Jump to content

DOS Attack


Recommended Posts

Interesting TGO finally got hit. Several of the major gun forums that I know have had DOS attacks in the last year. Maybe all of them do from time to time.

I suppose it explains most of the poor performance issues with the site since first of the year ... if you're sure that the DOS is real, and not just an excuse from webhost.

- OS

Link to comment
  • Replies 98
  • Created
  • Last Reply

Top Posters In This Topic

Guest joeharris

If this is true, it is sad, i get withdrawel symptons when the site goes down. David says it started in the last few weeks, but OhShoot is talking like we have been having problems for the entire yr.

I just wonder, as to why all of a sudden there is talk of a Master-Hacker, when in many previous post's, David was always complaining about the bad service due to the new webhost.

I wonder as to what type of proof, if any there is, besides excuses maybe from the webhost?:up:

As previously stated there are a few websites that continuously seem to go down, but many wonder if it is not simply due to the owner?admin. just not knowing, "What in the hell, they are doing"!

If the was a hacker, the webhost should be smart enough and take evasive action!

Might be time to hire a Master Tech. Consultant, $500. should get that alledged problem easily solved!:D

Link to comment

i used google and the last reported DDOS attacks on gun forums was in May of 2008. in the last 3 weeks, i would be looking at who has been banned and who they were friends with that got banend in the past. maybe someone finally got pissed off enough to do something like that. it (DDOS attacks) would explain the pain in the ass i have connecting at times when i can go anywhere else on the internets without fail. when did i mention the start of that problem? seems to be about 3 weeks ago if i remember correctly.

edit: i posted about my problem 2 weeks ago today. it had been going on for about a week, so that is 3.

Link to comment
  • Administrator

Guys, I've got very good records of when it started happening. We didn't just discover this last night; we've known about it for some time now. I finally decided to take the "social" route and offer a reward yesterday, that's why I made it public.

When an investigation is ongoing, the first thing you do is not run around telling everyone that something is up. :up:

Thanks for your concern though. I'm doing my best to resolve the issue behind the scenes and we may be moving to a new web host that provides better DDoS security and is willing to cooperate in hunting down those responsible. Our current host doesn't deal very often with this type of situation and hasn't been super helpful to that end.

Link to comment
  • Administrator

We log all of our traffic and when an event like this occurs, there are commands that I can use at the server's shell interface to see which IPs are involved. However, most DDoS attacks involve compromised hosts that are not owned by the person doing the attacking. Which makes it a little more difficult to track back to them.

Link to comment
Guest Astra900
Dude, I heard the DOS attacker hacked a Gibson!
I for one am glad I have no idea what you guys are talking about. Only thinking I know about hacking is that Angelina Jolie was in it!:tough:

995HAC_Renoly_Santiago_007.jpg

It's in that place where I put that thing that time.

Link to comment
  • Administrator
If they are flooding apache you can tune things to better handle the load.

I've made adjustments to Apache but if you know some things that we ought to be doing in http.conf fire them to me via PM. I'm not going to post things publicly about the server.

Thanks.

Link to comment
It is real and it's not an excuse made up by the web host. What other forums have been hit lately?

Not "lately", but defensivecarry.com had a bout with attacks just before first of the year. Pretty sure I've seen a couple of other admins discuss it but can't remember which ones...

- OS

Link to comment
Guest TEBISH
Tracking a DDoS through ip logging is like trying to recover your own piss after pissing in the ocean.

Do I have to pay any type of licensing fees to use that one at a later time? Hilarious.

Link to comment
Guest Mugster
Yep. Logging is a waste of time and resources. Resources are better off spent on mitigation.

I don't know think thats true. You can examine tcp logs with a little script and gen a little firewall rule or simply drop an ip or ipblock in a hosts.deny file or something. I think some level of logging is a good idea...if for no other reason than a record of what took place.

I do think a centralized logserver makes alot of sense.

Bottom line, shut it off at the router or get another provider. Its probably not worth your time trying to track it down, imo. Unless its a principle thing...but you'll lose money doing it.

Edited by Mugster
Link to comment
I don't know think thats true. You can examine tcp logs with a little script and gen a little firewall rule or simply drop an ip or ipblock in a hosts.deny file or something. I think some level of logging is a good idea...if for no other reason than a record of what took place.

I do think a centralized logserver makes alot of sense.

Bottom line, shut it off at the router or get another provider. Its probably not worth your time trying to track it down, imo. Unless its a principle thing...but you'll lose money doing it.

Loggin to block traffic is one thing but to track it is another. odds are people on this vary forum participate in dos attacks. Personally I wouldn't have a server on the public wire. However, sometimes funding is an issue and thus security suffers.

Typically providers will not install filters in their equipment. Most cases they will instruct you to install your own device. The problem is if the service you have is rated on bandwidth. In that case you end up paying more in usage charges (which is what they want) then it would cost to co-locate a firewall.

It really sucks. I ran IRC servers on both IRCNET and Undernet for years. You haven't seen DOS attacks untill you have dealt with that. We had a smurf attack so bad one time it took down our backbone's core router in Chicago. We had to have then NULL route our netblock for a few hours becasue the flood saturated our DS3.

Oh and by the way.. a DS3 back in early 90's was a HUGE pipe. Unlike the multi-gigabit connections of today.

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

TRADING POST NOTICE

Before engaging in any transaction of goods or services on TGO, all parties involved must know and follow the local, state and Federal laws regarding those transactions.

TGO makes no claims, guarantees or assurances regarding any such transactions.

THE FINE PRINT

Tennessee Gun Owners (TNGunOwners.com) is the premier Community and Discussion Forum for gun owners, firearm enthusiasts, sportsmen and Second Amendment proponents in the state of Tennessee and surrounding region.

TNGunOwners.com (TGO) is a presentation of Enthusiast Productions. The TGO state flag logo and the TGO tri-hole "icon" logo are trademarks of Tennessee Gun Owners. The TGO logos and all content presented on this site may not be reproduced in any form without express written permission. The opinions expressed on TGO are those of their authors and do not necessarily reflect those of the site's owners or staff.

TNGunOwners.com (TGO) is not a lobbying organization and has no affiliation with any lobbying organizations.  Beware of scammers using the Tennessee Gun Owners name, purporting to be Pro-2A lobbying organizations!

×
×
  • Create New...

Important Information

By using this site, you agree to the following.
Terms of Use | Privacy Policy | Guidelines
 
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.