OcUK DDoS attack - £10,000 reward

[mangobreeder]

If nothing else, the fact that Spie has offered such a large 'reward' just goes to show the severity of this situation and also the determination to find the culprit too. God help him when they do. Though again as Spie has said, they have a suspicion of who it maybe and through reading the forum of late I think most of us do too.

Hope they/he is tracked down and pays Bill'inda a visit in the local lockup..

essentially no website = 0 sales

new customers often repeat buy, so 10k is probally cheap,

 

[ConTRo13R]

OTHER FORUMS!!!

Other than here! unheard of lol

 

[paradigm]

Not to mention cause trouble if this ends up in court.

If this case was actually in court at the moment posting hearsay and nonsence could be viewed as contempt of court.

Precisely why I posted what I did.

People posting competitor hints, or ex-members names, or asking can they post random culprit names... are morons.

 

[Dogoid]

Doesn't matter - they either do a shedload of http requests which still work or a SYN flood or other attack to the webserver port.

your right. the only real way of managing it is to have shed loads of bandwidth, more bandwidth than the attackers have. the cost of that would prob be more than the losses.

 

[Gaygle]

Any half decent DDoS will be both virtually impossible to trace to its source and mitigate against

I bet Chloe O'Brien could do it.

 

[ins0mn1ac]

Some people seriously dont understand the nature of a ddos attack, wiki links explaining them have been posted several times, try reading them!

 

[platinum87]

i must say that it would be near impossible to get a conviction or even to find out who is causing this..

my recommendation is to invest in dome ddos protection, or upgrade it

 

[ConTRo13R]

Large monies involved here i guess!

19 grand maybe lol

 

[BigglesPiP]

whoa that's serious,

perhaps it's a bad move to offer £10k as it could open the floodgate for hackers/attackers to hold your server for random, but far far more than £10k

that's why UK government wont negotiate with any terrorists

Governments do offer rewards for information though.

My guess is this is aimed at people who may know who is instigating the attack through contact other than forums.

Another guess is that this DDOS attack uses computers already infected, there are large networks of such machines, which anyone who knows how can control.

 

[Rroff]

Any half decent DDoS will be both virtually impossible to trace to its source and mitigate against (speaking as someone who works for an ISP and has had to deal with them too).

The reward is an interesting hook but I guess it depends on the motives of the person(s) involved.

Its possible with enough time and the right expertise to break a botnet (usually using a honey pot trap to aquire the trojan for analysis etc.) and with the help of the right authorities find who is controlling it... (or atleast compromise the controlling mechanism) but unless the source was silly enough to pay this person directly for the service thats about as far back as you can get.

 

[Wicksta]

No. A suspect is a suspect. I'm not going to name anyone. There are people out there who know who is behind this. They are the people who need to come forward.

I don't see the point in mentioning 'a suspect', it just creates unnecessary gossip. Pretty much 9/10 people think they know who you are implying here whether they are correct or not.

 

[Solari]

Any half decent DDoS will be both virtually impossible to trace to its source and mitigate against (speaking as someone who works for an ISP and has had to deal with them too).

The reward is an interesting hook but I guess it depends on the motives of the person(s) involved.

The only reasonable thing I've seen done in a past job to mitigate this is tweaking of the system parameters for TCP (at least on a Solaris box) or load balancing off to new pool members. Still doesn't help that much if the amount of traffic coming in is bigger than your pipe though

Its possible with enough time and the right expertise to break a botnet (usually using a honey pot trap) and with the help of the right authorities find who is controlling it... but unless the source was silly enough to pay this person directly for the service thats about as far back as you can get.

What if the attacker is in a country where the "authorities" really don't give a rat's **** ?

 

[CliffyBiro]

Have you checked if any ocuk members were involved in the attack? They could maybe se what infected their computer or give any help regarding the situation.

Agreed, I'd happily search for anything that could help.

 

[bennyboy2606]

Have you checked if any ocuk members were involved in the attack? They could maybe se what infected their computer or give any help regarding the situation.

As above, could you not cross check the huge list of I.P's against that of registered users to see if a user has been accessing the site at an unhuman rate? Also, you could always change the domain of the website/shop frequently until the case is solved, whilst leaving the other one up, would the "zombie invasion" not continue on the original site, whilst legit customers and forumers having an alternate? I dunno, was just a suggestion.

 

[roddypoddy]

I hope you get it sorted,no business needs this kind of ****,more so when the retail world is utter turmoil as it is now,good luck.

 

[Atrox Moris]

whoa that's serious,

perhaps it's a bad move to offer £10k as it could open the floodgate for hackers/attackers to hold your server for random, but far far more than £10k

that's why UK government wont negotiate with any terrorists

Aha. Ahaha. AHAHAHAHAHAHAHAHA.

 

[Morba]

sorry my fault, ive not been working for a while and guess im getting OcUK addiction, hitting refresh hundreds of times a second!!

 

[Cyber-Mav]

i wont be surprised if half of you nut jobs on here contributed to the ddos attack, after seeing the site not loading up you lot probably hammering the refresh button and adding to the damage.

 

[Spie]

i wont be surprised if half of you nut jobs on here contributed to the ddos attack, after seeing the site not loading up you lot probably hammering the refresh button and adding to the damage.

That's not correct.

 

[gillywibble]

Good luck with this Spie. Hope you enjoyed your holiday despite what was going on back home.