sott site won't download again.
- Thread starter Gimpy
- Start date
Palinurus
The Living Force
Re: sott.net down
I thought as much, since nothing comes through for two days where I live (Amsterdam). Not even slow going.
I used the links dant gave to track a trace several times but got no specific results. Every time the trace fades somewhere in the cyber jungle, not always at the same point of connection as well. So, inconclusive for the moment.
Is anything known about the type of attack (thank you Guardian for guessing away) and/or any source where it might come from specifically?
Guess we have to wait and see till it's over...
Annoying, to say the least.
I thought as much, since nothing comes through for two days where I live (Amsterdam). Not even slow going.
I used the links dant gave to track a trace several times but got no specific results. Every time the trace fades somewhere in the cyber jungle, not always at the same point of connection as well. So, inconclusive for the moment.
Is anything known about the type of attack (thank you Guardian for guessing away) and/or any source where it might come from specifically?
Guess we have to wait and see till it's over...
Annoying, to say the least.
dant
The Living Force
Re: sott.net down
From what I can tell, cassiopaea.com, cassiopaea.org
is fast, but sott.net is very slow and timeout very often.
All three from my end stops traces at atlas.cogentco.com.
But here is an online traceroute tool that checks routes from
4 different locations. It may give some information as what
is going on? Here is the link: _http://just-traceroute.com/
From what I can tell, cassiopaea.com, cassiopaea.org
is fast, but sott.net is very slow and timeout very often.
All three from my end stops traces at atlas.cogentco.com.
But here is an online traceroute tool that checks routes from
4 different locations. It may give some information as what
is going on? Here is the link: _http://just-traceroute.com/
Re: sott.net down
I just posted the following on FB:
SOTT.net is definitely under attack by some sort of botnet thing. Webmaster tells me: I see signs of an attack on the server - it's called a SYN attack, for brievity here's how Wikipedia defines it:
"A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic."
So I'm gonna send a message to the hosting company asking them to look into it and block the attackers.
Next he wrote (this was yesterday) "Unfortunately the hosting company doesn't do any sort of denial of service protection, so they can't do anything to stop it at this point - so they say. But I did ask if they can look at the network traffic and tell us what IPs it's coming from. As of right now the attack is still happening so I stopped the Web service temporarily thinking maybe that'll make 'em stop and go away. "
Then he wrote: "So based on what I'm seeing now, whoever is doing this appears to be using a botnet to launch the attack because there are so many different IP addresses - typical indicator of a botnet attack. And they're keeping anywhere from 100 to 160 bots aimed at the server at any given time."
And today: "The attack tapered off overnight and the server response time was fine earlier this morning, but it looks like an attack has started again. It's making the site slow (and incidentally that might be why previews on Facebook don't work)."
I just posted the following on FB:
SOTT.net is definitely under attack by some sort of botnet thing. Webmaster tells me: I see signs of an attack on the server - it's called a SYN attack, for brievity here's how Wikipedia defines it:
"A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target's system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic."
So I'm gonna send a message to the hosting company asking them to look into it and block the attackers.
Next he wrote (this was yesterday) "Unfortunately the hosting company doesn't do any sort of denial of service protection, so they can't do anything to stop it at this point - so they say. But I did ask if they can look at the network traffic and tell us what IPs it's coming from. As of right now the attack is still happening so I stopped the Web service temporarily thinking maybe that'll make 'em stop and go away. "
Then he wrote: "So based on what I'm seeing now, whoever is doing this appears to be using a botnet to launch the attack because there are so many different IP addresses - typical indicator of a botnet attack. And they're keeping anywhere from 100 to 160 bots aimed at the server at any given time."
And today: "The attack tapered off overnight and the server response time was fine earlier this morning, but it looks like an attack has started again. It's making the site slow (and incidentally that might be why previews on Facebook don't work)."
Franco
Jedi Master
Re: sott.net down
DDOS attacks are very difficult to deal with unfortunately and can be expensive since you generally have to pay someone or extra money to a host to deal with it.
Logs are pointless as they are probably zombie/rooted computers and/or spoofing involved.
Your host will usually assist you as much as they can for free.
Unless it's someone that really doesn't like sott.net they will just get bored and go away usually after a few hours to days.
DDOS attacks are very difficult to deal with unfortunately and can be expensive since you generally have to pay someone or extra money to a host to deal with it.
Logs are pointless as they are probably zombie/rooted computers and/or spoofing involved.
Your host will usually assist you as much as they can for free.
Unless it's someone that really doesn't like sott.net they will just get bored and go away usually after a few hours to days.
Yozilla
The Living Force
Re: sott.net down
I am intrigued that there is a such a coordinated botnet attack going on because it could be a main indicator of some important matters: I/we are here on significant path and that is bothering "someone" that usually use mostly indirect ways of bad influence. Maybe their resources for plotting on higher level start do deplete due to Galactic wave and they are forced to lower the level of obstruction ...
I am intrigued that there is a such a coordinated botnet attack going on because it could be a main indicator of some important matters: I/we are here on significant path and that is bothering "someone" that usually use mostly indirect ways of bad influence. Maybe their resources for plotting on higher level start do deplete due to Galactic wave and they are forced to lower the level of obstruction ...
Guardian
The Cosmic Force
Re: sott.net down
Not in a network like this one. I have the feeling we can find whatever skills we need.
Franco said:
Not in a network like this one. I have the feeling we can find whatever skills we need.
Logs are useful in that they can tell you what kind of attack you're dealing with. Then there's the fact that certain people like certain toys. All kinds of patterns in them there logs. :)
B
Bar Kochba
Guest
Re: sott.net down
Sott is still slow for me, but not quite as slow as yesterday. And the FB sharer still takes a couple tries to get it to function correctly, but at least now I can get the photo and summary with the link.
Pinches tiranitos chiquititos!
Sott is still slow for me, but not quite as slow as yesterday. And the FB sharer still takes a couple tries to get it to function correctly, but at least now I can get the photo and summary with the link.
Pinches tiranitos chiquititos!
Franco
Jedi Master
Re: sott.net down
Network security is a very specialised field Gaurdian, the only people who can help with this would be hackers or security specialists and the advantage is always with the attackers in this game.
It's very easy to use and abuse other peoples networks and computers over and over again, anonymously, how do you think Anonymous and Lulsec can get away with attacking government and corporation networks who in fact have security specialists and bring down their networks for days/weeks.
This is a worldwide problem that will probably be used as an excuse in the future to lockdown the internet unfortunately, wouldn't be too difficult to launch some false flag operations online.
Network security is a very specialised field Gaurdian, the only people who can help with this would be hackers or security specialists and the advantage is always with the attackers in this game.
It's very easy to use and abuse other peoples networks and computers over and over again, anonymously, how do you think Anonymous and Lulsec can get away with attacking government and corporation networks who in fact have security specialists and bring down their networks for days/weeks.
This is a worldwide problem that will probably be used as an excuse in the future to lockdown the internet unfortunately, wouldn't be too difficult to launch some false flag operations online.
Guardian said:
Guardian
The Cosmic Force
Re: sott.net down
Correct, which is exactly why I think we probably have the skills we need available in this network. As I understand it, there really are more options available than just creating packet filters, up'ing your queue, and tweaking your stacks?
OF course it's up to SOTT Admin, I'm sure they'll ask for help if they need it. :)
Franco said:
Correct, which is exactly why I think we probably have the skills we need available in this network. As I understand it, there really are more options available than just creating packet filters, up'ing your queue, and tweaking your stacks?
OF course it's up to SOTT Admin, I'm sure they'll ask for help if they need it. :)