OcUK DDoS attack - £10,000 reward
- Thread starter Spie
- Start date
- Status
Soldato
Apologies.
Reminds me of the days of DoS attacks on chatroom bots when MSN Chat was global.
this is a slightly larger scale though
again we need numbers, how many bots were in the attack, what sort of ip range were they from etc. everyone is just making blind guesses, and its just adding more fuel for laughing at from the attackers point of view.
Soldato
Even Timmy Mallet?
Soldato
With the greatest respect you have no idea of the facts involved. I do, hence the reward.
Not exactly a hacker here, but surely your website CP shows what IPs are pulling what from the servers? That's probably the best road to go down, not many of us will be tied into the hackers underground, i hope 
Without access to administrative tools (which is never going to happen) i doubt there's much many people can do apart from keep their ears to the ground
Without access to administrative tools (which is never going to happen) i doubt there's much many people can do apart from keep their ears to the ground
Soldato
Ouch this is nasty, must be costing a lot in losses for a 10k reward. Funny, there was a thread the other day asking how much it costs to host these forums!
Its possible to manage these things in stages - a large amount of the initial attack would have been from machines geographically unlikely to be legit visitors to OCuk so you can start to filter this traffic out further from your core route reducing the strain, you then have to filter traffic coming from closer shores with a finer tooth combe... eventually you come to a point where the attacker isn't likely to have enough machines within the geographical walls you've setup to make a noticeable impact.
At each stage the attacker might shift their attack pattern(s) so you might see it go down, be ok for awhile and then go down again.
Theres also some time delay in doing this especially getting cooperation from carriers further down the line to try and block the attack further away from the main routes to your server.
Last edited:
Soldato
They will be watching this thread now imo, and they will brag to someone who fanceys 10k in the back pocket and then get caught.
Permabanned
- Joined
- 6 Oct 2008
- Posts
- 1,176
F5 F5 F5 F5 F5
2 weeks??? i thought this only happened today, since i tried to access the site mid day and it was un-responsive.
than again i dont frequent these forums as much as i used to.
also tom i did a reply to your hdd thread but when i posted it the site timed out and i was too lazy to type out the message again since it was a long one.
hmm that just goes to show that the attacker of this site wasted my time too.
Soldato
hmm there is always two ways to respond to a DDoS attack, could just keep quiet, but considering ocuk is losing money I don't think they would want to sit back and not saying anything. Spie said at the start of this thread the attack has been going on for 10 days, is a long time.
Soldato
To be honest you need to set up a script or hardware firewall that will ban an ip for 5 mins or so after they keep hitting the server more than a set time. that way you atleast free up bandwidth.
Soldato
Ah that's ok Mav, went for RAID1 array in the end for my backups
/Epic change of subject
Soldato
Well I hope you catch whoever is responsible and good luck. What assistance is your ISP offering etc?
The volume of traffic won't decrease though, so that won't do anything
That sort of filtering would have to be done further out anyhow.
I'd imagine many of these kinda rules will be in affect or put into affect - but managing a serious DDOS attack takes time and effort.
- Status