|
Forum Rules | Firearms Safety | Firearms Photos | Links | Library | Lost Password | Email Changes |
Register | FAQ | Calendar | Today's Posts | Search |
|
Thread Tools | Search this Thread |
May 28, 2007, 08:16 PM | #101 | |
Junior Member
Join Date: August 11, 2006
Posts: 3
|
Quote:
A. "What?" B. "I think we should take it!" C. "You should take it and I'll take the low road and I'll be in Scotland afore ye." While THR is a great board and a lot of good is accomplished there, it isn't that high up on anyone's radar. It may just be that someone found it was a server that could be easily taken down. Most of these things, be the DOS or defacements are down because the site vunerable, not because of the site's content. |
|
May 28, 2007, 08:20 PM | #102 |
Senior Member
Join Date: October 17, 2006
Location: Richmond, VA
Posts: 167
|
My guess is that it's personal and not related to gun politics at all. Someone who has a grudge against Oleg or some geek who got booted off of THR because he was trolling.
If it was just gun related, the attacker would also be going after TFL, Glock Talk, ARFcom, etc. |
May 28, 2007, 08:26 PM | #103 |
Senior Member
Join Date: April 2, 2007
Location: In Oz, next door to the Lollipop Guild's HQ
Posts: 404
|
I really hope your right, txgho1911 and Jorg. Your reasoning sounds plausible so it may very well be the case.
I certainly hope they catch whoever is responsible. RNB65, I'd thought of that, but, the conspiracy theory sites I surf are starting to rub off on me. Does it show? |
May 28, 2007, 08:27 PM | #104 |
Member
Join Date: June 29, 2002
Location: Saint Paris, Ohio
Posts: 21
|
Molon Labe from THR here.
Where do we send donations? |
May 28, 2007, 08:32 PM | #105 |
Junior Member
Join Date: May 28, 2007
Posts: 10
|
THR DoS refugee checking in :)
I popped over here (my first time? probably have read indiv. threads here once in a while when google pointed me here) just to see if it was *me* who couldn't get to THR, or if the site was truly down.
And what the hey, my THR user name was available, so why not register? Glad to see so many familiar names here, even if I'm likely to use THR mostly (when it's back up) -- TFL seems like a nice board, but I need to limit my addictions. As someone (or several) has pointed out, getting past a determined DoS / DDos attack is really tough; I used to work for a site that was attacked pretty much every day, and it took dedicated sysadmins (a job I couldn't do and wouldn't want), a good ISP, and some very smart coders constantly narrowing the gates to even keep things bearable. timothy |
May 28, 2007, 09:14 PM | #106 | ||
Senior Member
Join Date: August 14, 2006
Location: Huntsville, AL
Posts: 437
|
Quote:
Send paypal to [email protected]. Make a note in the paypal description field that it is for THR maintenance (or APS maintenance, etc.) so he will know what the funds are allocated for. Derek also made note of an address you could send a check if you wanted. But I didn't note it, as I preferred an online transaction. Maybe someone else here can provide that info. [ETA: See below for physical address at which you may send a check - Thank John for providing that info.] Quote:
That's when I began to think that maybe it was something more organized that just a pimple-nosed goober fooling around. But who knows... Last edited by tydephan; May 29, 2007 at 08:04 AM. |
||
May 28, 2007, 09:38 PM | #107 |
Senior Member
Join Date: December 6, 1999
Location: Richmond, Virginia USA
Posts: 6,004
|
DEREK ZEANAH
470 Country Club Road Statesboro GA 30458 Put a note on the check that it's for THR. I have got to stop saving every little scrap of paper. I sent my check last week. John |
May 28, 2007, 09:46 PM | #108 |
Member
Join Date: November 22, 2002
Posts: 31
|
I tried a quick search for anything posted over at DU, along with a Google search. Nothing at DU, and the only results I got for "www.thehighroad.org DOS attack" were here. *shrug*
And now it looks as though DU is down too. Also just finished looking up other DoS and DDoS attacks in the last month. There (as of yet) seems to be no pattern. |
May 28, 2007, 10:13 PM | #109 |
Junior Member
Join Date: May 16, 2007
Location: Metro Milwaukee
Posts: 1
|
What would happen if the offending systems were a victim themselves of a DDOS attack? Would THR and APS come back up.
|
May 28, 2007, 10:26 PM | #110 |
Member
Join Date: November 3, 2006
Location: North Idaho
Posts: 48
|
Probably not
Hear of "zombies" used for DDoS?
A compromised server or workstation is running a DoS bot (without the owner's knowledge). It receives a command to attack a given server. It launches its attack without further intervention from Doctor Evil. The attacks don't track back to Dr. Evil, so nobody hits him. If someone works out it's him and slams his server, it still doesn't kill the DDoS bot, which is running autonomously. Kinda icky.
__________________
"Truth is a dangerous thing: once found, you must never turn your back on it." -- gh@c2 "Look at it this way. If America frightens you, feel free to live somewhere else. There are plenty of other countries that don't suffer from excessive liberty. America is where the Liberty is. Liberty is not certified safe." -- gh@c2 |
May 28, 2007, 10:33 PM | #111 |
Senior Member
Join Date: May 19, 2004
Posts: 259
|
You can also specify a donation is for APS if you spend your time there rather than THR.
|
May 28, 2007, 10:37 PM | #112 | |
Member
Join Date: November 22, 2002
Posts: 31
|
Quote:
DDoS relies on "Zombie" machines that often don't even know what they're doing. Think of it like SkyNet from Terminator 3. It wasn't some evil super-Cray-computer located in one place, but rather a bug that cell phones, PCs, PDAs, campus networks, etc. had. There's what, 270 million people in the United States? Now, not everyone has a PC, but several have at least one or two (and let's assume it balances out). If even .1% of them (270,000) sent a measly 1MB of data to THR, that's about 270GB of bandwidth, in one moment, that THR simply cannot (financially) contend with. A counterattack on those machines responsible would require... let's see... a total of 72,900 Terabytes of information... and it wouldn't even be effective. It'd be easy to pick out another .1% to mount another attack on THR from. Like dealing with weeds, you can't just clip the leaves. You gotta go for the root. And right now, we have no idea just where that root is. Edit: ArfinGreebly explained it more simply... Last edited by dionysusigma; May 28, 2007 at 10:46 PM. Reason: AGH! People posted while I was doing long multiplication! *sigh* Ah well... |
|
May 29, 2007, 01:09 AM | #113 |
Member
Join Date: February 15, 2007
Posts: 75
|
Details
I have seen the "human-check" at various sites that have claimed to be victims of "ddos".
One uses a check-in that has numbers in a background that makes it impossible for machine readers to pick out the random number that is generated for each go at the entry page. Another has a simple math problem that must be solved correctly to enter. A very simple "THR" (or whatever) initial log-in or check-in page would need very little capacity when compared to the normal page delivery- 200K vs. 1.5K, maybe, for example. Resistance to any number crunch program would entail a max. number of potential tries before that address should be placed in a "suspended" file, for at least a measure of time, maybe an hour or day, just like the way that bank password files should act. That type of gateway would entail minimal inconvenience for users, but add an order of magnitude to the difficulty placed in front of "net" attacks. |
May 29, 2007, 01:30 AM | #114 |
Senior Member
Join Date: March 11, 2000
Posts: 1,080
|
I like that idea. I've seen it in use elsewhere. How hard would it be to set up an initial screen, or to limit ANY access to THR to signed in members--as they've done with some other boards?
__________________
"Know that the pistol has no value, we practically don't use it. We need grenades, rifles, machine guns, and explosives." Mordechai Anielewicz, April 23, 1943 |
May 29, 2007, 01:32 AM | #115 |
Member
Join Date: November 3, 2006
Location: North Idaho
Posts: 48
|
Or Not
The attacks are not "spam" attacks, where bots pretend to be people.
These attacks are at a lower level. TCP/IP itself has some vulnerabilities that make it possible to attack using SYN floods and other tricks that force the receiving end to try to "make sense" out of deliberate nonsense. Imagine your phone ringing every few seconds. The caller doesn't have to have a conversation with you, or even speak, but he can effectively tie up the phone (and you with it) and prevent you from using it for anything meaningful. It's possible to achieve essentially the same thing on the 'net, by taking advantage of parts of the protocol that are intended to provide connection and reliability and abusing them to the point where nothing useful can happen along that line.
__________________
"Truth is a dangerous thing: once found, you must never turn your back on it." -- gh@c2 "Look at it this way. If America frightens you, feel free to live somewhere else. There are plenty of other countries that don't suffer from excessive liberty. America is where the Liberty is. Liberty is not certified safe." -- gh@c2 |
May 29, 2007, 01:35 AM | #116 | ||||
Member
Join Date: July 22, 2006
Posts: 99
|
Quote:
Quote:
Quote:
Quote:
Finally just want to say, having a cooperative ISP that actually is around 24/7 to work with you will help greatly. |
||||
May 29, 2007, 02:04 AM | #117 |
Junior Member
Join Date: May 27, 2007
Posts: 13
|
All I know is I wish who-/what-ever is resoponsible for these attacks would find a more deserving place to attack. There are a LOT of them on the internet. Actually, I just wish they would grow up, change out of their diapers, and go away, but I know they won't.
Thanks to TFL for taking THR's wanderers!! It does make me wonder how many new members TFL has picked up this weekend. |
May 29, 2007, 03:53 AM | #118 |
Member
Join Date: March 8, 2007
Location: Gunshine State.
Posts: 15
|
All weekend without my HighRoad
|
May 29, 2007, 05:48 AM | #119 |
Member
Join Date: May 28, 2007
Location: DFW, Tx
Posts: 17
|
TFL, not just for firearms any more.
I have learned more about cyber attacks here than anywhere else, did not expect that. It just goes to show you, an attack can be at any place, any time, and in any form. |
May 29, 2007, 08:45 AM | #120 | |
Junior Member
Join Date: May 25, 2004
Posts: 12
|
Puts on TinFoil HAT!
Quote:
[takes off TinFoil Hat] Hell of a coincidence though... |
|
May 29, 2007, 08:56 AM | #121 | |
Staff
Join Date: March 20, 1999
Location: Somewhere in the woods of Northern Virginia
Posts: 16,955
|
Quote:
We have picked up 140 new members this weekend up to this point today. Last weekend we picked up about 70 for the same number of days and partial days. (I say "about" because I can't break it down by the hour.) So the rate of adding new members has just about doubled since THR went down. |
|
May 29, 2007, 08:58 AM | #122 |
Senior Member
Join Date: October 9, 2001
Posts: 186
|
1919A4.com has also been down
|
May 29, 2007, 09:09 AM | #123 |
Member
Join Date: November 17, 2002
Location: Athens, AL, & Louisville, KY, USA
Posts: 18
|
It also appears that 1911forum.com is down although the site does respond to pings.
__________________
Scott |
May 29, 2007, 09:13 AM | #124 |
Senior Member
Join Date: August 14, 2006
Location: Huntsville, AL
Posts: 437
|
Mal,
I'm genuinely curious as to how TFL seems to be missing the attacks here. Is it because the site isn't as "big" as some of the others the recent attacks have effected? Or do you guys have that much better of a host than THR? |
May 29, 2007, 09:17 AM | #125 |
Staff
Join Date: March 20, 1999
Location: Somewhere in the woods of Northern Virginia
Posts: 16,955
|
tydephan - I have no clue on that aspect of TFL. Our local expert and sysadmin, tyme, should be along shortly to explain.
|
|
|