Re: Conerning The On Going Denial of Service Attacks Today. in Security

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 05 May 2008 00:14:14 EDT

anon :

specific geographical areas

.....need to be cut-off from the internet period I'd say.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 04 May 2008 08:32:37 EDT

Name Game : Follow up on the CNN DDOS Attack that never got enough steam.

DDOS Anniversary
»www.f-secure.com/weblog/archives···429.html

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 19:44:49 EDT

Name Game : :D

If the goal was 'behavior modifcation' they would not just be migitating..the goal is no longer being vulnerable. Bad guys will never go away unless you reach out and touch them..I see many contests out there..and many probes..and traps..so in case it is not clear..why are you looking in this thread on conditions to have them stop ?????

Start a new thread and either state how you would do this instead of looking for a room with a view. You have no idea what probes were really sent out..it's does not take a rocket scientist to know what software is running at the Host or the Board Software..there are published hacks all over the internet..and vulnerabilities discovered each day..
Risk assesment might give you the odds..but it won't stop or keep you safe..and asking that of any Board that is public like this one and even open to anon posts..takes that risk.
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 19:03:23 EDT

anon : Sorry if you found anything I wrote "unclear". I'll try to be clearer.

When did I profess answers? I stated that if one can't pinpoint the attacker, can't usually prosecute even if you know where it's coming from, and it costs you more money to defend against it than it does to initiate it, does that sound like a good cost/benefit equation to you? It doesn't to me.

Therefore, without disincentive, what stops someone with deep pockets from DDS'ing someone out of business? None that I can see yet. Bad publicity? Hardly a deterrent to those who don't care. Giving one the opportunity to better prepare against it? Perhaps, but it also gives them the opportunity to probe weaknesses.

So mitigating an attack, while extremely commendable, is still not a big disincentive. So I simply don't see yet, from all I've read, why would someone stop?

In case that wasn't clear, that's a question, not a point of view.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 17:38:28 EDT

Name Game : You could go to "War" with queenie.exe :D

»www.epinions.com/review/Raid_Ant···58019204

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 17:03:57 EDT

astirusty :

said by CallingItAsItIs :

I merely suggested that it would be a mistake to think that these people are dumb.

You didn't merely suggest it, you said: I think you make a grave mistake in thinking that these people are dumb.

said by CallingItAsItIs :

I merely suggested that if you can bring down a security site, even for brief periods, what better way to demonstrate that you a force to be reckoned with.

Well, what you "merely suggested" was pretty unclear (and not just to me).

said by CallingItAsItIs :

If one is constantly playing defense, you can blunt the attack, but that is hardly the same as winning the war.

Since you have brought the whole "constantly playing defense" subject up, I would like to know from you exactly what Offensive tactics you would suggest sites like DSLReports do? Baring in mind the Offensive tactics have to be legal and practical.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 16:04:21 EDT

mikenolan7 : I appreciate the efforts Justin, and others helping him, have put in to keep us informed. It's refreshing as a customer to be kept in the loop, and to be able to learn some things along the way. They have set an example that many other businesses would do well to follow. Thank you. :)

No DDOS recovery fee, right? :o

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 15:07:13 EDT

Name Game : Well you just saw them win one..the site here is back up despite the attack..and now it is stronger for the encounter..call it an exercise..call it a skirmish..but it is far from a war..and the owner was involved..calling some of the shots..not just letting the Host for the site wander through the action..and he even enjoyed being in the engineroom for the time necessary to call the shot..and he had help from others in the community.
And no need to hide it eh basement :D :D

These are his view on..security via obscurity ;)
»Re: ddos

no need for secrecy.

the current blacklist is

»/front/blackli···rted.txt

all were collected in the last 2 hours.
***************************************
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 14:54:12 EDT

anon :

said by astirusty :

Did I say I they were dumb? -- Nope --

I never stated that you "said" anything. I merely suggested that it would be a mistake to think that these people are dumb. There's a difference.

They are hardly as you indicated "pissing away their money", which implies a dumb action. How much does this cost them? Not much. How much impact can they have. Enough. They may be doing this on someone else's nickel, in which case they will continue just as long as they are paid. Or if it's their nickel, they'll do it just as long as they think it is in their interest.

said by astirusty :

I think the Umpire needs glasses. DSLR was unavailable to users for several short periods of time, but DSLR was NOT hacked or POWNed.

I never suggested that DSLR was hacked or owned. I merely suggested that if you can bring down a security site, even for brief periods, what better way to demonstrate that you a force to be reckoned with. That's a message. Whether it is their intended message, I can only surmise.

If one is constantly playing defense, you can blunt the attack, but that is hardly the same as winning the war.

How many wars are won on defense? Not many that I know of.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 12:57:40 EDT

astirusty :

said by CallingItAsItIs :

... but I call them as I see them. They've made their point to me that nothing is 100% secure, not even a security site.

I think the Umpire needs glasses. DSLR was unavailable to users for several short periods of time, but DSLR was NOT hacked or POWNed.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 12:48:28 EDT

astirusty :

said by CallingItAsItIs :

I think you make a grave mistake in thinking that these people are dumb.

Did I say I they were dumb? -- Nope --
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 12:19:47 EDT

Name Game :

said by CallingItAsItIs :

I don't like this any more than you do, but I call them as I see them. They've made their point to me that nothing is 100% secure, not even a security site.

You would have to be living under a rock to even "assume" that at anytime any site is safe..much less your own system..this is the internet...software..code..and any of it can be manipulate and humans by nature are always a target of "Social engineering"..it is just more high tech now.
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 12:06:52 EDT

Kiwi : DSLR reports is still secured. Let me do the honours of an analogy. A cop has to go between point A and B, at a point in the road there is a large tree across it, did the cop fail to progress to point B, yes, is the cop compromised; only stopped. Nothing wrong with him/her the car/bike, just the means to get to point B. The cop calls ahead :D

Nothing was breached here at DSLR reports.

Cheers

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 11:21:08 EDT

anon :

said by astirusty :

If the person(s) behind the DDoSing are financially wise; they will soon realize that they are pissing away their money.

I think you make a grave mistake in thinking that these people are dumb. I'd imagine that they know exactly what they're doing and have a good reason for it.

Don't underestimate your adversary.

As far as I can tell, there is little downside to this and only upside. You can only guess who they are (not exactly evidence), and even if you catch them, what then?

I don't like this any more than you do, but I call them as I see them. They've made their point to me that nothing is 100% secure, not even a security site.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 11:02:59 EDT

Kiwi : Duplicate.

Re: Conerning The On Going Denial of Service Attacks Today.

Mon, 21 Apr 2008 11:02:57 EDT

Kiwi : ..I'll disagree right back, these people rely on web sites to fool people into the release of valuable information and trojan placement. If their 'Business model' and sites are highlighted, that can only serve to destroy the hidden value of a wolf in sheep clothing.

It's really not about a DDoS attack on this site, it's that several valuable members here have high profiled a Mafia organization, not something these scum want. Or the end result of this attack would not have occurred in the first place.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 21:59:47 EDT

astirusty :

said by Steve :

... though it's curious to see you change your tone from "never" :-)

Change in tone? Whatever...
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 20:47:36 EDT

caffeinator :

said by Kiwi :

That would be like an investment, except now the publicity from this wee effort will actually do what turds don't want -High profiling.

I'd disagree. Everyone already knows about them. (in a general sense, of course)

But, what's a commonality to any business venture?

Selling a product/service and getting the word out.

AKA...Advertising. The 'ol "look what we can do" stuff.

We do that rather well with our high Google ranks and immediate rush of feedback from everyone from ElReg to Wilders. You can't pay for this kind of exposure.

People still talk about the attacks on GRC years later..in the Net, that's immortality..and in the right circles..profit.

Perhaps them doing this to BBR is just an excercise?

.02,

CaFF
--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 19:35:19 EDT

Its a Secret : I learned a long time ago never, ever say 'never'. Never is a long time... :p
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 19:32:36 EDT

Steve :

said by astirusty :

I disagree with the "often" part.

Your points are all thoughtful ones, though it's curious to see you change your tone from "never" :-)

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 19:06:22 EDT

astirusty :

said by Steve :

There is often profit from revenge: the lesson it gives others who might someday wish to engage in the avenged activity.

I disagree with the "often" part. That kind of revenge lesson has failure modes. It can cause people to be better prepared, it can cause people to rally, it can fail if others see the target survive.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 19:06:09 EDT

Kiwi : That would be like an investment, except now the publicity from this wee effort will actually do what turds don't want -High profiling.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 18:50:36 EDT

astirusty :

said by caffeinator :

Except that they aren't using their money or internet connections..that's the point.

I was going by the prior speculation that the person(s) had paid for the attack possibly via RBN. Even if it is their own BOT net, they are still wasting the BOT nets resources DDoSing DSLReports vs. its normal business ($$$) purpose.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 17:52:26 EDT

caffeinator :

said by astirusty :

If the person(s) behind the DDoSing are financially wise; they will soon realize that they are pissing away their money.

Except that they aren't using their money or internet connections..that's the point. They use mainly use compromised PC's. Thus, it's someone else's money.

Heck, they are probably making money off of the malware on there already.

:uhh:

--

My 9/11 Tribute..online since 9/14/01
Need an Avatar? Check out Wafen's Avatar Pages

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 16:38:04 EDT

Steve :

said by astirusty :

Rule #118 - There is no profit in revenge.

There is often profit from revenge: the lesson it gives others who might someday wish to engage in the avenged activity.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 15:20:51 EDT

astirusty :

said by Thug21 :

And admitting that DSLR owns them so they resort to such (DDos) nonsense. :)

Great point, I had never thought of it that way!
POWNed by their own obsession, I like it.

Maybe they should heed the wisdom from the Ferengi Rules of Acquisition:
Rule #118 - There is no profit in revenge.

--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 15:01:54 EDT

Thug21 : And admitting that DSLR owns them so they resort to such (DDos) nonsense. :)

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 14:56:41 EDT

jaykaykay : And pissing off a whole lot of users, regulars as well as welcome visitors! :)

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 14:36:18 EDT

astirusty :

said by GotGhosts :

said by justin :
I appreciate very much the support but please save your money there isn't any financial loss or deficit from this incident at least not one that I care about ...

I was long over due in showing my appreciation and support to dslreports. ...

If nothing else, the show of support/appreciation will let who ever is DDoSing DSLReports know that there is a Distributed Network of Supporters (DNoS) willing to help out. If the person(s) behind the DDoSing are financially wise; they will soon realize that they are pissing away their money.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 12:19:26 EDT

tahoejeff : thanks Justin, that answer makes me feel better. through all of this, my worry has been that you would decide all this trouble just isn't worth it, and take the site down. then i would have to find a REAL life.

don't let the bast*rds get you down!
--
The Geek Shall Inherit the Earth

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 11:52:16 EDT

Name Game :

said by mysec :

Last evening I looked up the IP for DSLR to try, and noticed a
strange entry in the query response -- the location:

Initiating server query ...
Looking up IP address for domain: dslreports.com
The IP address for the domain is: 209.123.109.180
….
The server returned the following response headers:
…
Date: Fri, 18 Apr 2008 20:22:55 GMT
…
Location: hxxp://www.dslreports.com?ddos=1
…
Query complete.

Any idea what this means, and why it would be included in an IP query?

»packetstormsecurity.org/distribu···fn3k.txt

How can DDOS traffic be detected by Network Intrusion Detection (NIDS)?
Pay close attention to this..
Anomaly 0:
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 03:11:39 EDT

TamaraB :
Sorry, My bad! I had hard coded my /etc/hosts to 209.123.192.190

Bob

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 03:08:46 EDT

TamaraB :

said by justin :

I'm only blocking IPs and most are eliminated now. Your IP isn't on it. Are you behind a proxy server with stale pages or something? I don't see why you can't connect. What does www.dslreports.com resolve to for your local DNS?

www.dslreports.com has address 209.123.109.175

Let me check what my resolver is set for. Ahhh 208.67.220.220

Same with Vz's at 151.203.0.84

Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here .

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 03:02:24 EDT

justin : I'm only blocking IPs and most are eliminated now. Your IP isn't on it. Are you behind a proxy server with stale pages or something? I don't see why you can't connect. What does www.dslreports.com resolve to for your local DNS?

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 02:56:46 EDT

TamaraB :

said by justin :

it was (is) some redirection chicanery to mitigate the attack.

Good move! Looks like you have had to block a few nets. FYI I am on a VZ DSL connection currently at 141.157.230.7. I can not connect to dslr via that IP, so am using TOR.

TOR is an option for users on blocked networks.

Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here .

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 00:21:05 EDT

Name Game : Uncle Max is taking all the fish in the net to the zoo so we can feed them to the seals. :D

Re: Conerning The On Going Denial of Service Attacks Today.

Sun, 20 Apr 2008 00:16:45 EDT

mysec : Thanks!

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 23:55:12 EDT

justin : it was (is) some redirection chicanery to mitigate the attack.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 23:55:02 EDT

cabana : If anyone has purchased toolpoints and they are not credited properly please let me know. With the instability of the site some of the auto crediting has been off - I am doing my best to keep an eye on them but don't hesitate to let me know if anyone needs a wand waved. :)

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 23:42:52 EDT

mysec : Last evening I looked up the IP for DSLR to try, and noticed a
strange entry in the query response -- the location:

Any idea what this means, and why it would be included in an IP query?

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 21:54:25 EDT

GotGhosts :

said by justin :

I appreciate very much the support but please save your money there isn't any financial loss or deficit from this incident at least not one that I care about and in some ways I'm having a good time down in the engine room.

I was long over due in showing my appreciation and support to dslreports. The recent problems reminded me of all the things I've learned on these forums so I did what I felt needed to be done.

Thanks!
--

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 21:47:03 EDT

La Luna :

Ahh, a true geek at heart! :)
--
10,939 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 21:43:10 EDT

justin : I appreciate very much the support but please save your money there isn't any financial loss or deficit from this incident at least not one that I care about and in some ways I'm having a good time down in the engine room.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 21:04:39 EDT

carpetshark3 : I wouldn't mind purchasing some points - but who is and how would I donate them to the site owner? This whole business is disgusting, altho if you weren't doing such a good job with help and education, you probably wouldn't be on someone's list.
Carpetshark

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:52:58 EDT

Wake2 : I purchased some tool points just yesterday to show my support,
and next payday will do the same thanks for the reminder.

Great website !

Wake

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:36:45 EDT

GotGhosts :

said by fatness :

I just bought a boatload of tool points.
(there's a boatload sale going on now)

Now is a perfect time to show your support to dslreports by purchasing some Tool Points.

Purchase *TOOL POINTS*

Thanks dslreports!
--

Re: ConCerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:32:00 EDT

EGeezer :

said by fatness :

Defining all workers who collect and study information for or with the government as "whitehats", who by the cowboy movie definition can do no wrong, is a bit of a stretch I'd say.

Thanks for making my point - I never defined all workers who collect and study information for the government as whitehats, but you stretched it out to that in your response.

Your response is exactly what I was referring to - dumping the whitehats who, often as volunteers and on their own nickel, work with the FBI or other law enforcement into the same pot as those who abuse the powers given them.

Edit - I'll also add that the colleagues I know from the private sector who work with in the area have never spent a second or a penny "studying the content of domestic phone calls of citizens, preventing disclosure of illegal government surveillance, etc".

--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:20:34 EDT

Its a Secret :

said by La Luna :

Are there coupons? :D

I missed the coupons?! Dayum!
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:14:27 EDT

fatness :

said by EGeezer :

Too often the white hats who do work with FBI or other law enforcement are often disparaged, even in this forum, as being ad hoc "government spies". It's little wonder that they aren't eager to share their information with the public.

Defining all workers who collect and study information for or with the government as "whitehats", who by the cowboy movie definition can do no wrong, is a bit of a stretch I'd say. How much of their effort, collectively, in man hours, is going into studying botnets used for spamming, phishing, identity theft, shutting down websites, etc., compared to how much of their effort, collectively, in man hours, goes into studying the content of domestic phone calls of citizens, preventing disclosure of illegal government surveillance, etc.?

There are people tasked by government with doing some of the wrong things, they're doing them, and they're not whitehats in my view.

However, that is another topic.

Since you got your opinion in on that matter, so did I. :)
--
Female monkeys often utter loud, distinctive calls before, during or after sex..

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:11:26 EDT

Cudni :

said by La Luna :

said by fatness :

I just bought a boatload of tool points.
(there's a boatload sale going on now)

Are there coupons? :D

they better be safe if there are ;)
»Is installing a Coupon Printer safe?

Cudni
--
"Mercifully, he hit him with the soft end of the pistol."
Help yourself so God can help you.
Microsoft MVP, 2006 - 2008

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:07:25 EDT

La Luna :

said by fatness :

I just bought a boatload of tool points.
(there's a boatload sale going on now)

Are there coupons? :D

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 20:01:59 EDT

fatness : I just bought a boatload of tool points.
(there's a boatload sale going on now)

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 19:56:24 EDT

Its a Secret : Just signed up for Premium... Love this site, and want to support it. Thanks to all here for their wisdom and advice!

Cheers!
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 19:50:08 EDT

Kiwi : Has happened on several occasions, few ever remember though ;) Less bother with those that may even input to security, I'm not politically minded; but one does notice a trend. I do security, I come here to relax, in the beginning I had the idea that this forum might like input. Coding is something I do understand and it's hard to bring this home after 8-12 hrs.

It's cool to have those that don't wear out, support others and it's notable that some have the time to inflect change. Kudos, but when someone or anyone attempts to 'Waste' their time and get knocked around here' there is a propensity to lay back.....

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 19:35:55 EDT

lilhurricane : Yes, purchase them, by all means.
Show support for this awesome site...then "pay it forward"...

[att=1]

There's always a member who is deserving..find one you'd like to gift it to :)

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 19:33:40 EDT

GotGhosts :

said by astirusty :

said by zed260 :

easyiest way to help is to buy tool points

Currently the system will let me buy tool points, but will not let me donate the tool points to justin . Maybe after everything is squared away, I will be able too?

Is there a way to donate tool points to justin for all his time and work dealing with this problem?
I would be more than happy to help out.
--

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 17:38:29 EDT

jig : there is some case law that uses the "interfering with a users interaction with their computer" standard, and "cyber terrorism" can get you some traction.

»en.wikipedia.org/wiki/Computer_c···errorism

there was a really good article, maybe a year or two back, about some on-line gambling sites being extorted with the use of extensive ddos bot nets. a guy was discussing how he was being paid by the owners to keep their sites up by hook or by crook. i'll see if i can find a link somewhere.

also:

said by EGeezer :

This is where private citizens have advantages that law enforcement doesn't. People like us can do more snooping without getting into trouble with the courts.

lets be clear. people like us CAN'T snoop without getting into trouble with the courts. we are subject to a bunch of privacy laws that apply to private party v private party type situations. period. you break the law, even if a prosecutor won't prosecute you for the crimes you've committed, that doesn't mean the guy you snooped won't take you to court and sue you civilly. yes, maybe it won't be easy to get a jury or a judge to be on the side of a criminal, but that's assuming you've been absolutely perfectly correct and didn't accidentally snoop on some innocent party who's hauled you into court. plus, even if prosecutors will let it slide (and they've shown in the past that they won't), judges get really pissed at vigilantes.

so, what you meant to say is this: "People like us can do more illegal snooping without having the resulting evidence excluded by the courts." That's pretty much the only benefit.

edit--> here are some links:

more than you ever wanted to know:

»staff.washington.edu/dittrich/misc/ddos/

the article i read about gambling sites (i think):

»www.wired.com/wired/archive/14.1···net.html

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 16:10:44 EDT

jaykaykay : I tried that. That one didn't seem to work as well as this one.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 14:19:53 EDT

Kiwi :

quote:
Too often the white hats who do work with FBI or other law enforcement are often disparaged, even in this forum, as being ad hoc "government spies". It's little wonder that they aren't eager to share their information with the public.

Or even other entities...

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 14:11:50 EDT

dannyboy 950 : I have to wonder if these attacks are strictly DOS attacks only.
I mean Dps attacks useually consist of units trannsmitting packets of useless data in massive amounts to overload the sites connection. I see no reason that some of thoes packets could not be code looking for exploits or other weeknesses. After all the site management will be lookking for ways to stem the tide and perhaps not watching other attack vectors as they normally would.

I mean talk about bragging rights. Some little unknown gets to say ; Hey I got me 3 top of the line security sites the other day. Wanna come and play?

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 13:46:49 EDT

EGeezer :

said by justin :

...
To identify the owner or owner(s) requires infiltration, a fairly long period of spying, and then the cooperation of local authorities, and finally a court that can accept electronic evidence from several countries..

The bolded part is the most frustrating for cybercrime LEOs.

...infiltration and spying parts require stuff that is against the law: snooping data without a warrant, obtaining and using the passwords to email, breaking and entering third party servers, asking ISPs to hand over data that isn't theirs to hand over, and so on.

This is where private citizens have advantages that law enforcement doesn't. People like us can do more snooping without getting into trouble with the courts. My experience and that of our little group in Central Ohio is that the TLA isn't going to ask us to do that stuff, but do explain the things that they can't do that we can as private citizens.

No surprise to me that US authorities haven't exactly had a string of successes against people not located in the states. Amateur sleuths who are themselves prepared to take the law into their own hands are far more a threat.

Too often the white hats who do work with FBI or other law enforcement are often disparaged, even in this forum, as being ad hoc "government spies". It's little wonder that they aren't eager to share their information with the public.

I've even seen those ridiculous publicly distributed reports that they are granted "licenses to kill" by the FBI, and supposedly intelligent people even believe it.

However, that is another topic.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 13:43:42 EDT

mikenolan7 : One answer could be that ISP's that no longer function as dumb pipes could be encouraged to help solve the problem. I'd prefer that they remain dumb pipes, but if they are acting as "concerned citizens", helping out the **AA, or data mining in order to increase their ad revenue, they should also be able to identify the zombied machines of their customers. From what I've seen in various forums, university IT groups have been pretty active in doing that.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 13:37:35 EDT

Name Game : Yes indeed La Luna...check this out

My notebook transfered itselfs in some kind of SPAM machine.

Posts: 1
Joined: Today, 07:53 AM
Member No.: 24207

No idea how it happend, buy my notebook seems to send thousands of

emails from the background every minute, which results my ADSL line to

block, and a router restart is required.

»gladiator-antivirus.com/forum/in···ry202828

And it is being posted to every security forum on the net and still going. :(
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 13:08:15 EDT

La Luna :

said by Blue2 :

I seem to remember reading that there was proposed legislation that would hold companies responsible when their PCs were compromised. So rather than go after the source of the attack, they'd hold companies/users responsible for insuring their networks are patched.....

Who is going to hold all the average Joe/Jane Publics responsible for their unsecured, zombied PC's that they are clueless about? IMO, they are the biggest problem.
--
10,939 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 12:54:53 EDT

Blue2 :

said by nil :

Best way to stop botnets is to make sure PCs are not so easily compromised.

I seem to remember reading that there was proposed legislation that would hold companies responsible when their PCs were compromised. So rather than go after the source of the attack, they'd hold companies/users responsible for insuring their networks are patched.

That seems similar to the convoluted logic in place in Italy where they try to control shops that don't pay taxes on sales (not ringing the sales on the register) by pursuing the consumer. It's the customer who is required to have a receipt when they leave a shop. The Italian fiscal authorities do spot checks and if you can't produce one, you get fined (and, yes, it does happen).

So, using the logic, I guess one could take down a few government sites and then blame THEM for not having the proper defenses in place.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 12:54:09 EDT

astirusty :

said by zed260 :

easyiest way to help is to buy tool points

Currently the system will let me buy tool points, but will not let me donate the tool points to justin . Maybe after everything is squared away, I will be able too?
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 12:50:48 EDT

Styvas :

said by justin :

Using my shaky ip to country map I get (count - country)

Turkey? Thailand? Russia? Indonesia? Poland? Romania? Hungry?

Yeah good luck getting any of those ISPs to do diddly!

None from Canada, eh!? Nice!!!

--
Check out the »Primus TalkBroadband VoIP FAQ.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 12:34:00 EDT

La Luna :

said by Name Game :

said by jaykaykay :

I had to use an alternate yesterday, but till now, nothing worked today.

Same with the wife..but I got her new batteries yesterday. Now every thing is back to normal.

»i271.photobucket.com/albums/jj13···mote.jpg

HA HA.... :hmm:

:)
--
10,925 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 12:11:38 EDT

Name Game :

said by jaykaykay :

I had to use an alternate yesterday, but till now, nothing worked today.

Same with the wife..but I got her new batteries yesterday. Now every thing is back to normal.

»i271.photobucket.com/albums/jj13···mote.jpg
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 10:23:45 EDT

nil : My uncle told me the other day (though a miserable skype connection, he was all pink) that unlimited bandwidth is coming to an end in Poland.
--
Life is too short to be boring

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 10:16:42 EDT

justin :

said by nil :

Best way to stop botnets is to make sure PCs are not so easily compromised. If they had to pay for the bandwidth involved in an attack, they would think twice about it.

yeah .. it isn't a coincidence that there isn't a single compromised PC from australia, where they meter bandwidth, (and i hardly see any open wifi networks here as well).

Using my shaky ip to country map I get (count - country)

Turkey? Thailand? Russia? Indonesia? Poland? Romania? Hungry?

Yeah good luck getting any of those ISPs to do diddly!

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 10:05:39 EDT

nil : Best way to stop botnets is to make sure PCs are not so easily compromised. If they had to pay for the bandwidth involved in an attack, they would think twice about it.
--
Life is too short to be boring

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 08:39:08 EDT

justin : the same risk/reward applies to generating vast amounts of spam. Which is why we get so much of it.

The few high profile cases of spammers are people based in the US.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 08:35:50 EDT

Blue2 : Which says to me that there's only upside in this equation with very little downside. Hence, without any means of dissuasion, it won't stop. Furthermore, even if a botnet doesn't take someone down, it can still force them to invest significant resources (time and money) fighting it, and then the attacker can simply pack up, move one and go back to their anonymous life.

So unless someone provides a disincentive, I don't see (strictly from a practical standpoint), why anyone would stop doing this. So one needs to find a way to make it cost THEM, either through legislation...or vigilantism, or you are constantly playing defense without knowing where the next attack will come from.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 08:06:18 EDT

justin : I don't want to encourage anyone but it is extremely difficult to prosecute someone for controlling a botnet.

To identify the owner or owner(s) requires infiltration, a fairly long period of spying, and then the cooperation of local authorities, and finally a court that can accept electronic evidence from several countries..

as you can imagine the infiltration and spying parts require stuff that is against the law: snooping data without a warrant, obtaining and using the passwords to email, breaking and entering third party servers, asking ISPs to hand over data that isn't theirs to hand over, and so on.

No surprise to me that US authorities haven't exactly had a string of successes against people not located in the states. Amateur sleuths who are themselves prepared to take the law into their own hands are far more a threat. But the ultimate penalty facing a bad guy (if you stay away from attacking the pentagon and whitehouse.gov etc) is therefore mostly having your carefully assembled botnet destroyed by an anonymous whitehat (or another botnet), and having to start all over again.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 07:57:20 EDT

Blue2 : Thanks jig for that thoughtful reply. It's just always helpful to know the resources of your adversary (technical proficiency, $ investment, time investment, etc.) to figure out the most efficient way to thwart their potential means of attack.

On can imagine that the 21st century will introduce cyberterrorism, and if a security forum can't protect itself, then how could a company who may be asked to pay up or be taken down? Now if they were to make a demand of some kind, or issue a threat, I imagine that one could call in the FBI.

However, from what I read, it isn't just difficult to track down the sources of DDoS attacks, but even when found, it's hard to prosecute them. I'm not sure this is classified as a criminal offense everywhere, e.g. a 2005 case in the UK indicated "It is unclear whether it is a criminal offence to overload and crash a company's email server, a UK court heard on Tuesday. »news.zdnet.co.uk/security/0,1000···8,00.htm

So one can imagine that this is only a taste of things to come.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 19 Apr 2008 05:51:04 EDT

jig :

said by Blue2 :

1. Is this DDOS attack "large"? Can one measure the size of an attack? Does it require the control of many machines? Does it cost?

2. Is it "sophisticated"? Can one tell by the type of attack how "professional" the attack is?

I'd just like to know if anyone can bring down a security site such as this, or if it takes significant resources, investment, planning and a lot of technical proficiency to pull it off?

Rather than call it "childish", are these people really just capable of pulling this off at will, no matter what steps are taken? If so, that's a formidable adversary, and I'm kind of surprised that political candidates, governments, Olympic hosts, the IRS, etc. aren't successfully knocked off line at will.

1) i don't know if it's large (though i bet it is); one with access can get an idea of the number of IPs that are sending packets and therein measure the size of the attack; a ddos generally requires either the control of lots of typical machines with typical internet access or a lesser number of industrial strength machines with very high bandwidth internet access. Of course, the larger the number of machines and the more widespread they are, the more effective the ddos is because it's harder to block without turning off the internet. cost depends. you can pay groups that run bot networks to take down a site, but the cost of creating the bot network... are we measuring it in klocs? lets just say it's somewhere north of zero.

2) i don't know if this one is sophisticated, but having read through some very nice technical descriptions of what justin and all have done to harden this site against typical ddos attacks, my guess is that it's pretty sophisticated... or very large, or both. each attack has tell-tale signs of how professional it is, but everything can be disguised.

to take dslr offline, my personal belief is that it takes a fair bit of technical proficiency. not so much investment, other than time, and probably not too many resources (beyond a bunch of zombified pcs). to take on something like a MS or google or yahoo or more, it either takes a huge amount of time to set up, or luck in finding an unknown zero day way of amplifying a less substantial attack.

this is a decent article:

»en.wikipedia.org/wiki/Denial-of-···e_attack
--
Catapultam habeo. Nisi pecuniam omnem mihi dabis, ad caput tuum saxum immane mittam.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 21:29:50 EDT

santy : Today is the first time I've had to use an alternate. I've always been able to sign in on the regular url until tonight. I can put up with a little sluggishness. Today I was just timing out unless I used the alternate addy.
--
You don't quit playing 'cause you're OLD. You're old BECAUSE you quit playing!!

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 21:22:23 EDT

jaykaykay : I had to use an alternate yesterday, but till now, nothing worked today.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 18:29:56 EDT

jadinolf :

said by newview :

RBN = Russian Business Network

»en.wikipedia.org/wiki/Russian_Bu···_Network

Nice bunch. :(
--
This post printed on 100% recycled bytes

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 18:09:12 EDT

newview : RBN = Russian Business Network

»en.wikipedia.org/wiki/Russian_Bu···_Network

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 18:04:19 EDT

Mele20 : What's TLA and RBN?

Wikipedia says TLA is a three letter acronym. I already know that...Google says Texas Library Association. Somehow, I don't think that is the right acronym! :p

RBN= Raunchy Broads Now! ??

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 17:38:46 EDT

Bubba17 :

said by La Luna :

Wow, I just had some fun getting here!! :mad:

I had to use an alternate, alternate, alternate, etc., address! This was the worst I've seen it since it started yesterday. :(

Yep .. +1.

I'm beginning to think now that 'someone(s)' are in severe need of an ass-whoop'n!
--
"Fast is fine, but accuracy is everything" --Wyatt Earp

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 16:39:23 EDT

La Luna : Wow, I just had some fun getting here!! :mad:

I had to use an alternate, alternate, alternate, etc., address! This was the worst I've seen it since it started yesterday. :(

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 15:00:29 EDT

Name Game : Yup.. too much lime it would clash with his mullet..

»www.partydomain.co.uk/d-commerce/page18.html

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:54:14 EDT

Steve :

said by mikenolan7 :

A "Men of the BBR Security Forum" shot in lime green Borat Speedo's would be sure to sell like hotcakes.

Clearly you've never met Link Logger or you would not suggest such a thing ;-)

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:42:03 EDT

Name Game :

said by astirusty :

said by Name Game :

Upcoming Chinese hacker attack on CNN building steam
»gladiator-antivirus.com/forum/in···1620&hl=

"many more Chinese sites, not just hacker, starting to call for the DDOS attack on CNN. Also they are starting to solidify their plans."

Hmmm, sounds like it is time for a few more ships to drop their anchors -- where they are not supposed to be. :p

There is always FOX. No big loss. :D :D
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:37:03 EDT

poacher 1rtd :

I've not had anyone demand anything, nor did they do so the last 3 attempts over the last 4 weeks - and I'm pretty sure each attempt is the same outfit.
.................................................
If they did demand I hope you would`nt pay or oblige them in any way, giving in to them is not the best form of security because they would keep returning for more.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:35:04 EDT

astirusty :

Hmmm, sounds like it is time for a few more ships to drop their anchors -- where they are not supposed to be. :p
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:20:45 EDT

Name Game :

said by justin :

It is nice to speculate but it honestly could be anyone for any reason. There are a LOT of botnets out there and apparently the average size is around 20k PCs with maybe 20% capable of being active at once. I'm sure the market price to direct a botnet at someone is pretty cheap: the botnet owner isn't wasting their own bandwidth after all!

I've not had anyone demand anything, nor did they do so the last 3 attempts over the last 4 weeks - and I'm pretty sure each attempt is the same outfit.

as i type this they seem to have called off their effort (perhaps because it wasn't making any difference?) but they'll probably come back again with another idea soon.

Sometime they give you a warning :(

Upcoming Chinese hacker attack on CNN building steam
»gladiator-antivirus.com/forum/in···1620&hl=

"many more Chinese sites, not just hacker, starting to call for the DDOS attack on CNN. Also they are starting to solidify their plans."

1. Attack will start on 19 April 2008, at 8:00 pm
2. DDOS attack on www.cnn.com
3. The DDOS attack is going to last over three hours
4. They need a large number of compromised computers to carry out the attack and are requesting everyone’s support in putting to together the number needed.

--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:11:18 EDT

mikenolan7 : Aha! Just the thought of a bunch of us in Speedo's sent them running for the nearest trash can. I think I'll write a white paper on this new DDOS defense. :D

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 13:05:44 EDT

Bubba17 :

said by mikenolan7 :

A "Men of the BBR Security Forum" shot in lime green Borat Speedo's would be sure to sell like hotcakes. :p

Not that I've anything against lime-green, mind-you .. but, I'm really partial to my trusty 'ol (broke-in real good!) black, SILK, 'uns.
--
"Fast is fine, but accuracy is everything" --Wyatt Earp

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:42:58 EDT

DownTheShore :

said by zed260 :

easyiest way to help is to buy tool points

I just did that today. :D
--
Life is simply one damned thing after another.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:39:40 EDT

SnowyOne :

said by SkiJunkie :

The security of the site has not been compromised , this was just an attack to slow down/take the site off line right ?

That's absolutely correct!

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:39:11 EDT

justin : It is nice to speculate but it honestly could be anyone for any reason. There are a LOT of botnets out there and apparently the average size is around 20k PCs with maybe 20% capable of being active at once. I'm sure the market price to direct a botnet at someone is pretty cheap: the botnet owner isn't wasting their own bandwidth after all!

I've not had anyone demand anything, nor did they do so the last 3 attempts over the last 4 weeks - and I'm pretty sure each attempt is the same outfit.

as i type this they seem to have called off their effort (perhaps because it wasn't making any difference?) but they'll probably come back again with another idea soon.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:37:03 EDT

SkiJunkie : The security of the site has not been compromised , this was just an attack to slow down/take the site off line right ?
--
»www.flickr.com/photos/skijunkie/

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:30:30 EDT

skyroket : Let's reverse it and make people pay to remove it from their "Favorite Forums" page or something like that, then.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:16:09 EDT

EGeezer :

said by mikenolan7 :

A "Men of the BBR Security Forum" shot in lime green Borat Speedo's would be sure to sell like hotcakes. :p

Me in Speedos .. Hmmm, that oughta make the girls run screaming for the nearest exit.
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 12:07:29 EDT

mikenolan7 :

said by Name Game :

said by DownTheShore :

There was talk about selling a hunks and honeys calendar of the various Forum Moderators.

Why limit it to just Mod's? A "Men of the BBR Security Forum" shot in lime green Borat Speedo's would be sure to sell like hotcakes. :p

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 11:38:03 EDT

EGeezer :

said by Name Game :

There was talk about selling a hunks and honeys calendar of the various Forum Moderators.

Now that's a thought!! Here's a good place to get that rolling :D

NOW!! The hottest techno-goddesses in your very own Geeks Illustrated Swimsuit calendar!
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 11:23:13 EDT

mikenolan7 : What benefit would a government entitity get from DDOS'ing this site? They probably consider sites like this to be beneficial to their efforts. The less crap on the internet, whether due to security or misconfiguration, the easier their jobs get. Plus, the site is unfriendly to black hat activities. A legitimate business such as an ISP would never take the risk of being caught, and if whoever is doing this is within the US, they probably will get caught. Whether or not you trust someone, you can usually count on them doing what's in their own best interests.

It's criminals doing it to make more money in some way, or someone with a grudge. If it's someone with a grudge, they are also foolish, since their actions are still criminal, yet they are doing it only to stroke their own ego.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 11:09:07 EDT

Name Game :

said by zed260 :

in my opionion the ppl whom would have the most reson to attack would probably be an isp exscpecly ones that have had bad news posted about them on this site

I think you are rounding up the wrong suspects on that theory.

»www.theregister.co.uk/2002/10/11···at_ddos/

»www.networkworld.com/edge/news/2···sps.html

»www.cisco.com/warp/public/707/newsflash.html
--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 11:07:40 EDT

Its a Secret :

said by tempnexus :

So take off the tinfoil hat.

Let's just say I don't have a lot of trust or faith in any governments to do the right thing anymore.
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 11:06:09 EDT

Bubba17 :

said by Name Game :

There was talk about selling a hunks and honeys calendar of the various Forum Moderators.

Uhhhhh huh! A great fund-raising idea!! Heck, could might throw-in some cookies with that calendar .. everyone has a half-ton of "almost" moldy Scout cookies they could contribute, don't they?
--
"Fast is fine, but accuracy is everything" --Wyatt Earp

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 10:48:55 EDT

zed260 : in my opionion the ppl whom would have the most reson to attack would probably be an isp exscpecly ones that have had bad news posted about them on this site

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 10:47:22 EDT

Name Game :

said by DownTheShore :

Is there anyway we can contribute monetarily to Justin & crew to get whatever specialized equipment/connections needed to help prevent DoS slowdowns in the future? If we all threw a few dollars their way, perhaps that would help?

(And no, I'm not looking for "private fund" suggestions, so don't you folks even start that. )

There was talk about selling a hunks and honeys calendar of the various Forum Moderators.

--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 10:32:54 EDT

EGeezer :

said by tempnexus :

This site is small fish when it comes to the big three letter organizations.

I agree that the TLAs wouldn't be shutting down the site. IMO the DoS is about money or ego on the part of moneymaking schemers who are being outed in other forums on the site. I believe there is at least one TLA in at least two nations involved, but it's on our side in this matter. Understand that this event is also a learning and discovery process for the good guys that will turn out to be useful in this and subsequent actions.

said by Its a Secret :

Perhaps this is more than the RBN...

I think it's The RBN or a similar decent sized operation with money to hire a good sized botnet for a substantial amount of time.

These characters are politically agnostic, so the actions are not a political motive. They act on money and to gain a perception of power, authority and ability to intimidate. As to an extortion effort, I would not expect Justin to say a word about that if it were the case. The site is still being hit, so obviously no money has been paid if it were one.

Disclaimer - these are strictly opinions and not a disclosure of fact. :)
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 10:32:08 EDT

zed260 : easyiest way to help is to buy tool points

as for me id gladly view ads on the site if it meant that wed be able to invest more

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 10:29:45 EDT

DownTheShore : Is there anyway we can contribute monetarily to Justin & crew to get whatever specialized equipment/connections needed to help prevent DoS slowdowns in the future? If we all threw a few dollars their way, perhaps that would help?

(And no, I'm not looking for "private fund" suggestions, so don't you folks even start that. )
--
Life is simply one damned thing after another.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 18 Apr 2008 00:08:33 EDT

tempnexus :

said by Its a Secret :

Perhaps this is more than the RBN: maybe a government agency or 3 as well? Sounds like a conspiracy theory until you look at the antics of all involved i.e. NAS, FBI, etc.

This forum has some of the best security minded people, and enough to stifle attacks. Kudos! But some may not want it that way. IMHO.

HEHEH not even close.
This site is small fish when it comes to the big three letter organizations.
The best security people are on the shadoweb aka botnet ran web.
Don't get me wrong I am not dissing anyones intelligence here, I am just saying that well as once said by someone famous to his understudy "Don't worry you are not important enough to assassinate." Basically their resources might be tied up in something more important then this site, and besides why would they attack white/grey hats? So take off the tinfoil hat.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 22:36:39 EDT

astirusty :

said by mikenolan7 :

It makes me wonder if it is an attempt to sharpen tools, by attacking sites that are best able to defend themselves. That way counter-measures can be examined in order to improve attack tools for use on juicier targets.

Possibly or preparations for an upcoming attack. One which involves DDoS on multiple sites that deal with security with the motivate being to disrupt security professionals who collaborate through those sites from being able to respond effectively to a much broader and more serious WWW attack.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 22:35:13 EDT

Its a Secret :

I think you're correct on this. They're just honing skills... More to come, folks.
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 22:23:40 EDT

La Luna :

said by Pentangle :

CastleCops is down again.

I've had no problem getting to CC. I was there earlier and I'm there now.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 22:21:34 EDT

PrntRhd : Yeah, it returned with a vengence tonight, thanks for the page with the secondary login Justin and all the people working to weather this DDOS.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 21:14:48 EDT

mikenolan7 : What is baffling is what does anyone think they are going to accomplish by scattered attacks lasting less than a day? They are not going to force DSLreports or Castle Cops to take their websites off the internet that way. It seems like it would be a complete waste of time or money for any organization. Sites that have been harmed by DDOS's in the past have been consistently attacked for days or weeks at a time. A warning shot makes no sense either, neither site is going to change their content due to this.

It makes me wonder if it is an attempt to sharpen tools, by attacking sites that are best able to defend themselves. That way counter-measures can be examined in order to improve attack tools for use on juicier targets.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 19:05:41 EDT

Its a Secret : Perhaps this is more than the RBN: maybe a government agency or 3 as well? Sounds like a conspiracy theory until you look at the antics of all involved i.e. NAS, FBI, etc.

This forum has some of the best security minded people, and enough to stifle attacks. Kudos! But some may not want it that way. IMHO.
--
A triple espresso, please...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 18:27:46 EDT

Name Game :

said by Pentangle :

CastleCops is down again.

Yup..You know what..this might be a far strech of the imagination..but each time DSLR has had these DDOS and then Castle Cops...I see in the "whats the top URL's currently searching forums" this in the top ten
»www.spywareterminator.com/commun···ter.aspx

and they also have castle cops as a link. plus a few other forums that have be attacked.

Trackback
»/trackback/50865793

Inbound traffic to (/forum/security) seen today.
10 »my.yahoo.com/
4 »www.wilderssecurity.com/showthre···t=205846
3 »www.freebyte.com/antivirus/
2 »www.freebyte.com/security/
1 »forum.computeridee.nl/showthread.php?t=29642
1 »www.misec.net/forum/board/Malware/1122940372
1 »www.website-analyst.co.il/home_p···ity.html
1 »www.spywareterminator.com/commun···ter.aspx
1 »www.wilderssecurity.com/showthre···t=100268
1 »www.justbroadband.org/forum/security
1 »www.wilderssecurity.com/showthre···=Reports

--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 18:15:28 EDT

Pentangle : CastleCops is down again.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 18:04:32 EDT

La Luna : If you read through the threads in the Bugs forum, on this and the previous attacks, you will get some information as Justin posted there.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 18:02:12 EDT

Blue2 :

said by jig :

with a large and sophisticated enough DDOS attack, it doesn't matter how much hardware you own or what group of IPs you own. they don't even have to target you directly to take you offline.

Pardon my ignorance as I know absolutely nothing about networking.

1. Is this DDOS attack "large"? Can one measure the size of an attack? Does it require the control of many machines? Does it cost?

2. Is it "sophisticated"? Can one tell by the type of attack how "professional" the attack is?

I'd just like to know if anyone can bring down a security site such as this, or if it takes significant resources, investment, planning and a lot of technical proficiency to pull it off?

Rather than call it "childish", are these people really just capable of pulling this off at will, no matter what steps are taken? If so, that's a formidable adversary, and I'm kind of surprised that political candidates, governments, Olympic hosts, the IRS, etc. aren't successfully knocked off line at will.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 15:11:45 EDT

astirusty : Okay. I hadn't looked in the Site Bug forum.

Thanks!
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 14:53:25 EDT

NetFixer :

said by jaykaykay :

Good question. My presumption was it is another DDoS. I will never understand the choice of someone to bring this kind of thing about when there really are such better things to do in life.

If you are the RBN (or any other criminal enterprise) there is nothing more important than stealing someone's money, except for exacting revenge against anyone who attempts to interfere with your primary goal.
--
We can never have enough of nature.
We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
Test your firewall.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 14:51:55 EDT

Name Game :

said by astirusty :

Has the DDoS attacks returned? Or perhaps there is another problem?

And I think it is also possible it has returned..

»www2.dslreports.com/forum/r20348···-Glasses

edit: Thanks sashwa

--
Gladiator Security Forum »www.gladiator-antivirus.com/
*
A fun/friendly/informative forum for the mature elder crowd
»www.theover50goldengroup.net

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 14:51:29 EDT

sashwa : Being talked about here:

»main url not working, anyone else?

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 14:48:54 EDT

jaykaykay : Good question. My presumption was it is another DDoS. I will never understand the choice of someone to bring this kind of thing about when there really are such better things to do in life.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 17 Apr 2008 14:45:03 EDT

astirusty : Has the DDoS attacks returned? Or perhaps there is another problem?
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 12 Apr 2008 03:09:03 EDT

jig :

said by TamaraB :

said by toadlife :

DSLr doesn't even own the router it's server(s) sits behind. They are hosted ...

So? I have co-located servers and routers at CoLo facilities, one does not preclude the other. All you need is control of a class C network. I have an extra ClassC, and if DSLR wants it I would be glad to sign it over for free! I also have a Cisco 2600 multi-port configured router, and cables, already programmed for this class C, and would be willing to give it up for a very nominal fee (going price on Ebay for a used router). I am sure there are many people here who would be willing to help finance such a switchover.

Bob

with a large and sophisticated enough DDOS attack, it doesn't matter how much hardware you own or what group of IPs you own. they don't even have to target you directly to take you offline.

Re: Conerning The On Going Denial of Service Attacks Today.

Sat, 12 Apr 2008 01:04:17 EDT

woody7 : This looks like my setup, when I was having connection problems they wanted me disconnect my router and connect directly to my computer, yea right.....morons....I was on my way to work, and didn't want to crawl under my desk, great picture, I guess neatness does count... :D :D :D
--
BlooMe

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 18:10:57 EDT

astirusty :

said by EGeezer :

Some of the anon posts I've seen in scambusters indicate that this bunch is clearly upset at some revelations and reports being made.

Yeah, some of them should be glad they can cowardly remain hidden. Because I am betting some of those who have been (or had family members) scammed might like to show how "clearly upset" they are by means other than a DDoS.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 18:05:14 EDT

astirusty : It would be interesting and educational for all -- if after the DDoS subsides some details about the attack could be provided.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 16:33:04 EDT

TamaraB :

said by toadlife :

DSLr doesn't even own the router it's server(s) sits behind. They are hosted ...

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 16:31:23 EDT

La Luna : Looks like it's over?

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 16:18:28 EDT

toadlife : DSLr doesn't even own the router it's server(s) sits behind. They are hosted by Net Access Corporation.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 15:10:40 EDT

TamaraB :

said by toadlife :

... The router would still have to evaluate the packet before dropping it which takes up processing time.

True, so you become slow instead of unreachable. Right now, it is not possible for me to reach dslr via the advertised IP. A slow connection would be preferable to a no connection. Yes? To financially upgrade a router to the needed speed and memory to efficiently deal with this sort of attack, it would be, IMHO, paltry compared to the long-term loss of adversing revenue DSLR is experiencing. Hell, I am a paid subscriber, and would not balk at a charge to upgrade dslr's router.

This attack is directed to us, the users. We, the users, have the means to thwart it. We as a community should band together, and make it happen. It's OUR INTERNET, not the Criminal's Internet.

Bob

--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here .

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 14:39:24 EDT

jig : its the "drinking from a fire hose" problem. very hard to drink at full blast, no matter what. only real way to fix it is to turn down the fire hose at the nozzle or further back, not try to shield/divert at the cup.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 14:26:04 EDT

toadlife :

said by TamaraB :

If you dropped all syn packets originating from Russia (Assuming Russia is the source) It wouldn't take long to mitigate the attack. The bot-net would slow down to a crawl, and the impact on dslr would be minimal, especially if the dropping of syn packets happened at the router. Such a response would likely make the botnet unusable for other purposes.

Stopping DoS attacks is not that easy. The router would still have to evaluate the packet before dropping it which takes up processing time.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 14:01:20 EDT

TamaraB :

said by Styvas :

No!!! Don't do that. I log in when I'm over there ...

Obviously it would be a temporary measure.

If you dropped all syn packets originating from Russia (Assuming Russia is the source) It wouldn't take long to mitigate the attack. The bot-net would slow down to a crawl, and the impact on dslr would be minimal, especially if the dropping of syn packets happened at the router. Such a response would likely make the botnet unusable for other purposes.

I suspect however, that the attack has a wider demographics than Russia.

Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here .

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 13:43:49 EDT

Styvas :

said by TamaraB :

When this started, one of the first announcements stated that the attack was coming from Russia. Is this still the case?

If so, there are several easy ways of dropping all packets originating from a specific country. There are DNS-Based country zones available, as well as Text-based country zones available for blocking purposes.

Bob

No!!! Don't do that. I log in when I'm over there visiting my wife's family. In fact, DSLR keeps me sane while I'm there! :)
--
Check out the »Primus TalkBroadband VoIP FAQ.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 13:16:52 EDT

DownTheShore : Name Game - Thanks for all those cartoons - they gave me a good laugh. :D
--
Life is simply one damned thing after another.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 13:05:57 EDT

TamaraB :
When this started, one of the first announcements stated that the attack was coming from Russia. Is this still the case?

If so, there are several easy ways of dropping all packets originating from a specific country. There are DNS-Based country zones available, as well as Text-based country zones available for blocking purposes.

Bob
--
Motor Vessel - Tamara B.
43' Long-Range Trawler
Cape Elizebeth ME.
See her Here .

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 12:41:24 EDT

La Luna :

said by EGeezer :

I agree with you and believe it's more than a disgruntled member or poster. I believe it's about money and the take-down of moneymaking criminal activity like phishing, CC fraud, bulk ticket buyers, the $9.95 eBook guys and so on. Some of the anon posts I've seen in scambusters indicate that this bunch is clearly upset at some revelations and reports being made.....

The EBook website scammers certainly look like prime suspects.

»Ebook websites, fraud charges, Devbill/DigitalAge/Pluto
--
10,886 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 12:22:14 EDT

Travelfan1 : all of your explanations make perfect sense.

Kudos to dslreports tech team for their hard work!

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 12:13:30 EDT

EGeezer :

said by astirusty :

said by dave :

Someone sulking at a perceived insult in one of the forums?

Or perhaps one of the forums at DSLReports was involved in defeating/circumventing a black-hats mal-ware/SPAM-site.

I agree with you and believe it's more than a disgruntled member or poster. I believe it's about money and the take-down of moneymaking criminal activity like phishing, CC fraud, bulk ticket buyers, the $9.95 eBook guys and so on. Some of the anon posts I've seen in scambusters indicate that this bunch is clearly upset at some revelations and reports being made.

Several scambusters use BBR as well as other methods to communicate publicly, so paying a bot herder a few thousand bucks to DoS is not out of reason for the criminal organizations.

Thanks to Justin and the nameless team supporting him (Thumbs up to them!), you can go there and take a look at the work they are doing - Despite the DoS attempts. :)
--
Mayors of New York come from nowhere and go nowhere.
Wallace Sayre (apparently, so do governors... )

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 11:07:09 EDT

astirusty :

said by dave :

Someone sulking at a perceived insult in one of the forums?

Or perhaps one of the forums at DSLReports was involved in defeating/circumventing a black-hats mal-ware/SPAM-site.
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 10:31:04 EDT

Name Game :

said by dave :

said by Travelfan1 :

What could be a reason for a hacker/cracker to perform a DDOS against DSL Reports?

Someone sulking at a perceived insult in one of the forums?

Hacker groups practising their skills and having contests with each group on who is the best at taking down a target.

Recent attack at this site also..
Hackers, Lamers and Script Kiddies
»auralmoon.com/forum/showthread.php?t=3803
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 10:02:41 EDT

Portmonkey : There is big money in some of the illegal online activities nowadays. When people can come here to the numerous forums for free and learn how to avoid and prevent such things as the various flavors of scams, identity theft, phishing, infections, and how to repair and secure a computer that has already been compromised, then it is likely significantly hitting some of the bad guys/gals in the pocket when you consider how many have been helped over the years. Maybe that's not the case here, I'm only guessing, and it could just be someone really bored with nothing better to do.
--
Ninja of the Nasty

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 09:44:53 EDT

dave :

said by Travelfan1 :

What could be a reason for a hacker/cracker to perform a DDOS against DSL Reports?

Someone sulking at a perceived insult in one of the forums?

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 09:42:46 EDT

Travelfan1 : I'll leave to the techies to discuss the technical details.

But what I wonder is: What could be a reason for a hacker/cracker to perform a DDOS against DSL Reports? What financial gain or, what the heck, personal gain suck person/people can gain?

Maybe it's a combination of Comcast and VZ, after all the complains in their forums :)
--
COMpressionCAST of New Jersey II(Union)
Verizon DSL
And who would think Eli would outplay Brady...

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 08:48:42 EDT

Name Game : It still appears to be only DDoS 1: Attackers flood unprivileged traffic.
Result: Privileged users unaffected, “1-packet”privileged users

Defenses against Distributed Denial of Service Attacks
»www.dtc.umn.edu/resources/perrig.pdf.

There are also some other solutions..

WRAPS: Denial-of-Service Defense through Web Referrals
»ieeexplore.ieee.org/search/wrapp···=4032468

But then there are worse conditions.. :(

Keep DNS servers from contributing to a DDoS attack

Takeaway: How can a recursive query become a DDoS attack? It doesn't take much. Mike Mullins explains how an attacker can take advantage of a DNS server using recursion to perpetrate a DDoS attack, and he tells you how to prevent your organization's DNS servers from taking part.

»adakabartekno.blogspot.com/2007/···-to.html
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 06:05:06 EDT

shearer :

said by Mele20 :

It got really bad again about an hour and twenty minutes ago. I could not get here until I tried the alternative address which then would not let me login for awhile. I finally got logged in on it and and am posting this from the alternative address.

Ten mins before this post, the orginal address was fine. Then after approx 6am Eastern Time, my browser couldn't get thru on port 80 anymore, so I am now back on the alternative ip which is a bit sluggish but surfable.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 05:53:46 EDT

Mele20 : It got really bad again about an hour and twenty minutes ago. I could not get here until I tried the alternative address which then would not let me login for awhile. I finally got logged in on it and and am posting this from the alternative address.

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 01:00:45 EDT

Name Game : Not so loud please..WCB might give me the three-finger salute in the morning. :huh:

said by mers2 :

Thanks to Justin and all who helped to keep us in business today. Your efforts are greatly appreciated by us dslr addicts. :)

I've gotten some great cartoons to add to my collection from this thread as well. Security geeks have the best sense of humor. :D

--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Fri, 11 Apr 2008 00:24:02 EDT

danny9 :

said by Name Game :

Yup..they have some very dedicated people working in the background..DSLR with all it's Forum is a fantastic place..for most of us it has everything...you can never get bored and it provides such a wealth of info at your finger tips. And all those who have helped with the FAQ's for the various forums over the years have been a life saver for many who are new to the internet.

Name Game, your cartoons are great. Thanks for sharing. :)
Posts well said and very true.

justin, Great job by you and your staff on resolving this issue. Kudos to you all! :)
--
VoicePulse 07/29/04

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 23:20:52 EDT

mers2 : Thanks to Justin and all who helped to keep us in business today. Your efforts are greatly appreciated by us dslr addicts. :)

I've gotten some great cartoons to add to my collection from this thread as well. Security geeks have the best sense of humor. :D

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 20:44:15 EDT

justin : I don't know about your own config but the "ip site" is also www2.dslreports.com and it is on another port we have. There isn't anything bad on it or anything that would redirect anyone or capture anyones passwords. I'll change it to a redirect back to www.dslreports.com at some point.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 20:39:46 EDT

Name Game : Yup..they have some very dedicated people working in the background..DSLR with all it's Forum is a fantastic place..for most of us it has everything...you can never get bored and it provides such a wealth of info at your finger tips. And all those who have helped with the FAQ's for the various forums over the years have been a life saver for many who are new to the internet.
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 20:19:19 EDT

astirusty :

said by Name Game :

justin with the crew seems to be handling it well...

Worth saying again. Justin, his staff, crew, and posse -- are all doing a great job of dealing with it.
I would love to buy them a couple of beers, but I doubt they would drive to Okie land just for a few brewskies. But the offer stands! :)
--
Do yourself a favor, just say no to anything Windows.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 20:11:01 EDT

Name Game :

said by Bubba17 :

I've a question regarding this latest DDS attack.

First, suppositions would include that most every member of dsl is, or has been, at a dwelling window, with head poked out, screaming to the top of their lungs, "we're mad as hell! .. and, we're not going to take it any longer!!".

Also, let's say money is no object.

... does technical (hardware or software or expanded bandwidth or ?) means exist today to defend against, stop or prevent such attack?

edit: added "it".

I would not say all of them.... justin with the crew seems to be handling it well..but yes there are ways to even prevent it from happening in the first place. They are certainly not New...have been going on for a long time now.
But they are getting more sophisticated.

There are companies out there that will help you and even specialize in stopping and/or mitigation ..even if it is a DNS problem.

This old write up still has the basics of what can be done.
»staff.washington.edu/dittrich/mi···lias.txt
--
Gladiator Security Forum »www.gladiator-antivirus.com/
Missing Kids
»www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:55:49 EDT

Bubba17 : I've a question regarding this latest DDS attack.

First, suppositions would include that most every member of dsl is, or has been, at a dwelling window, with head poked out, screaming to the top of their lungs, "we're mad as hell! .. and, we're not going to take it any longer!!".

Also, let's say money is no object.

... does technical (hardware or software or expanded bandwidth or ?) means exist today to defend against, stop or prevent such attack?

edit: added "it".

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:42:03 EDT

Name Game : Yup..I agree..got a few of those errors myself..dave might be trying to log back on with the wrong switch.
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:36:46 EDT

La Luna :

said by Name Game :

said by La Luna :

Dup post

See..too much multitasking..you must be eating up all the bandwidth :(

It's not me. It's the gremlins. :hmm:

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:35:55 EDT

La Luna : hmmm, anyone else starting to get these?:

The page you requested is currently unavailable due a temporary construction error.
You may press BACK and try again.

If the condition continues, please try later when we have corrected the problem.
Resources (if the problem is isolated):
# site help forum

In the event of an extended outage all dslreports.com urls will temporarily return a system status page that we will update as we can.
--
10,886 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:31:46 EDT

Name Game :

said by La Luna :

Dup post

See..too much multitasking..you must be eating up all the bandwidth :(
--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:24:32 EDT

Name Game : We are working on that. :D

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:21:36 EDT

La Luna : BeesTea and dave . :D

By the way, could some of you leave now, the site is getting a little sluggish again. TIA. :)

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:21:11 EDT

La Luna : Dup post

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:20:46 EDT

Name Game : I logged into that 209.122.192.190 and got this warning.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:07:13 EDT

dave : If anyone gets upset by anything I posted in the last year or so, it wasn't me that said it. It was BeesTea .

However, anything you liked was posted by me.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:05:38 EDT

BeesTea :

said by dave :

So my password isn't compromised, right?

You're fine. I've been using your password for ages and no one has ever guessed it!

=)
--
Overpower, overcome.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 19:05:05 EDT

Name Game : I am afraid so dave. But be firm and they will give it back.

said by dave :

Damn damn damn damn. I fell for it.

EDITED shortly thereafter.

Damn damn damn damn. I fell for the false-alarm posting!

So my password isn't compromised, right?

--
Gladiator Security Forum »www.gladiator-antivirus.com/ Missing Kids »www.missingkids.com/

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:54:47 EDT

quatrix :

Next time just try the common sense alarm.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:54:31 EDT

La Luna : Just checked my history in Fx....I was also logged in with *123*.

However, I changed my PW because everyone got me nervous. :(

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:52:55 EDT

cabana :

said by dave :

Damn damn damn damn. I fell for it.

EDITED shortly thereafter.

Damn damn damn damn. I fell for the false-alarm posting!

So my password isn't compromised, right?

I think the consensus was that it was a typo that appeared for a short time and was corrected -- no compromises. But in this situation of course -- always good to double check... it is one of the few times that paranoia is good ;)

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:41:53 EDT

sashwa : I just checked my IE history, cabana. I used the "123" when I got in this morning around 7 am PDT. When I try the "122" page I get "Internet Explorer cannot display the page".
--
TH ~ NE ~ EPN ~ NC ~ TD

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:40:43 EDT

dave : Damn damn damn damn. I fell for it.

EDITED shortly thereafter.

Damn damn damn damn. I fell for the false-alarm posting!

So my password isn't compromised, right?

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:33:57 EDT

JohnQPublic :

said by JohnQPublic :

I guess I better get some better alarms. I've been using the IP address all afternoon. I've been posting to it, too. ;)

I need to get my eyes checked. I see the difference now. The notice I saw this morning gave the IP address 209.123.192.190.

Obviously whoever made the announcement later made a typo. I cannot connect to the IP address the OP quoted.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:28:58 EDT

swhx7 : Some security software may give an alert simply because there's a link using an IP directly instead of a domain name - a common trick in phishing emails and other scams.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:28:22 EDT

SnowyOne :

said by cabana :

said by mike12806 :

i'm guessing its also possible Justin made a typo in his very busy day...

could be ... I believe there were 6 updates total - 3 on the "shutdown" url -- and then 3 updates "shutdown1" url --

I checked my history though -- I only see my having hit the "123" -- perhaps someone else on IE can check to see if they ever hit "122" ...

I added to the confusion by using the IP in the original screenshot. It's been corrected to reflect the correct IP

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:25:41 EDT

SUMware : »www.dnsstuff.com/tools/ipall.ch?···.192.190
IP Information - 209.122.192.190
IP address: 209.122.192.190
Reverse DNS: [No reverse DNS entry per master.dns.erols.net.]
Reverse DNS authenticity: [Unknown]
ASN: 6079
ASN Name: RCN-AS
IP range connectivity: 2
Registrar (per ASN): ARIN
Country (per IP registrar): US [United States]
Country Currency: USD [United States Dollars]
Country IP Range: 209.122.0.0 to 209.123.255.255
Country fraud profile: Normal
City (per outside source): Allentown, Pennsylvania
Country (per outside source): US [United States]
Private (internal) IP? No
IP address registrar: whois.arin.net
- - - - - - - - - - - - -
»www.dnsstuff.com/tools/ipall.ch?···.109.175
IP Information - 209.123.109.175
IP address: 209.123.109.175 (DSLR Login Page)
Reverse DNS: www.dslreports.com.
Reverse DNS authenticity: [Unknown]
ASN: 8001
ASN Name: NET-ACCESS-CORP
IP range connectivity: 1
Registrar (per ASN): ARIN
Country (per IP registrar): US [United States]
Country Currency: USD [United States Dollars]
Country IP Range: 209.122.0.0 to 209.123.255.255
Country fraud profile: Normal
City (per outside source): Morris Plains, New Jersey
Country (per outside source): US [United States]
Private (internal) IP? No
IP address registrar: whois.arin.net

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:24:57 EDT

cabana :

said by mike12806 :

i'm guessing its also possible Justin made a typo in his very busy day...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:23:27 EDT

Kiwi : I watched and noted this site did have a DDOS, but no hack was evident.

Amazing, people with too much time on their hands, could be better spent improving the human condition than wasting the energy on a worthless end result. There certainly are some true morons out there.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:22:27 EDT

Hangetsu :

said by shearer :

I agree since the IP is confirmed legit please delete the OP's post and bin this thread.
Otherwise it might give noob users unnecessary scares

Yeah, it might give us unnecessary scares!

Wait...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:16:15 EDT

mike12806 : i'm guessing its also possible Justin made a typo in his very busy day...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:16:09 EDT

SipSizzurp :

said by La Luna :

Awww, now you've gone and done it! :D

Got us back up a few hours sooner. Stupid rushin basterds obviously bought it. Didn't even bother to check ERIN.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:14:59 EDT

zbestwun2001 : All I know is this, I click on it and it set off Sitehound.

It directed it to www.interracial-comics.com.

I don't know how they did it but that's what I saw.

zb1

whois for that site:

Registrant:
am
Vabaduse
Tartu Tartumaa 20306
EE
Registrar: 000DOM
Domain Name: INTERRACIAL-COMICS.COM
Created on: 30-MAR-04
Expires on: 26-MAR-09
Last Updated on: 05-MAR-07
Administrative Technical Contact:
S Alex ircomix@yahoo.com

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:12:51 EDT

mike12806 : i had .123 too.....although is it possible it was being hosted on more than one ip???

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:08:45 EDT

La Luna :

said by cabana :

I believe that ".122" is not correct -- the addy direction was -- 209.123.192.190 -- I think it bears closer look...

Awww, now you've gone and done it! :D

If that is incorrect (which is the same as everyone else saw), where (and what) is the correct one that Justin posted about here?:

»Re: ddos

What I saw at 9:30AM:

Thu Apr 10 09:18:25 EDT 2008
============================

Valued users:

unfortunately we have a DDOS (distributed denial of
service attack) currently aimed at our pages, rather
than give you page timeouts and errors I've decided to
show this page so I have some time to work around the
problem (eta uncertain).

Since we recognize you have a login cookie, you
are reading a message pitched at existing users.
Feel free to use a temporary alternate path:

ht tp://209.122.192.190/login

(you will need to login)

I am not sure if we will have to flip this around, so don't
be surprised if it also stops working for a while and
you have to return to www.dslreports.com for more info!
--
10,880 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:03:13 EDT

Doctor Olds :

said by SnowyOne :

It's 100% legitimate

It's 1000% Legit.

It's Too Legit To Quit!©

It's The Real McCoy!©

It's The Real Thing, Coca-Cola!©
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 18:02:53 EDT

cabana : I believe that ".122" is not correct -- the addy direction was -- 209.123.192.190 -- I think it bears closer look...

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:56:26 EDT

shearer : I agree since the IP is confirmed legit please delete the OP's post and bin this thread.
Otherwise it might give noob users unnecessary scares

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:55:30 EDT

Hangetsu : So... If the IP address is legit, can we safely say the OP was incorrect, and the page (and link) were safe?

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:55:10 EDT

mike12806 : Oh yes! I saw Justin's post this morning anyways...DOH!

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:53:31 EDT

La Luna :

said by mike12806 :

Wait....so was that IP address-login site legit or not? If it was legit, then a Mod definitely needs to delete that first post....

Yes, it's legit, read the link in my ~~thread~~ oops, I mean post! :D

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:53:05 EDT

SnowyOne :

said by mike12806 :

Wait....so was that IP address-login site legit or not? If it was legit, then a Mod definitely needs to delete that first post....

It's 100% legitimate

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:50:42 EDT

mike12806 : Wait....so was that IP address-login site legit or not? If it was legit, then a Mod definitely needs to delete that first post....

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:48:42 EDT

JohnQPublic :

I guess I better get some better alarms. I've been using the IP address all afternoon. I've been posting to it, too. ;)

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:45:37 EDT

La Luna :

said by zbestwun2001 :

If you see this secondary login page shown during a DDS attack please do not log into it.

It is also bogus website that set off every alarm in my system it could when I tried to see what it was about.

Just wait till the regular page comes back up for your Security safety

Here is what the page looks like, I took a snapshot of it .

Huh?

»Re: ddos

We all saw that page earlier, Justin put it up with the alternative IP. What are these "alarms" of which you speak, and are you sure you don't have some other issues going on?

edit: added question
--
10,880 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:45:09 EDT

SnowyOne :

said by shearer :

If 209.122.192.190 is a bogus site, that should mean the DSLR web server has been hacked. AFAIK DSLR has only been DDOSed, not hacked. right?

You got that right, but to clear up any confusion 209.~~122~~123.192.190 is not a bogus site, it's a legit DSLR address

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:37:16 EDT

onDvine : I followed that link and logged in. :(

Guess it's time to change my password. At least I have no tool points to be stolen.

Edit:

said by shearer :

... DSLR has only been DDOSed, not hacked. right?

I hope not. Then I don't need to change anything. When I logged in I did get access to this site.

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:34:30 EDT

shearer : If 209.122.192.190 is a bogus site, that should mean the DSLR web server has been hacked. AFAIK DSLR has only been DDOSed, not hacked. right?

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:14:39 EDT

sashwa : Thanks, tmp. I blew that move. :D

Re: Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 17:13:39 EDT

tmpchaos : Moving to /Security... I think here may be other issues involved.

Conerning The On Going Denial of Service Attacks Today.

Thu, 10 Apr 2008 16:51:39 EDT

zbestwun2001 : If you see this secondary login page shown during a DDS attack please do not log into it.

It is also bogus website that set off every alarm in my system it could when I tried to see what it was about.

Just wait till the regular page comes back up for your Security safety

Here is what the page looks like, I took a snapshot of it .

Be safe,
zb1