Membership is FREE, giving all registered users unlimited access to every Acorn Domains feature, resource, and tool! Optional membership upgrades unlock exclusive benefits like profile signatures with links, banner placements, appearances in the weekly newsletter, and much more - customized to your membership level!
Site Direct helps you monetize your domain portfolios with ease

Hacker Attack - Experienced People

Status
Not open for further replies.
C

crabfoot

Joined
Jan 24, 2009
Posts
883
Reaction score
16
The forum at experienced-people,net is currently under attack by hackers. They did a DDoS last week, and they have stepped up to another level this week.

Just what they are trying to achieve is a mystery, as the forum is not operated for profit. Anybody got a clue what they are trying to achieve?

Only thing I can think of is that a couple of people tried to plug dud biz opportunities on there, and got nothing but sarky comments - might be revenge.
 
Probably - its a real shame as its a cracking forum with utterly no cruft.
 
Pointless and poor timing with Clinton away in Oz now I think.
 
Been there... Nasty thing... In my case it was (as I've figured it out) a competing entity. They should talk to their host, it might be able to handle (some!) DDOS.
 
Last edited:
It was DDoS last week, Clinton showed the email from the hackers saying they were going to step up to something nastier this week (can't remember the exact description). But they were not demanding anything, although Clinton said something like, "next they will be demanding money".
 
From talking to peers there have been a lot of random attacks of late. Though these muppets seem to want the site down.
 
jimm said:
From talking to peers there have been a lot of random attacks of late. Though these muppets seem to want the site down.
Click to expand...

BTW, as a pro: does cloud hosting help against DDoS? What do you think?
 
Doesn't it cost them money to perform these attacks? Or a lot of resources to make these things happen. Just wondering what the point is for these people if it isn't to blackmail people.

If it's free then fair one, even then though wonder what the point is.
 
GreyWing said:
Doesn't it cost them money to perform these attacks? Or a lot of resources to make these things happen. Just wondering what the point is for these people if it isn't to blackmail people.

If it's free then fair one, even then though wonder what the point is.
Click to expand...

Usually it's compromised computers which will send automated http requests to the target site
 
expertc said:
BTW, as a pro: does cloud hosting help against DDoS? What do you think?
Click to expand...

No, Cloud hosting (depending on your definition) can help scale a site to handle the extra load but a dos needs to be dealt with at the network level for anything over a small attack. But it also depends on the kind of attack. Some of them will send very small packets in huge numbers, then the switches and routers cant cope, or some send attacks which tie up the connections on the server holding them open so no more requests can get through or one of the multitude of other kinds of attacks.
 
To those unaware, a ddos is performed by a botnet (a group of compromised computers who are sent commands via IRC) they are then told to 'ping' the site, meaning they request all the site's data again and again - raping its resources. I used to have one of these and there isn't really much you can do. Dos protection is about all you can do (which bans the ip's and disconnects them as soon as they connect)

As for the owner being away - thats really unfortunate. As soon as they get back get them to phone there hosts to either establish the ddos protection they have or move hosts to someone who can deal with it.

Cloud won't help, only disperse the load over lots of servers (which will cost a bomb with most cloud being scalable to how much you use) which isn't a real solution.
 
Ashton said:
a ddos is performed by a botnet (a group of compromised computers
Click to expand...
Most of the time it is a bot net yes.

Ashton said:
who are sent commands via IRC)
Click to expand...
Sometimes IRC, but most time communicate direct with a master(s) through their own methods.


Ashton said:
they are then told to 'ping' the site, meaning they request all the site's data again and again - raping its resources.
Click to expand...
Its rarely ping (if you actually mean ICMP) now. It tends to by SYC floods in the millions of packets per second as that can really stop your network. But again there are a multitudes of vectors which can be used.


Ashton said:
I used to have one of these and there isn't really much you can do. Dos protection is about all you can do (which bans the ip's and disconnects them as soon as they connect)
Click to expand...
There are lots of things to do to handle the traffic. It all depends on your pockets. The simple and cheap way is to blackhole your IP at the edge.
Your site will be down but its not costing a fortune.
You can tar pit ips so after an amount of requests they get slowed down or blocked, you can use proper filtering using hardware so it decides what is a legitimate request and what isnt. There are proxy services which will handle the traffic and only pass legit traffic on. Many options. Depends on the size of the attack, type of attack and your budget.

Ashton said:
As soon as they get back get them to phone there hosts to either establish the ddos protection they have or move hosts to someone who can deal with it.
Click to expand...
As mentioned, its not just a case of moving to someone who can deal with it. It costs money and significant sums of money.
It mentioned 2Gbps attack i think on the site. To accept that level of traffic would cost £5000 per month minimum (£2.50 per Mbps on a large commit to crap routes over Cogent for example) before you add any cost to either filter it or provide the infrastructure to handle the requests.

Ashton said:
Cloud won't help, only disperse the load over lots of servers (which will cost a bomb with most cloud being scalable to how much you use) which isn't a real solution.
Click to expand...
Agreed
 
Haha good dissection - to make it clear I was going by my experience (I used irc) and in layman's terms. I haven't heard it put as well as you just did though :)

By better hosting I didn't mean more B/W I meant by better ddos protection :)
 
Maybe I am getting it - pay the hackers to go away, because it is cheaper than paying for the elevated bandwidth for zero real traffic?

Am I right?
 
crabfoot said:
Maybe I am getting it - pay the hackers to go away, because it is cheaper than paying for the elevated bandwidth for zero real traffic?

Am I right?
Click to expand...

Unfortuantely paying them will just mean they do it to some other unfortunate person.

I would say get what DDOS protection you can and wait it out. Jimm seems very competent so maybe he can recommend some hosts that offer great ddos protection - or check if your hosts do.

Ideally work to convince them that you are unable to pay - explain that the forum already costs money and doesn't make any and you literally cannot pay them and you will have to just shut the forum down permanently if they continue. They may stop earlier if they realise they aren't going to get anything either way and move onto the next target on their list (that is if they are really blackmailers and not hired by or they themselves a competitor)

Good luck :/
 
Hypothetical question, since no-one knows the origin of the attack, and Clinton's host claims to be the best v. DDoS attacks - but would it be possible to apply a redirect to the domain under siege, so that the $ht lands on the heads of an "enemy" domain, whether guilty or not?

Yea, were it feasible, how hard would it be to conceal that action so that it looks like a total chance event?

Get your Black Hats on ...
 
Last edited:
crabfoot said:
Hypothetical question, since no-one knows the origin of the attack, and Clinton's host claims to be the best v. DDoS attacks - but would it be possible to apply a redirect to the domain under siege, so that the $ht lands on the heads of an "enemy" domain, whether guilty or not?

Yea, were it feasible, how hard would it be to conceal that action so that it looks like a total chance event?

Get your Black Hats on ...
Click to expand...

If the attack is aimed at the domain and not the server it is possible to do.
Legal or ethical I shall not comment.
 
Status
Not open for further replies.

Similar threads

it.com
it.com DNS Abuse: Types and Countermeasures
Replies
0
Views
254
it.com
it.com
it.com
it.com How To Launch a Website for an IT Startup: A 3-Step Guide
Replies
0
Views
221
it.com
it.com
J
  • Locked
Strange things going on
Replies
14
Views
2K
Admin
Admin
it.com
it.com Industry News Digest: September 2024
Replies
0
Views
231
it.com
it.com
Acorn Newsbot
Nominet Nominet funds major new project to prevent online child sexual abuse
Replies
0
Views
431
Acorn Newsbot
Acorn Newsbot
Domain Summit Europe 2025

The Rule #1

Do not insult any other member. Be polite and do business. Thank you!

Members online

No members online now.
Total: 315 (members: 0, guests: 315)
IT.com

Premium Members

Sedo Global Domain Report
Aucdom Auctions
Catch Club
dot Hiphop

Latest Comments

Upcoming events

New Threads

Domain Forum Friends

DNForum
ConsultDomain.de
Domaineforum.fr
Domainforum.ro
DN.ca
DomainFragen.de
Inforum.in

Our Mods' Businesses

DomainUI Mod
*the exceptional businesses of our esteemed moderators
General chit-chat
Help Users
  • No one is chatting at the moment.
      There are no messages in the current room.
      Top Bottom