InBoxRevenge KS Forum

Site is up as of 7:07pm, Nov. 5th, 2009

Let's see how long that lasts.

SiL

Though the site is running, it is still under a heavy DDOS attack.

Users should watch announcements on other inboxrevenge sites (Twitter, blogs etc) for updates.

Access is being limited to protect the system.

Quick update:

Site is still under a very large-scale attack as I write this. For the moment web access is limited to a small range of known IP's, all others are denied.

More info as we get it.

SiL

Further update: It appears that (for now) the attack has subsided. It's unknown why.

Red and I are examining logs. More as we get it.

SiL

how is the site doing with deflecting these attacks?

I don't know if you all recall, but on the old CastleCops "DDoS" Forum, an user, can't remember who off hand, wrote a thread/how-to, including PDF howto, on how to defend against DDoS attacks using PeerGuardian2 (if on Windows) or "moblock" on a server/machine running Linux or other variant.

http://www.wakeupyouidiots.com/Logs2List.zip contains the source code for the "Logs2List" file, the PDF "readme", and the source code. PG2/Moblock aren't included but are both opensource, and available from sourceforge.

Castlecops' motto was "We will not be silenced," and they fought like hell to keep the forum available. They suffered such a severe DDoS (2 GB/sec) that their hardware was damaged.

We're not trying to prove we can fight some spammer with a massive botnet head on. They've got enough firepower to shut down the forum. No arguments there. When they attack us, we just shut down the server and continue to communicate off-line. Then we come back when they get bored.

We are taking advantage of other venues like blogspot, live.com, wordpress, twitter, etc. to post information publicly. I encourage other members to participate in these alternate forums by posting comments on those sites. Taking out Google, Microsoft and the other massive players all at once would be a much bigger accomplishment, and if they try it, it will achieve the goal of attracting much more law enforcement attention to their attacks.

I'd like to add that although I would love to be running Logs2List, it is a windows-only binary. Our server is, of course, a Unix server, so in real time that is not a good solution.

The past several attacks have led to a very large number of IP's being logged and added to our firewall. It's also led to some diligent reporting to their ISP's, since they all appear to be infected hosts. I know that's an uphill battle, but one never knows.

I'm sure we'll see more. Anytime anything bad happens to the criminals behind these activities, they automatically assume that we are behind it. That's not necessarily a bad thing.

SiL

Yea, that is quite odd :) He "advertises" the logs2list deal for multiple O/S, but yea, you'd need a way of either, running the executable in a NIX environment, or porting all the *NIX logs to a Windows machine to allow logs2list to do it's "churning" :)

The concept looks neat, basically, long list of "never block" IP addresses/ranges (basically, those of active members/posters/users) and then the "always block" list, of repeat offenders/attackers, and it sorts them accordingly.

and yea, I do have the various blogs favorited, and also in my Google Reader for updates; but honestly don't use the reader much, unless I get the error message about the forums offline, then I go to Google Reader and get the news :)