Open Question to Hash

[TheReal_ND]

What's up with the attacks? You let us know about them so what is your assessment? Can you give us any details?

[C-Mag]

I"m seriously confused.

Why does this require a new topic. Why is this not in the 'Were under attack' thread ?

[TheReal_ND]

Because I don't want to read nine pages of Vietnam bullshit. If Martin will permit it, I would like him to post what he's willing to share here.

[TheReal_ND]

Basically there is too much noise in that thread and it's triggering my ADD. I want to focus on this very much and I just want a quick run down of what he knows so far and hopefully anything he learns in the future. I love derailed threads as much as the next guy but I just want to see this explained thoroughly because it intrigues me. I know hash is a fan of brevity and all but still.

[C-Mag]

ok

[TheReal_ND]

I asked around and apparently people with as little as ten people in an IRC server get DDoS'd. I don't really understand how it works but I do understand in most cases it costs money and in some cases, actually quite a bit. I do know some people that are able to will do it with little money though. I don't remember any hackers on the forum. Maybe HarryK got a hold of some government servers heheheh

[Xenophon]

I asked around and apparently people with as little as ten people in an IRC server get DDoS'd. I don't really understand how it works but I do understand in most cases it costs money and in some cases, actually quite a bit. I do know some people that are able to will do it with little money though. I don't remember any hackers on the forum. Maybe HarryK got a hold of some government servers heheheh

We have something under 100 registered users who visit each month, of which more than half post, and a couple hundred (maybe more?) visitors every month.

That’s all he’s said about it.

[Martin Hash]

There are waves of bot sign-ups, each larger than the last. Most, almost all, get filtered out, and those filled the buffers. Still, a few dozen a week get through so that I personally have to research their IP, Graylist status & spam report history. It's gotten so I recognize the domain name on the email addresses, and can scan a half dozen phony sign-ups in a few seconds. The ones who keep doing it, I leave on the Inactive list so they can't try again. (You can see them all by clicking on the "members" link at the very bottom of the page.) The IPs come mostly from Russia, Russia, Russia, and Amsterdam, Poland, Ukraine are always bots. Lately, we've got a handful coming out of the States.

We didn't witness the wave, and Jason didn't have our IP history recorder turned on (it fills up), so we can only guess where the bots are coming from by the IPs of the ones that made it through. Many of those have Anonymous IPs. (I just ignore Anonymous IP sign-ups.)

[TheReal_ND]

Fascinating. I certainly have no clue why you would be under attack in this manner.

[Martin Hash]

Damn, look at this IP: tor-relay.zwiebeltoralf.de

This baby made it through. I think there's a person on the other side.