Soldato
and what are you meant to be looking for? All i see is a load of numbers etc
OcUK DDoS attack - £10,000 reward
- Thread starter Spie
- Start date
- Status
and what are you meant to be looking for? All i see is a load of numbers etc
By scanning the ports of every IP on the internet, or a specific range.
There are only 4 billion IPs, and with 1000 zombies that does not take long to scan, LAN computers are often scanned as well
Assuming its not a sophisticated rootkit:
open a command prompt (open the run command from the start menu and type cmd)
type netstat -o | find "overclockers"
You may see a readout like this if theres any connection (if the page is fully loaded in IE you won't see anything returned)
TCP STATION-26:2910 forums.overclockers.co.uk:http ESTABLISHED 2556
Match the PID at the end of the line (2556 in this case) to the processes in task manager (enable PID in task manager by going to view->select colums and select second check box down (PID).
Unfortunatly -b doesn't seem to work with netstat doing a find.
If the process isn't iexplorer or firefox, etc. or an rss reader its possible you have a trojan thats connecting to ocuk.
If your really bored do netstat -aob for some geeky listing of components using the network stack
another way to possibly see if theres a trojan in there if you know what your looking for
Last edited:
Soldato
Its removed?
Stone him.
joking
On a lighter note:
pfft. i'm sure he wouldn't travel all the way down to the M25 to do it. He'd just go to the M6.
Soldato
Ok and if you found 1000 computers with open ports, what happens then (without explaining how to do a DDOS!)?
Soldato
Wow, hope you finally get whoevers doing this.
Soldato
Ok then, I dont think we are after 1 person here, as this person would need a lot of bandwidth to bring down a server on its own, however this one person might be behind creating a BotNet type script, to enable to use other unsuspecting users to DOS ocuk servers.
Someone is going to slip up on this and brag about it some where and they will caught.
Someone is going to slip up on this and brag about it some where and they will caught.
Soldato
So it wasn't yantorsens spam overloading the servers? 
Soldato
http://www.rage3d.com/board/showthread.php?p=1335768184#post1335768184
Posted here too , you never know
Posted here too , you never know
Associate
or cut the offender up and hide the parts in pre built systems
but on a serious note good luck on finding the cheeky beggar.
A lot of the time its done by compromised machines to make it harder to trace the original source.
Also its not helped by the fact that when the forums are slow, not respondng, the legit users keep refreshing it.
Soldato
I heard it was lizard men.
well seeing as how its going to be difficult to catch whoever did this, would it not be better for you to save your 10 grand and spend it on more bandwidth for the site to handle these kind of attacks?
by offering the 10 large reward it obviously shows that this attack has peed you off and your after some sort of retaliation. whoever did the attack is probably laughing now and i wont be surprised if they are watching this thread right now and haveing a right giggle.
probably best to just ignore the attack that way the attackers will get bored and move on.
Last edited:
Man of Honour
Can everyone please refrain from suggesting possible names of the attacker. Even if it is in jest it could be misconstrued as an allegation.
If you have any information please follow the instructions in the original post.
If you have any information please follow the instructions in the original post.
Be pointless the bots would just eat up all of the bandwidth in no time.
Obviously
- Status