OcUK DDoS attack - £10,000 reward

bigredshark · 21 Jan 2009 at 22:39

Strife212 said:
snip

yep that simple, but posting that might be close to the line!

Strife212 · 21 Jan 2009 at 22:40

You're probably right.

GarethDW · 21 Jan 2009 at 22:42

bigredshark, nice posts

2StepSteve · 21 Jan 2009 at 22:44

5 stars? Might wanna be looking into the people that voted 5 stars.. whats so amazing about this subject? It is a downer.

thepharcyde · 21 Jan 2009 at 22:44

I cannot help but think that this thread is turning into a hacking lesson over anything else. I see the mods are quick to delete posts though

Iraklis F.C. · 21 Jan 2009 at 22:45

So its impossible to find out who is carrying out the attacks unless someone tells you who is the person?

rypt · 21 Jan 2009 at 22:46

Rroff said:
All of those things basically.

You could keep adding more internet connections to your present server and setting up server clusters to keep abreast of the processing and bandwidth requirements but it would quickly become very costly.

Or you can work with the upstream provider and block off the connections / data before it ever gets here.

Rroff · 21 Jan 2009 at 22:48

Well yeah but I was replying to the second part of his post as to if increasing bandwidth, etc. would help - theres much more effective ways to manage a DDOS attack.

Deleted member 651465 · 21 Jan 2009 at 22:49

If I knew who it was I'd be currently emailing Spie and striking this pose..

bigredshark · 21 Jan 2009 at 22:51

Iraklis F.C. said:
So its impossible to find out who is carrying out the attacks unless someone tells you who is the person?

Basically, you need to find the person sending the control commands, as they'll never actually be part of the attack themselves that's devilishly difficult.

Best option is...

(if they're tragicomically stupid) get yourself infected by the botnet carrying out the attack, monitor your inbound traffic and watch for the control signal. Only works if you can get yourself infected (pretty hard if you want to trace a specific attack) and they're utterly dumb enough not to hide the source of the control commands (quite common actually, most people behind this are just script kiddies after all with no real idea)

rypt · 21 Jan 2009 at 22:51

EVH said:
If I knew who it was I'd be currently emailing Spie and striking this pose..

And then requesting 1 billion zillion $, or w/e the line from the film was?

bigredshark · 21 Jan 2009 at 22:53

rypt said:
Or you can work with the upstream provider and block off the connections / data before it ever gets here.

But in a DDOS attack you're dealing with multiple clients all mixed in with genuine traffic. Blocking only the attack when it's so diverse is hard, even for the upstream provider, we do it with specialized equipment designed for this and similar tasks but it costs shedloads of money so most providers aren't prepared to do it yet.

2StepSteve · 21 Jan 2009 at 22:53

Iraklis F.C. said:
So its impossible to find out who is carrying out the attacks unless someone tells you who is the person?

It is near impossible as said many times in this thread, the nature of a DDoS attack means the attacker could start these attacks in a number of locations via a number of proxies/a public library computer/a hacked wifi connection.

There is so much talk in this thread of server side protection but really that will only help to a certain extent. What needs to be addressed are these compromised boxes out there and ways to prevent computers turning into drones.

Meatball · 21 Jan 2009 at 22:55

Was wondering why the shop and forums have been playing up, sorry to hear about the problems

. Some people need to seriously get a life. If there was something I could do to help I would. The amount of time I spend reading these forums is pretty scary :O. Good luck and keep us updated on what's going on

.

Solari · 21 Jan 2009 at 22:55

2StepSteve said:
It is near impossible as said many times in this thread, the nature of a DDoS attack means the attacker could start these attacks in a number of locations via a number of proxies/a public library computer/a hacked wifi connection.

Agreed, this thread is like a broken record now...

Now, about this willy bleaching...

corex2 · 21 Jan 2009 at 22:57

Ok, ill admit it. It was me, can I have my ten grand now ?

[TW]Fox · 21 Jan 2009 at 22:58

I've never really understood the hatred. If you dislike a particular shop that much surely the best course of action is to simply shop elsewhere :confused:

bennyboy2606 · 21 Jan 2009 at 22:59

[TW]Fox;13335490 said:
I've never really understood the hatred. If you dislike a particular shop that much surely the best course of action is to simply shop elsewhere

But what if you are the other shop, and can force people to shop with you?

Burnsy2023 · 21 Jan 2009 at 22:59

corex2 said:
Ok, ill admit it. It was me, can I have my ten grand now ?

Only when you're spending time at Her Majesty's leisure

2StepSteve · 21 Jan 2009 at 22:59

bigredshark said:
Basically, you need to find the person sending the control commands, as they'll never actually be part of the attack themselves that's devilishly difficult.

Best option is...

(if they're tragicomically stupid) get yourself infected by the botnet carrying out the attack, monitor your inbound traffic and watch for the control signal. Only works if you can get yourself infected (pretty hard if you want to trace a specific attack) and they're utterly dumb enough not to hide the source of the control commands (quite common actually, most people behind this are just script kiddies after all with no real idea)

Sadly it isn't as simple as this otherwise many botnet owners would be behind bars by now. There will be multiple smaller botnets which gives out the attack commands to the main set of attacking drones, these smaller groups could go back X amount of times all around the globe. I think that luck plays a big part in taking down these script kiddie idiots out there.

OcUK DDoS attack - £10,000 reward

Deleted member 651465

Deleted member 651465