Slow Forums: PF Under DDOS Attack

  • Thread starter Thread starter Borek
  • Start date Start date
AI Thread Summary
Physics Forums is currently experiencing significant slowdowns and connectivity issues due to a DDoS attack that began earlier in the day. Users are reporting long page load times, errors related to MySQL, and intermittent access to the site and chat features. The forum's team is actively working with their data center to mitigate the attack, but performance may remain inconsistent as the firewall catches up. Discussions among users speculate on the motivations behind the attack, expressing frustration and confusion over why such a community would be targeted. Overall, while some users report improvements, many still face challenges with site functionality.
  • #151
Isaacsname said:
... I thought it was something I said..

... how do you know it wasn’t?? :bugeye:


(:smile:)
 
Physics news on Phys.org
  • #152
1:23 PM EST Southeast Florida -- responding ok now. Thanks GB.
 
  • #153
2:00 PM EST -- Been working normally fast for the past half hour.
 
  • #154
Thank you for your efforts! It's working for me now too!
 
  • #155
"Mission Accomplished"

We have to reclaim that phrase! With "Winner" going down the toilet after all...
 
  • #156
DevilsAvocado said:
... how do you know it wasn’t?? :bugeye:


(:smile:)

"...ulp "
 
  • #157
It's working pretty good these past few hours.
 
  • #158
All is going well for me. It seems we survived.

Thanks a lot Greg for spending your entire weekends on this!
 
  • #159
Can we start DDoSing the Creationist Scientologists now?
 
  • #160
Char. Limit said:
Can we start DDoSing the Creationist Scientologists now?

ROUND 2: PF fights back. :biggrin:
 
  • #161
Char. Limit said:
Can we start DDoSing the Creationist Scientologists now?

If it were legal...
 
  • #162
nismaratwork said:
If it were legal...

Was what they did legal? I say that http://en.wikipedia.org/wiki/Two_wrongs_make_a_right" !

:biggrin:
 
Last edited by a moderator:
  • #163
Char. Limit said:
Was what they did legal? I say that http://en.wikipedia.org/wiki/Two_wrongs_make_a_right" !

:biggrin:

Ahhh... sweet reciprocal justice... don't tempt me! :smile:
 
Last edited by a moderator:
  • #164
Char. Limit said:
Can we start DDoSing the Creationist Scientologists now?

Yeah, we got to do(s) something. Now they’re saying DOS 6.2 is only a couple of days old, and blessed... I’m worried... they are quickly gathering more "evidence"...

5057_1070935702572_1501519283_185064_6805494_n.jpg


Good to see that Evo has taken the fight with these living dinosaurs!
Evowiki_logo.png


:smile:
 
  • #165
Isaacsname said:
"...ulp "

Cool. :cool: I just knew it; you are an expert on network layers, http://en.wikipedia.org/wiki/Upper_layer_protocol" !
 
Last edited by a moderator:
  • #166
Any idea who was behind it?
 
  • #167
Fredrik said:
Any idea who was behind it?

Char. Limit said:
Creationist Scientologists

Trust me. :biggrin:
 
  • #168
Fredrik said:
Any idea who was behind it?

Why the past tense. It's still happening :) We'll never know.
 
  • #169
Geez, who the heck would DDOS forums about physics? The last couple of days was nightmare. But now PF loads fine, but with a slight lag.
 
  • #170
Maybe this is related or not but just yesterday the French finance ministry was hit:

http://www.physorg.com/news/2011-03-spectacular-cyber-french.html

The French finance ministry has shut down 10,000 computers after a "spectacular" cyber attack from hackers using Internet addresses in China, officials and reports said Monday.
 
  • #172
Greg Bernhardt said:
Why the past tense. It's still happening :) We'll never know.

We could... you're just too darned moral to take those steps, or to take them by proxy. Respectable that, but... frusterating.


@waht: "spectacular" usually means hundreds of thousands of bots in a network... if that had happened here, it wouldn't have been slow, it would have been inaccessible.

The thing that really pisses me off about DDOS, beyond the increase to the cost of throughput, is that it relies on exploiting random people to use as drones! What the hell is the point of compromising so many computers, then abuse their connection... which also drives prices up.

Botnets of all kinds are therefore hunted extensively, but are by nature elusive... they are a very corrosive force on the net. Sadly, the best ways to attack them, are also illegal and immoral.
 
  • #173
nismaratwork said:
We could... you're just too darned moral to take those steps, or to take them by proxy. Respectable that, but... frusterating.


@waht: "spectacular" usually means hundreds of thousands of bots in a network... if that had happened here, it wouldn't have been slow, it would have been inaccessible.

The thing that really pisses me off about DDOS, beyond the increase to the cost of throughput, is that it relies on exploiting random people to use as drones! What the hell is the point of compromising so many computers, then abuse their connection... which also drives prices up.

Botnets of all kinds are therefore hunted extensively, but are by nature elusive... they are a very corrosive force on the net. Sadly, the best ways to attack them, are also illegal and immoral.

Hey, botnets can be used for good. I offer up as an example the botnets that DDoS'd Ben Ali's websites in Tunisia, showing internet support for the revolutionaries. Tunisian revolutionaries actually credited Anonymous for helping them.
 
  • #174
Char. Limit said:
Hey, botnets can be used for good. I offer up as an example the botnets that DDoS'd Ben Ali's websites in Tunisia, showing internet support for the revolutionaries. Tunisian revolutionaries actually credited Anonymous for helping them.

They can subverted for good purposes, but that's still an expoloitation of other computers, and most script kiddies leave computers highly vulnerable as a result of their "exploits".

Hacktivism is good, but not at the expense of bystanders.
 
  • #175
maybe that kid asking for poisons didn't like the DHMO answer
 
  • #176
Proton Soup said:
maybe that kid asking for poisons didn't like the DHMO answer

Next time we'll tell him to mix the bleach with ammonia and take deep breaths...
 
  • #177
Last edited by a moderator:
  • #178
Greg Bernhardt said:
Why the past tense. It's still happening :) We'll never know.
Bobc2's philosophy of physics professor told him (link) that the room down the hall doesn't exist until he walks over there and opens the door, and since I trust everything that philosophers say, even when they contradict other philosophers, I say that this DDOS attack doesn't exist anymore.
 
  • #179
Proton Soup said:
maybe that kid asking for poisons didn't like the DHMO answer
Maybe he was on a IUPAC standards committee and simply didn't like the incorrect nomenclature. Do any of the DoS packets come from iupac.org?
IUPAC committee said:
We will smite PF!
:-p
 
Last edited:
  • #180
nismaratwork said:
... What the hell is the point of compromising so many computers, then abuse their connection...

500px-Botnet.svg.png
 
  • #182
The obvious answer as to "why it was done": for the lulz.
 
  • #183
currently having issues reaching PF, only via phone ATM.
 
  • #184
DevilsAvocado said:
MY botnet is ready for launch!
[PLAIN]http://www.newsupdatez.com/wp-content/uploads/2011/02/Space-Shuttle-Launch.jpg
 
Last edited by a moderator:
  • #185
DevilsAvocado said:
500px-Botnet.svg.png

Yeah, that and piracy, but it doesn't have to make me happy...
 
  • #186
Not perfect but definitely much, much better than 2 days ago. Enough to post without difficulties.
 
  • #187
I'm still occasionally getting time outs in Chrome, but it fixes after a couple refreshes. Doesn't seem like other sites have the same problem. Is the attack still going on?

It could just be my internet connection. It can be dodgy at some pretty random times. (Stupid AT&T)
 
  • #188
Jiggy-Ninja said:
Is the attack still going on?

Yes the attack is still going on.
 
  • #189
Greg Bernhardt said:
Yes the attack is still going on.
DAMN, how long is that now? The OP is from the 6th, has it really been almost a week of continuous DoS? Or have there been breaks at all there?
 
  • #190
Greg Bernhardt said:
Yes the attack is still going on.

Greg,

That may be true, but you have essentially rendered them sort of neutered. Too bad you could not retaliate, legally and technologically of course, my PM ears are open to any news.

Rhody... :mad: :wink:

P.S. Attacks like this remind me why I hate bullies, I had a few run ins with them as a kid and stood up to each one, once I did, and they suffered a bit of humiliation of their own, they stopped each and every time. Enough said.
 
  • #191
rhody said:
Greg,

That may be true, but you have essentially rendered them sort of neutered. Too bad you could not retaliate, legally and technologically of course, my PM ears are open to any news.

Rhody... :mad: :wink:

I am sending in my army of laser equipped squirrels! :D
 
  • #192
Greg Bernhardt said:
I am sending in my army of laser equipped squirrels! :D

Show them no mercy Greg ! Have the squirrels set them on fire !

Rhody... feels better now... NOT...
 
  • #193
assuming the ongoing attack is prohibiting me from reaching PF on my PC?
 
  • #194
Jiggy-Ninja said:
DAMN, how long is that now? The OP is from the 6th, has it really been almost a week of continuous DoS? Or have there been breaks at all there?

Botnets like this tend to be set on one course, then abandoned. The attack attenuates as users of the 'zombie' computers realize that something is wrong, and eventually dies off.

If it's increasing, then there's someone who really wants to be caught, and their absolute lack of effectiveness genuinely offends me.

If you attack a site, especially a forum... DDOS?? Its so cheap... easy; I'm disgusted. This may be the reason that I so dearly want Greg to share info so that... stuff... and stuff.

Forget lasers, send in the PF stormtroopers... I have a favor from a Canadian pal I'd be willing to cash in for this.
 
  • #195
Greg Bernhardt said:
I am sending in my army of laser equipped squirrels! :D
Squirrels suck. Use sharks with frickin' laser beams attached to the heads.

And if the sharks can't reach, send http://www.onepiecewallpaper.net/wallpaper/Miss-Friday-Unluckies/" after them.
 
Last edited by a moderator:
  • #196
nismaratwork said:
Botnets like this tend to be set on one course, then abandoned. The attack attenuates as users of the 'zombie' computers realize that something is wrong, and eventually dies off.

If it's increasing, then there's someone who really wants to be caught, and their absolute lack of effectiveness genuinely offends me.

If you attack a site, especially a forum... DDOS?? Its so cheap... easy; I'm disgusted. This may be the reason that I so dearly want Greg to share info so that... stuff... and stuff.

Forget lasers, send in the PF stormtroopers... I have a favor from a Canadian pal I'd be willing to cash in for this.
So it's the script kiddie equivalent of ringing the doorbell and running away? Except it's more like gluing the doorbell down so the owner has to live with the constant AAAAAAAAAAAAA buzzing in their heads until it gets fixed.

Haven't you watched Star Wars? Stormtroopers can't hit ANYTHING.

Edit: Oops, double post. I'm used to a different forum that auto-merges. Sorry
 
  • #197
Jiggy-Ninja said:
So it's the script kiddie equivalent of ringing the doorbell and running away? Except it's more like gluing the doorbell down so the owner has to live with the constant AAAAAAAAAAAAA buzzing in their heads until it gets fixed.

Got it in one JN! Another example I remember was: Imagine that one clown tries to get into your house...not a problem, turn him away. Now imagine a thousand clowns are indipendantly trying to get into your houe, through the windows, doors, floorboards... it's not skill, it's not even effective... it's brute force.

Script Kiddies... the former bane of my existence...

Jiggy-Ninja said:
Haven't you watched Star Wars? Stormtroopers can't hit ANYTHING.

Edit: Oops, double post. I'm used to a different forum that auto-merges. Sorry

Heh... good point about the Stormtroopers!
 
  • #198
nismaratwork said:
Got it in one JN! Another example I remember was: Imagine that one clown tries to get into your house...not a problem, turn him away. Now imagine a thousand clowns are indipendantly trying to get into your houe, through the windows, doors, floorboards... it's not skill, it's not even effective... it's brute force.

Script Kiddies... the former bane of my existence...
I'm usually pretty good at that sort of thing. Analogy and visualization (and always keeping in mind the limits of those) have been my main modes of thinking for years.

Clown analogy doesn't seems right. A DoS attack isn't trying to gain entry, it's just trying to overload the listener. It'd be more like a celebrity getting mobbed by 10,000 people all asking for an autograph constantly. Wouldn't be able to get anything done in a state like that.

Now I'm curious. Why "former"? Did you get out of network administration, get promoted so you no longer have to deal with that stuff, or what?

Why do you say they aren't effective? It may not be the most efficient or elegant means of attack, but this thread alone should be proof that it's effective at something.
 
  • #199
Jiggy-Ninja said:
I'm usually pretty good at that sort of thing. Analogy and visualization (and always keeping in mind the limits of those) have been my main modes of thinking for years.

Clown analogy doesn't seems right. A DoS attack isn't trying to gain entry, it's just trying to overload the listener. It'd be more like a celebrity getting mobbed by 10,000 people all asking for an autograph constantly. Wouldn't be able to get anything done in a state like that.

Now I'm curious. Why "former"? Did you get out of network administration, get promoted so you no longer have to deal with that stuff, or what?

The analogy works either way; the idea is to demonstrate the notion of overwhelming force; your's is better in explaining the extreme noise-signal effect caused by a DDOS. Still, don't underestimate them, just because Greg knows his stuff, doesn't mean some of those packets aren't malicious beyond "noise".

As for former, yet, I was in it and I left because of the rise of the script-kiddy. I saw the landscape change from a few people using what they could, exploiting large companies (not right, but I was young) and the like. That turned into getting a few computers to become scanners of multiple subnets to find new computers... rinse, repeat. Money started to come into the equation, and that was never something I wanted to be a part of.

Dalnet falling to some anonymous Turkish botnet was nearly the final straw, and once I'd reformed the people I cared about in a new network, I handed over the reigns to a friend and never looked back.

Jiggy-Ninja said:
Why do you say they aren't effective? It may not be the most efficient or elegant means of attack, but this thread alone should be proof that it's effective at something.

Oh, they can be effective, but you need to match your attack to your target! A forum is a very soft target, with new ways to undermine them available to those who want them... this is crude. Moreover, the site remained in operation, even if slowed, and proper DDOS doesn't allow that.

This has all of the hallmarks of an angry child abusing random people and companies, driving up the cost of hosting and throughput, and not even achieving the desired goal.

Either:
140px-Glider.svg.png


...Or buzz off and get a life. I may not like the former much of the time, but at least I understand and appreciate result. A script kiddy is like a rat, and only thrives because of numbers and the use of resources they are only able to gather because of the largesses of others.
 
  • #200
nismaratwork said:
The analogy works either way; the idea is to demonstrate the notion of overwhelming force; your's is better in explaining the extreme noise-signal effect caused by a DDOS. Still, don't underestimate them, just because Greg knows his stuff, doesn't mean some of those packets aren't malicious beyond "noise".
Those malicious packets would technically be considered a separate kind of attack though, wouldn't they? The DDoS in that case would just be a diversion or something to make the system more vulnerable.
Oh, they can be effective, but you need to match your attack to your target! A forum is a very soft target, with new ways to undermine them available to those who want them... this is crude. Moreover, the site remained in operation, even if slowed, and proper DDOS doesn't allow that.
And now my devilish curiosity is curious about those "ways" of which you speak, though I'd better stop, lest I fall under suspicion for future attacks. :rolleyes:
This has all of the hallmarks of an angry child abusing random people and companies, driving up the cost of hosting and throughput, and not even achieving the desired goal.
Either that, or something who just doesn't give a damn and just likes to cause grief1.
Either:
140px-Glider.svg.png


...Or buzz off and get a life. I may not like the former much of the time, but at least I understand and appreciate result. A script kiddy is like a rat, and only thrives because of numbers and the use of resources they are only able to gather because of the largesses of others.
That image is going to need a bit of explaining.

And yeah, script kiddies suck. Every game's got those idiots who think they're badass hackers just because they can use a Gameshark or something like that, when they don't even know the first bit about how those things even work.

1 Like that stupid "I before E / except after C / or when sounding like A / as in 'neighbor' and 'weigh'" rule which DOESN'T COVER "WEIRD"! I hate that word! Stupid English.
 

Similar threads

PF Slow Again - Possible DDoS Attack?
Replies
4
Views
2K
Bug Slow Forum Apr 8: Limited Access, JS Error
Replies
7
Views
2K
Chemical Forums down, or how I learned what slowloris is
Replies
8
Views
1K
Complaint Possible Causes of Slow Response from PF and Solutions for Users and Staff
Replies
22
Views
5K
  • Sticky
Announcement Easy ways you can support Physics Forums
2
Replies
97
Views
48K
JavaScript PF Alert Machine: Can I Monitor Forum Alerts Without Logging In?
Replies
3
Views
1K
Could we make a practical solar fridge?
Replies
30
Views
3K
ABC reference frame synchronous generator modelling in Ltspice
Replies
1
Views
3K
11 reasons why you should be a Gold Member
Replies
13
Views
3K
I Lorentz Transformation: Premises + Derivation
Replies
5
Views
2K

Hot Threads

Recent Insights

Back
Top