OcUK DDoS attack - £10,000 reward

[drunken fool]

The longer it goes on the more traceable it is - if he'd have hit the site once for 2-3 days and left it at that, hadn't paid anyone directly and used a hijacked(unsecured)/open wireless to initiate the attack he'd be almost untraceable - but as time goes on and the attack changes vectors in reaction to security measures brought to mitigate it more and more clues and openings to identify atleast who is controlling it are left - and its very unlikely someone is coordinating a prolonged attack like this for free.

Totaly agree thus my (potentially wrong) assumption that this is beyond your average joe disgruntled customer/forum users.

In order to circumvent the security measures you need to have a certain amount of knowledge of how they work and even the order in which they would be logically applied so as to keep up the DDoS.

There is always a trail of evidence left behind any attack, it's a case of what is 'put' there to mislead and what is 'accidently' left behind

 

[alex24]

Mac address of the machine being used can be logged on certain routers. Trace the mac address back to its machine and you have who was accessing the wireless network.

Surely someone doing this would spoof the MAC, that's not hard to do.

 

[aix0]

Mac address of the machine being used can be logged on certain routers. Trace the mac address back to its machine and you have who was accessing the wireless network.

How would a MAC address relate back to the attacker? And it's so simple to spoof a MAC.

 

[alex24]

How would a MAC address relate back to the attacker? And it's so simple to spoof a MAC.

Every NIC has it's own MAC, so it'd be unique to their machine, however, they could just use a wireless adapter and chuck it.

 

[Solari]

Not true depending on the router / equipment you are using.

At the most, all you'd get in the logs that would be useful would be the hijacker's MAC address, and that could easily have been changed to something bogus anyway in the NIC settings?

 

[Immsy]

It would relate back to the machine they used. Yes its simple to spoof it but most joe bloggs using someone elses wireless connection wouldnt be doing it. Professionals on the other hand would have course do it.

 

[LOAM]

Trace the mac address back to its machine and you have who was accessing the wireless network.

Is there a giant MAC address DB we can do a look up on that just pops the chaps name and address out ? or would we need to go looking at every network card in the world, cause if we need to do that we need to start soon. They are making new ones almost every day

 

[aix0]

Every NIC has it's own MAC, so it'd be unique to their machine, however, they could just use a wireless adapter and chuck it.

I wasn't asking the question, I was debating.

 

[Booner!]

Could it be anonmous? They pull big stuff like this all the time don't they? But I can't think of a single reason why they would do it? Unless Spie is a scientologist?......

 

[Immsy]

Is there a giant MAC address DB we can do a look up on that just pops the chaps name and address out ? or would we need to go looking at every network card in the world, cause if we need to do that we need to start soon. They are making new ones almost every day

Indeed, but if you had reason to suspect someone you would have a place to start etc.

 

[Gothic Draconia]

Think of Somalians and boats/ ships. Regardless of what people on here might know about the current issues, there is always the possibility for criminals to target you. You're only safe when you're not on the radar..

 

[4T5]

Not hard to buy a wifi lappy for cash & use somebody elses I.P is it. Once you are that far it's just a matter of transfering the funds to the Rusky team & letting them run with it. With the cash you transfer & there competitive nature they would be well on there way to a New challenge.

 

[LOAM]

Indeed, but if you had reason to suspect someone you would have a place to start etc.

If we all check our own that will eliminate us ?

 

[Solari]

Indeed, but if you had reason to suspect someone you would have a place to start etc.

Anyone with an ounce of sense would just change it in software. I know I do when I use public networks or whenever I'm away and *ahem* borrowing someone's open wireless. Not that I do anything malicious, of course.

 

[UberGT]

Could it be anonmous? They pull big stuff like this all the time don't they? But I can't think of a single reason why they would do it? Unless Spie is a scientologist?......

Ex employee alittle angry maybe?

 

[GSXRMovistar]

Well on the slighty upside of all this, all the press/fuss around this matter on all the other sites/forums etc will do one thing for sure and that's bring people here nosing.

If those people are looking to buy stuff and the prices here are right I very much doubt the majority of the comments being bounced around (real or not) would put them off.

 

[Immsy]

Anyone with an ounce of sense would just change it in software. I know I do when I use public networks or whenever I'm away and *ahem* borrowing someone's open wireless. Not that I do anything malicious, of course.

Yes of course you would, as you are computer savvy. But what about Mr Joe Bloggs who doesnt know his Vistas from his XPs. People dont think that the normal joe bloggs would be accessing others wireless networks but plenty are.

 

[aix0]

Don't some manufacturers even provide utilities to permanently change the MAC of a NIC? It's completely untraceable.

 

[Rroff]

An old wireless AP I had allowed you to change the MAC in the control panel software.

 

[Immsy]

Don't some manufacturers even provide utilities to permanently change the MAC of a NIC? It's completely untraceable.

Yes but its not as if every user would be doing this. Only the professionals which is obviously who the guys doing the DDoS are.