1. I have corrected the e-mail settings so that outgoing e-mails from these forums should be sent now. If you tried to Register or Reset your Password, please try again!
    Dismiss Notice

DDoS Today

Discussion in 'EverQuest II General Discussion' started by Feldon, Jan 21, 2018.

  1. Feldon

    Feldon Administrator Staff Member

    Sorry for the heaping helping of bullshit today.

    One of the websites I host has a forum. A member of that forum was banned for being a total prat, sending threatening harassing messages and such. Rather than finding something else to do with his time, he sent an e-mail saying basically unban me or your websites are going down and will stay down. That was at 2am.

    Thanks to the folks in the #eq2wire chat for their patience and suggestions. No thanks to my host who did very little. We seem to be running OK right now, but could get knocked off the air any time.

    Headed to bed. Been on this for 14 hours straight.
     
    • Informative Informative x 4
    • Appreciation Appreciation x 2
    • Dislike Dislike x 1
  2. Rosyposy

    Rosyposy Active Member

    Thanks for the update, Feldon... and Ouch! Hope you sleep well.
     
    • Agree Agree x 2
    • Like Like x 1
  3. zarobhr

    zarobhr New Member

    not sure if its related but unable to search for characters and or guilds
     
  4. Inire

    Inire Not really an evil duck, just misunderstood.

    I am sure that there are a number of things broken right now. The number of changes required to help keep this person out was extensive.

    Similarly, I am sure that Feldon will work on it as soon as he can.
     
  5. Errrorr

    Errrorr Active Member

    Looks like Census itself is down/unstable currently. Same issues are occuring on other sites that use it.

    Maybe they saw the stats for yesterday with no EQ2U and pulled the plug...

    Edit - Census is fine.
     
    Last edited: Jan 22, 2018
    • Agree Agree x 1
  6. Feldon

    Feldon Administrator Staff Member

    It helps when I'm not blacklisting Census at my end. :p
     
    • Funny Funny x 3
    • Winner Winner x 1
  7. Inire

    Inire Not really an evil duck, just misunderstood.

    fastest performance a DBG product ever had was when it was black holed.
     
  8. Feldon

    Feldon Administrator Staff Member

    Attack is underway again. Started at 3pm. Playing whack-a-mole now.
     
    • Informative Informative x 2
  9. Feldon

    Feldon Administrator Staff Member

    Having to learn how to mitigate against a determined attacker. Learning a lot. Getting a mountain of help from folks here in private chats and such. It has been absolutely invaluable.
     
    • Like Like x 4
    • Appreciation Appreciation x 2
  10. Feldon

    Feldon Administrator Staff Member

    I have mitigated the type of attack that was used on Sunday and this afternoon. Of course, there are other types of attacks. Hopefully we don't have any users in Brazil. I had to do several region blocks.
     
    • Like Like x 2
    • Informative Informative x 1
    • Appreciation Appreciation x 1
  11. Inire

    Inire Not really an evil duck, just misunderstood.

    now my bot net doesn't work.
     
  12. Rosyposy

    Rosyposy Active Member

    Related?

    Feldon, I've noticed that many of the character signature badges are no longer working. I had three on my EQ2 forum signature - badges for the two toons I'd played recently did not display. The third toon hadn't been logged in to for some time, and it displayed. I removed all three for now.
     
  13. Feldon

    Feldon Administrator Staff Member

    Signatures use ImageMagick. I need to reinstall this today soon.
     
    Last edited: Jan 25, 2018
    • Like Like x 4
  14. Rosyposy

    Rosyposy Active Member

    Thank you, Feldon!
     
    • Like Like x 1
    • Agree Agree x 1
  15. Mysstie

    Mysstie Member

    Interesting. Your forum is up but my sites including my Webhost's sites are down. Doing a tracert, all of our stuff is in Hostdime's data center. I doubt it's related to the DDoS you had. I just happened to notice this forum was hosted in the same place. (my sites are on Surpass Hosting.. sister company to Hostdime.)
     
  16. Feldon

    Feldon Administrator Staff Member

    Hostdime is taking a MAJOR hit right now. Wonder if it's connected.

    I've been changing and tweaking things for hours.
     
    • Informative Informative x 1
  17. Mysstie

    Mysstie Member

    Hmm.. oh well, play some more Stardew Valley. Check things in a few hours LOL. Sent them a message on Facebook.. about all I can really do.
     
  18. Feldon

    Feldon Administrator Staff Member

    I know the security right now is causing a LOT of false positives and problems for people. Looking at solutions. If you just cannot get these forums to do anything, please e-mail me morgan (at) eq2wire.com.
     
    • Appreciation Appreciation x 3
  19. Archangel

    Archangel New Member

    "You're going to be the Eleventh Commandment: 'Thou shalt not get away with it.'
    Conn MacCleary, Remo Williams: The Adventure Begins (1985)
    You'll persevere.

    Name-and-shame the "total prat," all the way down to the IP address. There is no guarantee of privacy when violating a site's terms of service, no?

    May not help you, but this will help others encountering the "total prat."

    Examples:
    - Warning: Michigan Classic Arcade Charles Chuck Fitch - KLOV/VAPS Coin-op Videogame, Pinball, Slot Machine, and EM Machine Forums - Hosted by Museum of the Game & IAM
    - A Factual Timeline of the Alex Mauer DMCA Debacle - Sir TapTap

    You did notify law enforcement?

    Are DDoS (distributed denial-of-service) attacks against the law?
    "you should also understand the legal issues which surround participating in a denial-of-service attack.

    For instance, in the UK (where I am writing from today), anti-DDoS laws have been in place since 2006 and could result in you being sent to jail for up to ten years. Similar laws have also been present in Sweden since 2007.

    It’s the same story in the USA, where they take a tough line on those who engage in denial-of-service attacks against websites."

    Federal Computer Fraud and Abuse Act
    18 U.S. Code § 1030 - Fraud and related activity in connection with computers
    "Whoever-" "knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer" "The punishment for an offense" "imprisonment for not more than 5 years"

    Or lawyer legalize:
    Is it Illegal to DDOS Attack a Website?
    "illegal under the Federal Computer Fraud and Abuse Act. Violators are subject to prison sentences of up to 10 years and a fine of up to $500,000. Conspiracy carries up to 5 years in prison and a fine of $250,000."

    For those and the "total prat" who think this is farfetched. Remember Tyler Barriss? That prat was caught from
    Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes — Krebs on Security
    "unsolicited help from an unlikely source: Eric “Cosmo the God” Taylor, a talented young hacker who pleaded guilty to being part of a group that swatted multiple celebrities and public figures - as well as my home in 2013.

    Taylor is now trying to turn his life around, and is in the process of starting his own cybersecurity consultancy. In a posting on Twitter at 6:21 p.m. ET Dec. 29, Taylor personally offered a reward of $7,777 in Bitcoin for information about the real-life identity of SWAuTistic."

    If it's any consolation, you're not alone.
    -
     
    • Informative Informative x 2
    • Like Like x 1
  20. Feldon

    Feldon Administrator Staff Member

    Hey we're finally kinda sorta accessible again. What a fustercluck.
     
    • Appreciation Appreciation x 9
    • Winner Winner x 1

Share This Page