter, etc. to post information publicly. I encourage other members to participate in these alternate forums by posting comments on those sites. Taking out Google, Microsoft and the other massive players all at once would be a much bigger accomplishment, and if they try it, it will achieve the goal of attracting much more law enforcement attention to their attacks.


Top
 Profile  
 PostPosted: Sat Nov 28, 2009 11:39 am   
Site Admin
User avatar

Joined: Tue May 09, 2006 9:18 am
Posts: 5022
I'd like to add that although I would love to be running Logs2List, it is a windows-only binary. Our server is, of course, a Unix server, so in real time that is not a good solution.

The past several attacks have led to a very large number of IP's being logged and added to our firewall. It's also led to some diligent reporting to their ISP's, since they all appear to be infected hosts. I know that's an uphill battle, but one never knows.

I'm sure we'll see more. Anytime anything bad happens to the criminals behind these activities, they automatically assume that we are behind it. That's not necessarily a bad thing.

SiL


Top
 Profile  
 PostPosted: Sat Nov 28, 2009 1:20 pm   
Spammer Killing Machine
User avatar

Joined: Thu Apr 03, 2008 4:33 pm
Posts: 590
Location: Florida
Yea, that is quite odd :) He "advertises" the logs2list deal for multiple O/S, but yea, you'd need a way of either, running the executable in a NIX environment, or porting all the *NIX logs to a Windows machine to allow logs2list to do it's "churning" :)

The concept looks neat, basically, long list of "never block" IP addresses/ranges (basically, those of active members/posters/users) and then the "always block" list, of repeat offenders/attackers, and it sorts them accordingly.

and yea, I do have the various blogs favorited, and also in my Google Reader for updates; but honestly don't use the reader much, unless I get the error message about the forums offline, then I go to Google Reader and get the news :)

_________________
SpamPoison


Top
 Profile  
 [ 8 posts ] 

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: Bing [Bot], Wayback machine and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Style originally created by Volize © 2003 • Redesigned SkyLine by MartectX © 2008