[TechGuy]

We were thrown a syn flood to our web server tonight. Since it flooded the whole connections, it took a while to narrow down what was going on. Hopefully we've got this guy bottled down for a bit now.

As always, feel free to visit http://status.techguy.org/ for updates when available.

And someone wipe that target off our servers!

 

[Stoner]

Good to see TSG back up.

Thanks Mike

 

[TechGuy]

Well, he's still sending attacks this way... let's just hope we can keep holding them off.

 

[hewee]

Glad your back up Mike.
Hope you get the attacker and lock him up in jail.

 

[Davey7549]

Well could it be we may be aggravating a few by fixing their attempts to take over a users system or is it a disgruntled ex-member who has aligned themselves with a few hackers.

Guess we may never know!

Dave

 

[mobo]

Is there any way to track his IP mike ?

 

[SIR****TMG]

sounds like this site is helping to many people and there getting mad over the help ... so they want to shut it down too....like i said its a full time job on the pc now....just in protecting yourself....

 

[TechGuy]

Probably not his IP, it's spoofed, but we're working on it.

 

[mobo]

I'm sure you are Do share it as well when you get it so we can Email the chap will you

 

[valley]

well that stinks, Mike! If the trouble you are having is the result of someone who is trying to get revenge then I hope he is caught and stopped.

that leads me to the question....what happens when you catch them? Can you press charges or have them tossed in jail or fined or something?

 

[TechGuy]

Our new "Patriot Act" allows for 5-10 years of prison for breaking into a computer... He didn't break in, though -- just interrupted services. Not sure about the sentence, though. We could press charges ourselves, but the FBI would probably take over it over as it would be a criminal case.

 

[700mb80min]

Valley , read this to understand a bit about what happened . Take this guy for what it`s worth , he`s been called a fake with some of his software , but his " blog " about his own attack isn`t bad reading.

 

[TechGuy]

Looks like we're not likely to get much love from the FBI as our outage didn't cause the $5000 minimum damage required by the law. Ah, well. Logs were sent anyway for future reference. Looks like the attack just stopped a bit ago, too. Must have realized that it wasn't working anymore.

 

[700mb80min]

But they know they can get in so .......................

How many machines did you log ?

 

[TechGuy]

Ah, that's just it: they can't now. The attack was still going on for about an hour after I posted this thread and we were back up and running. So we're good until they find another way to attack. Then I'll forward the logs for that one, too.

 

[buddhafabio]

whew, i thought it was from me updating an old thread

 

[Rockn]

More than likely someone in civ debate cutting and pasting multiple articles per post, highlighting, and giving their commentary taking up all the bandwidth. I would make a suggestion on who it might be but I am sure you are well aware of any disgruntled teenagers that have "hacker" friends and far too much time on their hands. Most of these attacks are more of a nuisance than anything else. Good job Mike!

 

[CyBerAliEn]

Been wondering why I didn't see a thread in TSG yesterday asking "hey, why was the site down?". Finally found this, lol...

If I understand the situation correctly, it was a DOS attack, right?

For those who may not understand: Basically, they flooded the servers, disalllowing anyone from being able to access the site. This would not involve getting "into the system" though. So you shouldn't have any worries other than TSG possibly being momentarily down again in the future.

And as much it would nice to do, I think the chances are 0% that charges could be pressed, even if you happen to know who this individual is (unless your running a business that is dependant on your site). Unfortunately, this kind of crap happens on a daily basis to different websites, big and small.

 

[Rhettman5.1]

It's really to bad there's not a program similar to mailwasher for servers...just bounce those DNS attacks back to the sender...ahhhh.... in a perfect world..

 

[Davey7549]

Would be nice Rhett but the senders are just Zombies being instructed to continually ping a site at max packet size.
Like to get at the IRC server that the scripters are using to control the Zombies.

Dave