OrangeDragon wrote:As I'd said in the arena when I thought it was KiR... it's not a high brain operation. You can literally google "rent a DDoS" and get a ton of resources telling you how to go rent one from people who ARE tech wizards for like $3-4 an hour. Crazy cheap, crazy easy.

If it's that cheap and easy, given how much time and effort some people put into sock puppets, trolls and spamming their personal internet obsession, I'm surprised this sort of attack doesn't happen more often.

LTO wrote:

OrangeDragon wrote:As I'd said in the arena when I thought it was KiR... it's not a high brain operation. You can literally google "rent a DDoS" and get a ton of resources telling you how to go rent one from people who ARE tech wizards for like $3-4 an hour. Crazy cheap, crazy easy.

If it's that cheap and easy, given how much time and effort some people put into sock puppets, trolls and spamming their personal internet obsession, I'm surprised this sort of attack doesn't happen more often.

Fear of getting caught stops a lot of people. Damages can be sued for, and a lot of countries have laws against such attacks (though not all). Many of the sources for renting them are actually sting operations by police.

On top of that, sites that use multiple farmed servers (like FB/Youtube/etc) are much harder to take down... as are sites that use a DNS layer protection like we now have. As I said as it was beginning to recover, I'd actually started the protection process the day before it happened, but got tired and never finished it. Had it come a day later we wouldn't have even faltered and the effort would have been wasted. Unless they sprung for a much more powerful and planned out attack that is... which would then cost a lot more money than a simple flood attack.

Many also hold the belief that it's more difficult than it is, so don't bother to even check into it. And many want to be able to claim credit for the disruptions they cause, which they can't do it they did them illegally.

OrangeDragon wrote:Unless they sprung for a much more powerful and planned out attack that is... which would then cost a lot more money than a simple flood attack.

Not necessarily. See spoofed source ipnum based amplification attacks in general, such as DNS/NTP:

http://blog.cloudflare.com/technical-de ... os-attack/
https://www.us-cert.gov/ncas/alerts/TA13-088A

OrangeDragon wrote:On top of that, sites that use multiple farmed servers (like FB/Youtube/etc) are much harder to take down...

Sometimes those very same services can be used to bite you in the ass. http://chr13.com/2014/03/10/using-googl ... y-website/

And let's not forget that not every DoS is network flood based, service crashes and socket locks (RFC 1337 TCP NET_WAIT hazard, e.g.) exist.

BOFH wrote:

OrangeDragon wrote:Unless they sprung for a much more powerful and planned out attack that is... which would then cost a lot more money than a simple flood attack.

Not necessarily. See spoofed source ipnum based amplification attacks in general, such as DNS/NTP:

http://blog.cloudflare.com/technical-de ... os-attack/
https://www.us-cert.gov/ncas/alerts/TA13-088A

but even with that, cloudflare is on top of it and mitigating it. fantastic service really. and just verified we're not an open NTP relay.

BOFH wrote:

OrangeDragon wrote:On top of that, sites that use multiple farmed servers (like FB/Youtube/etc) are much harder to take down...

Sometimes those very same services can be used to bite you in the ass. http://chr13.com/2014/03/10/using-googl ... y-website/

And let's not forget that not every DoS is network flood based, service crashes and socket locks (RFC 1337 TCP NET_WAIT hazard, e.g.) exist.

[/quote]
haha, that google attack is priceless. of course the cloudflare "no hotlinking" should probably prevent it from impacting the server.

Those other attacks are a little more sophisticated, and likely would cost the renter significantly more. nothing is 100% hack proof unless it's unplugged and sitting in a closet, but hiding behind cloudflare (with the new IP and closed sown zone rules to keep it that way) and a decent firewall setup seems to do a really good job of cutting off most of it.

...look what the fukn cat dragged in... [Most of this post deleted by mod. Mackevili]

Hotdigr wrote: ...look what the fukn cat dragged in... [Most of this post deleted by mod. Mackevili]

On the turps again?

I hope so or your level of literacy is much lower than I previously thought. And I didn't think there was much to begin with...

Yeah mate, so pissed I can't see straight. You don't know me or my life cob, so why comment...[Most of this post deleted by mod. Mackevili]

Well Dig3r, actually we are talking about a very sensitive, but important issue here. Let's see whether the posters here can solve the problem in a civilized way. And I agree with Hotdigr.......the problem HAS to be solved.

Hotdigr wrote:Yeah mate, so pissed I can't see straight. You don't know me or my life cob, so why comment... [Most of this post deleted by mod. Mackevili]

I'm just a poster that's noticed you've done the whole keyboard warrior thing when you've been pissed before. Aye..

True, I don't know you. I never will. I hope for the sake of others that do know you that you're very different irl than you are on here.

Aye

If you don't want comments save it for PM. No one is impressed by the way.