- This topic is empty.
-
Posts
-
Well looks like I pissed someone off.
Now I am getting DDOS attacked.. Server is not happy about this and working hard to trace source ip …
Anyone else have this prob lately?
Oct 22 15:04:41 www204 /kernel: Limiting icmp unreach response from 50490 to 200 packets per second
Oct 22 15:04:42 www204 /kernel: Limiting icmp unreach response from 64186 to 200 packets per second
Oct 22 15:04:43 www204 /kernel: Limiting icmp unreach response from 61362 to 200 packets per second
Oct 22 15:04:44 www204 /kernel: Limiting icmp unreach response from 49360 to 200 packets per second
Oct 22 15:04:45 www204 /kernel: Limiting icmp unreach response from 64330 to 200 packets per secondServer said
It is possible to track it to an ip… from there you would have to contact an attorney and sue the isp
to be able to get the records on who is using the ip then try to sue them..So guess it looks like I will be contacting my Attorney soon!!!
Thanks Dean for the info..
FBI link didn’t work but will have to scan through that..
Think my server owner is prob not happy for not getting any sleep all night handling this shit..
thanks again
OK, I was pretty paranoid when we got thrown out and a couple of things happened.
Maybe it is my paranoia and pure coincidence, but within a few days our server was crashed several times due to overload (in excess of 200 queries per sec or something) and was not able to be fully rectified and considerable script errors were encountered.
Eventually we upgraded and had additional security measures installed.
A DOS attack requires some knowledge and access to a network of computers to achieve. I had a bit of a search today and this was pretty informative:
http://www.digifriends.com/highlights/denial_of_service_attacks.shtmlAt the same time I found out about Krystalls attack we were not able to access this board. Possibly something this end but Prof anything unusual in your logs?
Maybe my paranoia again. But, the reality is someone has to pretty well have it in for you to do this as what I can see it takes a lot of effort to achieve.
Unless Cindy has been taking masterclasses in the darkside it is not her. A couple of members in the GPWA are capable I guess.
Basically if several of you have been affected this way, get together and do a shortlist if you suspect this is GPWA related.
For 6 weeks after my expulsion I received in exess of 2000 viruses a day clogging my mailbox. I was just about to totally give up on it when it finally stopped.
I never said a word about it publicly because I wouldn’t give her the statisfaction.
DOS attacks happen all the time.
In recent months many Gambling related sites and servers have been targeted, mostly going after some of the larger sportsbooks and groups.
Most hackers, when trying to compromise servers will concentrate on a specific block of IP’s looking for boxes to compromise for a number of reasons. They may want to serve music or porn from them, or want root access so they create larger attacks, (with more bandwidth) going after other targets. Once a block is compromised, (or not) they move on to another one.
I happen to know over 2 dozen server operators that were heavily attacked during the code red launch. (I was one)….They didn’t want our servers….except they DID want our bandwidth to launch the attack at the White House.
I have some local clients that have dedicated business bandwidth connections that have been hacked for no other reason than to drop a few gigs of music on the hard drive and run ftp servers in the middle of the night.
If you suspect that your server has been compromised, start looking for mp3’s and mpgs (mpegs) that don’t belong there. Some hackers are pretty slick and will even drop them in folders in with printer drivers.
If anyone ever thinks they have been compromised, I am willing to help consult in any areas that I may…bandwidth theft really sucks…
Rick
Universal4In recent months many Gambling related sites and servers have been targeted, mostly going after some of the larger sportsbooks and groups.
What article did that come from, do you know?
Bernie
This was a brand new server and all new ips less than 2 months ago.. they had upgraded me..
Was also attacked last week one day and on saturday, just was not big enough to shut me down.
They have stopped the attacks but the server may have had some damage.. Which is not only effecting me but the business in which I host from..
So the server company may be investigating it a lot due to damage done to there brand new machine.. Look like they have done a lot of back tracing today..
But up and running…. but still having issue cause of the damage to machine..
Just got off phone with Attorney about another issue he is working on. Told him about the DDOS attack and he is more interested about the DDOS attack right now. He said this is a serious issue and will jump on going after the person that is doing it when and if they get it traced back.
He said they are really going after people doing this cuz it is getting worse all the time. ISP are taking much more serious as well.. It actually only can be stopped by ISP companies not the hosting companies. So guess this is a learning experience for me.. I did know much about this and learning more all the time..
Wish it wasn’t my server I was learning it on..
