OcUK DDoS attack - £10,000 reward
- Thread starter Spie
- Start date
- Status
Soldato
Firstly I wish you all the best on tracking these people down.
Can I recommend you consider hosting the forums elsewhere, for one it'll enable you to cut down the list of unique IP's visiting the store, just to click through to the forums.
Secondly I don't think a public reward is a smart idea (it'll attract all sorts if spread around - and that's not a good thing fella).
I'd advise (and you may well have done already) to seek professional help, SOCA should provide you with companies they recommend (though as SOCA are pretty new they might not be a great PoC on this).
Can I recommend you consider hosting the forums elsewhere, for one it'll enable you to cut down the list of unique IP's visiting the store, just to click through to the forums.
Secondly I don't think a public reward is a smart idea (it'll attract all sorts if spread around - and that's not a good thing fella).
I'd advise (and you may well have done already) to seek professional help, SOCA should provide you with companies they recommend (though as SOCA are pretty new they might not be a great PoC on this).
Caporegime
Googling seems to show something odd about someone practicing for their OcUK dos attack, don't think it's worth even posting anywhere though as they probs know.
Soldato
All seems back to normal now the main site loads quick so do these forums 
OT/
Wow somebody’s sig is causing this page to load sloooow!
benjonesuk?
OT/
Wow somebody’s sig is causing this page to load sloooow!
benjonesuk?
Soldato
i think the person posting it was making a joke.
Caporegime
- Joined
- 1 Mar 2008
- Posts
- 26,303
Are we absolultely sure this isn't just an effect of Yantorsen's spamming?
Soldato
i'll take the fall for £10k i'm skint
MW
MW
I must admit this has made me remember my naughty days back on IRC where a load of us would flood or winnuke people off of IRC to hijack their channels with our eggdrops.... LOL.. those were the days! We thought we were cool but in reality were just script kiddies
Man of Honour
The last thing you want is for the business to be affected like this, especially in the current climate. Well I hope that whoever is responsible for this gets caught quickly and punished.
The problem you're going to have is that to do a 'proper' DOS attack then you're going to need thousands/millions of nodes (or very fast connections) to attack the site with (basically request page after page of information). The firewall will then see all of these requests and start to ban the IP's however if the IP's are only requesting the homepage then the firewall can't really ban these as it's a legitimate request. Because there are literally millions of them in some cases it can't handle it and thus the servers get over loaded and starts to time out and fall over.
Funnily I was talking to a colleague earlier when this site was mentioned about how slow it was and we suspected DOS then.
Without the logs though it's going to be very hard to prove who has done it and because it will be a bot network getting something together for SOCA, etc. will be even harder. The attacks will, most likely, have come from several different countries.
M.
Funnily I was talking to a colleague earlier when this site was mentioned about how slow it was and we suspected DOS then.
Without the logs though it's going to be very hard to prove who has done it and because it will be a bot network getting something together for SOCA, etc. will be even harder. The attacks will, most likely, have come from several different countries.
M.
Associate
Soldato
I must admit this has made me remember my naughty days back on IRC where a load of us would flood or winnuke people off of IRC to hijack their channels.... LOL.. those were the days! We thought we were cool but in reality were just script kiddies
*suspicion aroused* hmmmm
They would probably be using crypted files, so I don't think you would be able to detect it very easily.
- Status