General discussion
DOS attack
Wed Oct 28 16:52:38 2009 od xxzhttp://ksforum.inboxrevenge.com/ is under DOS attack.
- Pro možnost psaní komentářů se přihlašte nebo zaregistrujte.
http://ksforum.inboxrevenge.com/ is under DOS attack.
AttacK
Wed Oct 28 17:10:01 2009 od amishrabbitAch, laddie, attack has a K
But the question is why also
Wed Oct 28 18:47:56 2009 od lordpakeBut the question is why also Kaspersky forums seem to be inaccessible for me? Have been most part of today, pages hardly load at all.
I don't want to spread FUD, just curious if there's larger DDoS or such in progress? I do realize the reason can be completely innocent and unrelated to IBR situation.
"Men make good pets."
use this to check site up or
Wed Oct 28 21:45:41 2009 od demonluouse this to check site up or down...
http://downforeveryoneorjustme.com/
forum.kaspersky.com
Wed Oct 28 23:14:08 2009 od g7w-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
I have not received any of
Wed Oct 28 19:27:02 2009 od xxzI have not received any of my 100 or more YAHOO Groups spam emails today. Are all these PCs now part of the DDoS attack?
down
Wed Oct 28 23:11:20 2009 od g7w-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
I'm not sure...
Wed Oct 28 23:17:43 2009 od SpiderLoverI'm not sure if this has anything to do with a DOS attack, but it seems that http://blog.siteadvisor.com is out as well...
Knujon News Post
Fri Oct 30 16:23:18 2009 od xxzInBoxRevenge under DDos attack
October 30, 2009
This server is under a DOS attack. Specifically, they are targeting the IP 207.58.151.145 on port 80 (webserver). Over 10000 SYN_RECV connections existed in a netstat when I originally logged in. I was able to mitigate much of this by installing the CSF firewall and setting the SYN flood rate to 40/sec. That said, the load is still high and I am not comfortable lowering the SYN rate any lower, as it might block legitimate traffic. This is a distributed attack, occurring from hundreds of different (potentially spoofed) IP addresses. Typically these attacks do not last for a long time, but it might be a few days before it dies off. (inboxrevenge.com)
I need an email addess for IBR
Mon Nov 2 09:52:19 2009 od xxzPer an IBR blog posting IBR is still under a DDos attack at times but if you have been unable to connect it may be due to your IP address being blocked and to respond to an earlier status email that you should have received so that the block can be removed. I never received an IBR email.
If someone has Ikillspammers or AlphaC email address could they PM me. If you need I can PM you my IBR or SA sign on and my email address.
Thank You
Jim_P
IBR Status?
Tue Nov 3 10:56:55 2009 od xxzHas anybody got any status on IBR?
I am a member but I do not have any emails so this blog posting does not help me.
"If you're a regular member and not able to get on at all, please email us to make sure your IP isn't blocked. The easiest way is to reply to one of the emails you have received notifying you of forum post replies. "
When trying to log on at http://ksforum.inboxrevenge.com/ I get:
"Server: ksforum.inboxrevenge.com
Referred from: (none)
Requested file: /
Error status code: 403
I am sorry, but we can not find the file you requested. Please see if you made a keying error, and try again.
>Return to the forum"
It appears my Comcast IP range is blocked as I tried on 3 PCs but then again I am only guessing since I do not know what the status of IBR is.
Working ok now!
Tue Nov 3 11:11:13 2009 od shazzaHave sent a couple of pms for you referencing this thread - hope it helps.
Same
Tue Nov 3 14:18:40 2009 od BobJamClicked on that link and got the same message you got, except it was "Referred from: http://www.mywot.com/en/comment/reply/4715/22390" (which is this very thread of course). My ISP is Frontier, and I doubt they have blocked that IP.
InBoxRevenge 403 error
Fri Oct 30 23:33:40 2009 od g7wInBoxRevenge
OOPS!
Error: 403 Forbidden
Sorry: The file you requested is not allowed to be browsed by you.
InboxRevenge DDoS
Mon Nov 2 12:52:22 2009 od AlphaCentauriAnyone who wants to reach SiL, use the same email address your forum notifications come from.
Jim_P, I'll get someone who has forum addresses to contact you.
Continued DDoS.
Wed Nov 4 18:33:19 2009 od shazzaInboxRevenge is offline again due to continued DDoS
A friend
Mon Nov 2 13:26:39 2009 od tomgagagaA friend of mine delibrately did a denial of service attack on his school website, http://npcc.org.sg
Is there any way we can try to stop him, or get the site up again from here?
"Devoted supporter of LiVeRpUdLiAn932"
Re: A friend
Mon Nov 2 14:00:12 2009 od SamiYou can a) call your ISP and ask them to start working on blocking the attack and b) call the police if you know the person who is responsible.
or tell ur school to expel
Mon Nov 2 16:41:20 2009 od demonluoor tell ur school to expel him...
DDoS on school
Tue Nov 3 01:48:47 2009 od AlphaCentauriIf your friend has enough computers under his control to conduct a DDoS -- a distributed denial of service attack, i.e., an attack taken by many computers on a single target -- he's involved in a lot more illegal activity than just a prank to annoy the school administration. The computers used to do these are infected with Trojan Horse programs which allow the attacker to control them without the owners' knowledge or permission. He could go to jail, or his parents could even end up owing hundreds of thousands of dollars to compensate all the people whose computers he has damaged.
Update on the IBR attack
Thu Nov 5 14:27:27 2009 od spamislameHello.
I stumbled across this while doing searches for who would be attacking our IP. :)
The attack is still ongoing (entering day eight,) and consists of a 12 - 13 minute ping request per client. (So far: at least several hundreds of clients are involved in the attack.)
As such we're mitigating and attempting to log and then block as many IP's as are participating in this criminal act.
Law enforcement and other agencies have been notified, and this attack may be related to at least two others that we know to be currently underway.
If we assume (as I do) that this attack is being executed via botnet, this would likely have cost the perpetrators several thousand dollars so far. I can only speak for myself but this was definitely not money well spent, as it is doing nothing to stop our research or communications.
More as I get it. Thanks for the postings.
SiL
--
SiL / IKS / concerned citizen
http://ikillspammers.blogspot.com
http://spamitmustfall.blogspot.com
Thx for the update, and nice
Thu Nov 5 17:10:07 2009 od lordpakeThx for the update, and nice seeing you here :)
"Men make good pets."
Welcome to WOT Forum
Fri Nov 6 03:13:52 2009 od g7wIt would be nice it you'd post the IP's once you get a list compiled...
WOT not only refers to domain names, but IP's as well.
example: 61.191.63.150
-------
WOT Services Ltd. - gives us safety through Web of Trust.
WOT Community - gives us security through unity.
Thank you all
- G7W
What would the point for us
Fri Nov 6 06:21:08 2009 od lordpakeWhat would the point for us to know those IPs?
Botnets likely consist mainly of home-user PCs with dynamic IPs, what would listing dynamic IPs here help?
"Men make good pets."
IBR DDoS resumed
Tue Nov 17 00:09:10 2009 od AlphaCentauriFYI, the DDoS against Inboxrevenge.com has resumed again today.
Problems reaching Phishtank, too
Tue Nov 17 00:25:54 2009 od amishrabbitwww.phishtank.com was inaccessible for several hours today, but seems to be back up now.