OcUK DDoS attack - £10,000 reward

Status
Not open for further replies.
Soldato
Joined
1 Jun 2005
Posts
5,152
Location
Kent
Do data centers that house the OcUK servers and such provide any sort of protection against these kinds of attacks? or do datacenters leave it to their customers to rent extra rack space to hold equipment to protect their stuff?
 
Soldato
Joined
5 Dec 2006
Posts
15,370
erm, that's the first D of DDoS, it's not the same IP address making thousands of requests, it's thousands of IP addresses making thousands of requests.

Yes, but wouldnt an automated flood protection script block all the IP's automatically?

Even as new computers are infected, the script will pick them up and ban them too.
 
Man of Honour
Joined
13 Oct 2006
Posts
91,650
10K could possibly sort this problem in the short term (cluster servers, etc.) - but it offers no long term protection and you can't keep paying out £10K every couple of months or so.
 
Soldato
Joined
30 Jul 2005
Posts
19,504
Location
Midlands
Yea, erm I completely agree, ICMP packets yea go for that oh and CAR yea definetely.

somehow i doubt this is as simple as accessing a home router config screen and setting up ddos protection.

e.g my draytek router ddos protection would be crap for the sort of attack we are talking about here.

pic of my draytek dos options:

draytekdos.PNG
 
Permabanned
Joined
14 Nov 2002
Posts
5,555
Location
Kent
Do data centers that house the OcUK servers and such provide any sort of protection against these kinds of attacks? or do datacenters leave it to their customers to rent extra rack space to hold equipment to protect their stuff?

Depends on whether they have a fully managed solution, otherwise you pretty much just get your IP Address space allocated, connect/peer with the ISP and sort it all out yourself.
 
Soldato
Joined
12 Mar 2006
Posts
22,993
Location
N.E England
somehow i doubt this is as simple as accessing a home router config screen and setting up ddos protection.

e.g my draytek router ddos protection would be crap for the sort of attack we are talking about here.

pic of my draytek dos options:

draytekdos.PNG

It was the textual equivalent of me nodding my head in agreement because I don't have a clue what he is talking about :p
 
Soldato
Joined
24 Sep 2005
Posts
20,173
Location
Middlesbrough
Good luck Spie et all in catching the culprits.

However, I don't think you will and no one will be getting this £10k reward. (That's a damn good incentive though)

All those different IPs attacking the site, you then need to find the related IP between all the attacking clients, if there is indeed an IP to be found. The clients may have had a virus sent to them via email which then caused this.

(I think :p)

This wont be easy as some major major plod and ISP co-operation is in order.

Ohh and your hosts should have protection against this sort of thing. I suggest you find another host, sharpish.




However. I don't know if it's just me but why is it only during the day that the attacks happen.

It could be someone who has access to tons of PCs during work hours. Though I don't know if that can be done as all those PCs on 1 network should only send out 1 message to OcUK servers which should easily laugh off 1 attack at a time?

No idea tbh.. ;)
 
Last edited:
Soldato
Joined
30 Jul 2005
Posts
19,504
Location
Midlands
It was the textual equivalent of me nodding my head in agreement because I don't have a clue what he is talking about :p

now with the new this week only offers on tomorrow, wonder if the site will get hammered again?

one thing is its good that spie has confirmed that security will not be effected. hate to see that my stored credit card details were leaked out by the ocuk site. :mad:
 
Status
Not open for further replies.
Back
Top Bottom