


6:18 pm
August 18, 2011

Sadly, the DDoS (Distributed Denial of Service) attacks continue. They have been fairly continuous since 15:15 EST. While our server can handle the additional load and ride out such attacks, our data center has to protect its resources. Although the attack is directed at our server, it is not the only server on our data center's network. The increased traffic from such attacks also affects other servers' performance and ability to communicate unobstructed. Thus, our Data Center has no option but to null-route (i.e. packets go into the bit bucket, never to be seen again) our address so that traffic does not make it into their internal network.
Given the length of this attack, it has escalated beyond a simple prank. Furthermore, since most attacking addresses come from, or are spoofed to come from, the Netherlands, this has become a US threat. That said, I've been working with the data center staff and have collected logs from their and our IDS (Intrusion Detection System). I have created attack profiles and summaries - it helps when you work in a related field. These profiles and reports have been forwarded to a couple of good acquaintances of mine at our FBI Cybercrime Division nearby. Its peaked their interest. Upon request, I furnished a list of recent "disgruntled customers". I made a few contacts at last year's Interpol Cybercrime Conference in The Hague. I'll see if I can pull a favor or rattle some cages directly or indirectly to have them look at it from the purported source of these attacks.
Unfortunately, there is no option but to weather the storm. Like I said, our server can handle the load, but I agree that our data center needs to look out for all their clients. The bad news is that as long as the attacks continue, the data center will continue blocking access to our server. The good news is that as long as the attacks continue, the more data we and the data center can collect to prepare and forward to the appropriate authorities. It wouldn't be the first time that someone got their ass thrown in the slammer for something that started out as a prank.
7:46 pm

Knight
January 13, 2014

8:51 pm
May 20, 2013

1:19 am

Ambassador
Members
November 10, 2013

9:49 am
May 20, 2013

The computer scientist part of me got to thinking last night, and I began to wonder what exactly the attacks consist of. Could you share this information without compromising the security of the server and the website? (Forgive me if that has a super obvious answer; I only seek knowledge.) If it is possible to share it without harm to the server, may we have access to that information? It may allow us to recognize these attacks sooner and inform the correct personnel as soon as possible.
Thanks if you can help!
10:20 am

Knight
January 13, 2014

12:47 pm
August 18, 2011

Caveman_Dave said
The computer scientist part of me got to thinking last night, and I began to wonder what exactly the attacks consist of. Could you share this information without compromising the security of the server and the website? (Forgive me if that has a super obvious answer; I only seek knowledge.) If it is possible to share it without harm to the server, may we have access to that information? It may allow us to recognize these attacks sooner and inform the correct personnel as soon as possible.Thanks if you can help!
Generically speaking the DoS attacks were comprised of the usual stuff, that any Google search for DOS, DDOS, or Denial of Service will tell you more about it - malformed packets, syn floods, illegal handshakes, etc. , etc. As far processes and data mining techniques we use to correlate information from various sources, that's proprietary information.
10:16 am
August 18, 2011

Well, it appears that they are not yet done having their fun. New vector and a whole new set of zombies. Oh well, more info to forward on. Sunny day today, but I guess its still stormy in the digital world
Most Users Ever Online: 442
Currently Online:
13 Guest(s)
Currently Browsing this Page:
1 Guest(s)
Top Posters:
Emulated: 3206
ryanpitts: 1300
Dalferes: 747
Pherian: 660
Okarim: 594
Member Stats:
Guest Posters: 10
Members: 20843
Moderators: 3
Admins: 2
Forum Stats:
Groups: 8
Forums: 45
Topics: 6229
Posts: 27413
Newest Members: roxannezg18, claraps16, Cxgsyb, lewiset18, Zlwqwq, marionhm11, ritavw2, DamionUrida, abigailea11, Pljzgm, Fsdnvv, jaimeoi2, stevenjd4, bm4, glendaor1, femdom_tof, NiannRof, Atnycj, bernardhk1, georgeck11
Moderators: terrorisly: 424, mudwog: 127, LightWarriorK: 2154
Administrators: meatbawllz: 2475, frelling: 3264