Slow Forums: PF Under DDOS Attack

  • Thread starter Thread starter Borek
  • Start date Start date
  • #61


mugaliens said:
Greg, have you contacted the FBI, or the RCMP?

I'm not sure they'd care. DoS attacks are quite common.

To make this day even worse, the FedEx man just put a package under my door handle effectively locking me in. I seriously can't get out of my apartment now. I may have to jump off my 2nd floor balcony.
 
Physics news on Phys.org
  • #62


mugaliens said:
Apparently, these particular geeks don't appreciate open platform discussions about some things.

Greg, have you contacted the FBI, or the RCMP? Don't know whether your server is in the U.S. or Canada. Regardless, any sustained attack like this violates some key U.S. laws of the kind the FBI takes interest. I'm also aware of certain edge (as in U.S. electronic border) tracking stations which record anything bound for any IP in the U.S. If it's routed, it can be tracked back to at least the station immediately prior. On the other hand, if it's a DDoS attack originating from virii/trojans/worms within the U.S., a call to Symantec and a couple other leading antivirus manufacturers might prove helpful. Might be helpful if it's a DDoS from the outside, as well.

In my experience, if this is a sustained attack by a "pro", it's going to originate outside of the west, and beyond any kind of meaningful enforcement. Each bot might be anywhere, but not the controller of the network... still, contacting authorities is the right move... it just won't usually help.

I offer Dalnet as an example, and also as an indicator that this is just a script kiddy with only slightly more bots than brains.
 
  • #63


Greg Bernhardt said:
I'm not sure they'd care. DoS attacks are quite common.

To make this day even worse, the FedEx man just put a package under my door handle effectively locking me in. I seriously can't get out of my apartment now. I may have to jump off my 2nd floor balcony.

Jesus Greg... did you piss off a gypsy fortune teller or something?! :wink:

Um... and don't jump, just call a neighbor!
 
  • #64


G01 said:
Seriously though, what has this forum ever done to anybody?
Rumor has it it involves Julian Assange and Anonymous. :wink:
 
  • #65


After using an exhaustive suite of computer forensics tools, I've discovered the cause of the slowdown...

It's all these posts in this thread!
 
  • #66


Greg Bernhardt said:
I'm not sure they'd care. DoS attacks are quite common.

To make this day even worse, the FedEx man just put a package under my door handle effectively locking me in. I seriously can't get out of my apartment now. I may have to jump off my 2nd floor balcony.
Call Fedex and have them send the guy back to untrap you.
 
  • #67


This has escalated into a very serious attack. I appreciate everyone's patience!

Patience and whatever support we can.

That probably means just sitting the misceants out - So be it.

In particular, Greg, don't take this personally, you are doing a great job with a great site.
 
  • #68


Andre said:
It's a good habit to hit <ctrl A> and <crtl C> (windows) before clicking 'post reply'.

then when disaster strikes <ctrl V> does the trick, unstriking.
Or if you run Firefox, the "Lazarus" addon saves form information for you as you go so it can be recovered if something happens. I almost never need it, but when I do, it's nice to have. It's pretty annoying typing out a long post and losing it!
 
  • #69


I'm being patient. At this point, though, I'm curious as all heck.
 
  • #70


vela said:
Rumor has it it involves Julian Assange and Anonymous. :wink:

I wish... known targets make life so much easier, and hackers have rivels.

Whoever this is...well... I hope their personal information finds it way into the hands of unscrupulous Turkish or Romanian hackers.
 
  • #71


Greg Bernhardt said:
I'm not sure they'd care. DoS attacks are quite common.

To make this day even worse, the FedEx man just put a package under my door handle effectively locking me in. I seriously can't get out of my apartment now. :cry: I may have to jump off my 2nd floor balcony.
Greg,

Sorry, but that is a funny, makes you wonder about the intellect of the FedEx Delivery person though. Good to see you are still keeping your wits and sense of humor, kick the damn door, (it will relieve stress from the DOS attack too, lol) the package may fly a bit, but so what, or call a neighbor close by.

Rhody...:redface:
 
  • #72


This is getting really annoying. However, as I am not trapped in my apartment, I guess things can get worse...(good luck with that Greg!)
 
  • #73


Yeah, it's pretty bad. But I have faith that it'll get fixed.
 
  • #74


Keep the updates coming. We are continually making adjustments.
 
  • #75


I have been trying to swap PMs with another member. That is an exercise in futility. If you PM, save your message in NotePad or similar so you won't have to re-type it.
 
  • #76


Plus getting tons of 101 errors when trying to view a thread, or view a new post, or search to see if new posts have been made in a thread.
 
  • #77


Greg Bernhardt said:
They are targeting PF's IP addy. We are on a dedicated server.

That's easy to fix:
[hidefromhackers]
1) Ask your ISP for a new static IP with no DNS listing
2) Send an e-mail to all unbanned members saying: "this is where the real party's at: (new IP address)
3) Leave a shell server on the normal PF address to make the hackers think that their hacking is actually working
[/hidefromhackers]

Problem: solved :wink:
mugaliens said:
Apparently, these particular geeks don't appreciate open platform discussions about some things.
Interestingly (sort of), I did a little google search to see if there was some kind of loser movement going on to block PF and all I could find was about "censorship" on PF from some banned member *cough*crackpot*cough* but it was a few years old.
 
  • #78


The problem is that much like an assassin, you need to either buy off a DDOS'er, or better, neutralize them. One is just inviting blackmail, and the latter is illegal.
 
  • #79


nismaratwork said:
The problem is that much like an assassin, you need to either buy off a DDOS'er, or better, neutralize them. One is just inviting blackmail, and the latter is illegal.

See my earlier post about the protection racket against bums. It makes no sense to target a place like this if the goal is blackmail. What are we going to pay them with? Gluons?
 
  • #80


caffenta said:
That's easy to fix:
[hidefromhackers]
1) Ask your ISP for a new static IP with no DNS listing
2) Send an e-mail to all unbanned members saying: "this is where the real party's at: (new IP address)
3) Leave a shell server on the normal PF address to make the hackers think that their hacking is actually working
[/hidefromhackers]

Problem: solved :wink:

Interestingly (sort of), I did a little google search to see if there was some kind of loser movement going on to block PF and all I could find was about "censorship" on PF from some banned member *cough*crackpot*cough* but it was a few years old.
Not "problem solved" but problem exacerbated. If Greg can't maintain a stable open site with which to interact with advertisers, there goes all the advertising income for views, click-throughs, etc.
 
  • #81


It wasn't a serious "solution". Just trying to keep people's spirits up in these difficult times, is all.
 
  • #82


caffenta said:
See my earlier post about the protection racket against bums. It makes no sense to target a place like this if the goal is blackmail. What are we going to pay them with? Gluons?

Presumably privelages... that's the ususal goal beyond mere destruction of these kind of underdeveloped bridge troll-snot.

Your idea, while interesting, is so easily circumvented as to be impractical; the reality is that you have fragmentation of the community... again, see Dalnet.

Anyway, you could reverse what you said, or rather, invert it, and make a canary trap out of it, but that would take more work than just using a few illegal tools to remove the problem directly. A botnet is, by definition, not a secure entitiy; it can be subverted and turned.
 
  • #83


nismaratwork said:
Anyway, you could reverse what you said, or rather, invert it, and make a canary trap out of it, but that would take more work than just using a few illegal tools to remove the problem directly. A botnet is, by definition, not a secure entitiy; it can be subverted and turned.

Trap, eh? It gives me an idea: the PF Sisterhood that lisab alluded to earlier in the thread.

It's very likely that the hacker is just some geek or a collection of geeks living in their parent's basement, yes? When confronted by girls, said geeks will either:

a) Run away in fear and leave us alone
b) Be attracted by the Sisterhood's beautiful Siren songs. Then we can trap them with some kind of confinement field. We know how to build a confinement field, right? We're physicists. Of course we know! And if the confinement field fails, the Sisterhood will just kick their sorry butts like lisab said. In fact, forget the confinement field altogether.

:smile:
 
Last edited:
  • #84


caffenta said:
Trap, eh? It gives me an idea: the PF Sisterhood that lisab alluded to earlier in the thread.

It's very likely that the hacker is just some geek or a collection of geeks living in their parent's basement, yes? When confronted with girls, said geeks will either:

a) Run away in fear and leave us alone
b) Be attracted by the Sisterhood's beautiful siren songs. Then we can trap them with some kind of confinement field. We know how to build a confinement field, right? We're physicists. Of course we know! And if the confinement field fails, the Sisterhood will just kick their sorry butts like lisab said. In fact, forget the confinement field altogether.


:smile:

What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?
 
  • #85


nismaratwork said:
What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?

what if I slipped in your IP by mistake? :biggrin:
 
  • #86


nismaratwork said:
What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?
My new neighbor is a networking geek with his own company. Maybe if some of us knew more about the DoS, we could help resolve it. I'd ask him - he and his new bride are smitten with this neighborhood and their new neighbors. Maybe I can get my wife to bribe him with some garlic/rosemary/sun-dried tomato infused artisan bread...
 
  • #87


Greg Bernhardt said:
what if I slipped in your IP by mistake? :biggrin:

Hmmmmm...

1.) Which one?
2.) I'd hate to lose a good BNC... routing traffic isn't as fun as it used to be.
3.) It would be worth the trade.
 
  • #88


nismaratwork said:
What if it IS a girl? :smile:
Have you ever met a girl that would waste her time on something as pointless as a DoS attack? I mean, honestly. Even the geekiest girl is nowhere near the geek level of a geeky guy. There's a geekness bandgap or something.

I stand by my hypothesis: the hacker is a guy in his parents' basement.
 
  • #89


caffenta said:
Have you ever met a girl that would waste her time on something as pointless as a DoS attack? I mean, honestly. Even the geekiest girl is nowhere near the geek level of a geeky guy. There's a geekness bandgap or something.

I stand by my hypothesis: the hacker is a guy in his parents' basement.

Actually, yeah, I've met a few, but they are rare creatures, and very shy. You can coax them out with strawberries in a goblet with fresh whipped cream, but the slightest noise startles them.

:biggrin:
 
  • #90


nismaratwork said:
Actually, yeah, I've met a few, but they are rare creatures, and very shy. You can coax them out with strawberries in a goblet with fresh whipped cream, but the slightest noise startles them.

:biggrin:
Well, if they are the culprit, there is an even easier solution: we just start typing in ALL CAPS. That'll freak them out. :-p
 

Similar threads

PF Slow Again - Possible DDoS Attack?
  • · Replies 4 ·
Replies
4
Views
2K
Bug Slow Forum Apr 8: Limited Access, JS Error
  • · Replies 7 ·
Replies
7
Views
2K
Chemical Forums down, or how I learned what slowloris is
  • · Replies 8 ·
Replies
8
Views
1K
Complaint Possible Causes of Slow Response from PF and Solutions for Users and Staff
  • · Replies 22 ·
Replies
22
Views
5K
  • Sticky
Announcement Easy ways you can support Physics Forums
  • · Replies 97 ·
4
Replies
97
Views
50K
JavaScript PF Alert Machine: Can I Monitor Forum Alerts Without Logging In?
  • · Replies 3 ·
Replies
3
Views
1K
Could we make a practical solar fridge?
  • · Replies 30 ·
2
Replies
30
Views
4K
ABC reference frame synchronous generator modelling in Ltspice
  • · Replies 1 ·
Replies
1
Views
3K
11 reasons why you should be a Gold Member
  • · Replies 13 ·
Replies
13
Views
3K
Undergrad Lorentz Transformation: Premises + Derivation
  • · Replies 5 ·
Replies
5
Views
2K