Nov. 2009 DDOS update

Spammers should not profit, so post information here that hits their pockets. There are many ways to fight spammers, and we have automation tools to combat them efficiently. These forums are moderated, but do not reflect the views of the hosting company, domain registrar, etc. By entering any of these forums, you agree that you cannot hold anyone liable for anything related in any way to these forums.

Nov. 2009 DDOS update

Postby spamislame » Thu Nov 05, 2009 8:08 pm

Site is up as of 7:07pm, Nov. 5th, 2009

Let's see how long that lasts.

SiL
User avatar
spamislame
Site Admin
 
Posts: 5058
Joined: Tue May 09, 2006 9:18 am

Re: Nov. 2009 DDOS update

Postby Red Dwarf » Thu Nov 05, 2009 9:14 pm

Though the site is running, it is still under a heavy DDOS attack.

Users should watch announcements on other inboxrevenge sites (Twitter, blogs etc) for updates.

Access is being limited to protect the system.
User avatar
Red Dwarf
You are kiillllling-a my bizinisss!
 
Posts: 10542
Joined: Tue Jun 27, 2006 2:01 am

Re: Nov. 2009 DDOS update

Postby spamislame » Tue Nov 17, 2009 12:25 pm

Quick update:

Site is still under a very large-scale attack as I write this. For the moment web access is limited to a small range of known IP's, all others are denied.

More info as we get it.

SiL
User avatar
spamislame
Site Admin
 
Posts: 5058
Joined: Tue May 09, 2006 9:18 am

Re: Nov. 2009 DDOS update

Postby spamislame » Tue Nov 17, 2009 4:03 pm

Further update: It appears that (for now) the attack has subsided. It's unknown why.

Red and I are examining logs. More as we get it.

SiL
User avatar
spamislame
Site Admin
 
Posts: 5058
Joined: Tue May 09, 2006 9:18 am

Re: Nov. 2009 DDOS update

Postby ahoier » Sat Nov 28, 2009 1:25 am

how is the site doing with deflecting these attacks?

I don't know if you all recall, but on the old CastleCops "DDoS" Forum, an user, can't remember who off hand, wrote a thread/how-to, including PDF howto, on how to defend against DDoS attacks using PeerGuardian2 (if on Windows) or "moblock" on a server/machine running Linux or other variant.

http://www.wakeupyouidiots.com/Logs2List.zip contains the source code for the "Logs2List" file, the PDF "readme", and the source code. PG2/Moblock aren't included but are both opensource, and available from sourceforge.
ahoier
Spammer Killing Machine
 
Posts: 593
Joined: Thu Apr 03, 2008 4:33 pm
Location: Florida

Re: Nov. 2009 DDOS update

Postby AlphaCentauri » Sat Nov 28, 2009 1:39 am

Castlecops' motto was "We will not be silenced," and they fought like hell to keep the forum available. They suffered such a severe DDoS (2 GB/sec) that their hardware was damaged.

We're not trying to prove we can fight some spammer with a massive botnet head on. They've got enough firepower to shut down the forum. No arguments there. When they attack us, we just shut down the server and continue to communicate off-line. Then we come back when they get bored.

We are taking advantage of other venues like blogspot, live.com, wordpress, twitter, etc. to post information publicly. I encourage other members to participate in these alternate forums by posting comments on those sites. Taking out Google, Microsoft and the other massive players all at once would be a much bigger accomplishment, and if they try it, it will achieve the goal of attracting much more law enforcement attention to their attacks.
User avatar
AlphaCentauri
You are kiillllling-a my bizinisss!
 
Posts: 5989
Joined: Thu Mar 01, 2007 3:01 am

Re: Nov. 2009 DDOS update

Postby spamislame » Sat Nov 28, 2009 11:39 am

I'd like to add that although I would love to be running Logs2List, it is a windows-only binary. Our server is, of course, a Unix server, so in real time that is not a good solution.

The past several attacks have led to a very large number of IP's being logged and added to our firewall. It's also led to some diligent reporting to their ISP's, since they all appear to be infected hosts. I know that's an uphill battle, but one never knows.

I'm sure we'll see more. Anytime anything bad happens to the criminals behind these activities, they automatically assume that we are behind it. That's not necessarily a bad thing.

SiL
User avatar
spamislame
Site Admin
 
Posts: 5058
Joined: Tue May 09, 2006 9:18 am

Re: Nov. 2009 DDOS update

Postby ahoier » Sat Nov 28, 2009 1:20 pm

Yea, that is quite odd :) He "advertises" the logs2list deal for multiple O/S, but yea, you'd need a way of either, running the executable in a NIX environment, or porting all the *NIX logs to a Windows machine to allow logs2list to do it's "churning" :)

The concept looks neat, basically, long list of "never block" IP addresses/ranges (basically, those of active members/posters/users) and then the "always block" list, of repeat offenders/attackers, and it sorts them accordingly.

and yea, I do have the various blogs favorited, and also in my Google Reader for updates; but honestly don't use the reader much, unless I get the error message about the forums offline, then I go to Google Reader and get the news :)
ahoier
Spammer Killing Machine
 
Posts: 593
Joined: Thu Apr 03, 2008 4:33 pm
Location: Florida


Return to Fight Spammers

Who is online

Users browsing this forum: Ahrefs and 1 guest

cron