Steven P. Administrators Posted May 31, 2003 Administrators Share Posted May 31, 2003 Hi Guys, well members aware of previous attacks on Neowin will know why we were down for approx 18 hours. We have just come back and because of the style of the attacks against us there is no guarantee we will stay up for any pro-longed period. Our host, IPS can do little against these attacks that work like this: It would seem he has 1000's of zombies (or infected PC's) that send genuine requests to common ports (21 and 80) making an investigation very difficult and blocking even more difficult. Well these requests flood the server and the network we are on forcing rackshack.net to pull our box from the network and effectively closing down any routing to us. I can't begin to tell you how this is working on our staff and members and of course our host and sponsor who have the burden of sorting out this mess. I would just ask that members do not put Neowin in a position that gets us into any more trouble such as retaliation attacks. Just ignore it because the attackers already get way more attention than they deserve. Thanks for sticking by us, without our members it wouldn't be worth it :) Link to comment Share on other sites More sharing options...
Batfink Posted May 31, 2003 Share Posted May 31, 2003 Good to see Neowin back. Thanks for keeping us informed Neobond Link to comment Share on other sites More sharing options...
CherTon Posted May 31, 2003 Share Posted May 31, 2003 I thought i had click the wrong link yesterday. It good to see neowin when I click the link again. Link to comment Share on other sites More sharing options...
-=SD=- Posted May 31, 2003 Share Posted May 31, 2003 Well that sucks neowin keeps getting hit, hopefully a new pokemon game will come out and that kid will forgot about attacking for awhile. thx for the info on what went down. Link to comment Share on other sites More sharing options...
fdiaz2day Posted May 31, 2003 Share Posted May 31, 2003 I am not really sure but, a buddy of mine had this to say after i showed him that graphic above... fdiaz2day@*******.net | Running DSL says: i will tell you in a bit...but, now look at this... fdiaz2day@*******.net | Running DSL says: http://grc.com/dos/tcp-routing.gif fdiaz2day@*******.net | Running DSL says: neowin was under that type of attack James says: ahh-- if they had Data center cluster type b enabled it would have went down but-- the site would have stayed up James says: or if they also had a virtual server as a backup James says: it would have helped domain *'d to protect myself from spam... Note: This is NOT James from ieXbeta :p Link to comment Share on other sites More sharing options...
kairon Posted May 31, 2003 Share Posted May 31, 2003 What a brat this kid is. Whatever you do neobond, do not give up on the site, you'd just be letting a little 12 year old enjoy his power-trip further. Just be glad your site is so successful that your making lots of people jealous ;) Link to comment Share on other sites More sharing options...
flakingbiscuit Posted May 31, 2003 Share Posted May 31, 2003 thanks for the update neobond, hopefully the little kid will realize what's good for him and stop doin it. keep up the good work you admins :) :) Link to comment Share on other sites More sharing options...
mallow Posted May 31, 2003 Share Posted May 31, 2003 Thanks for all the hard work for the members! Think of the members!, lol ;) Link to comment Share on other sites More sharing options...
Jason the Eighty Eighth Posted May 31, 2003 Share Posted May 31, 2003 keep up the good work you admins :) :) :yes: Link to comment Share on other sites More sharing options...
Steven Posted May 31, 2003 Share Posted May 31, 2003 Neobond, what version of apache is the site currently running? /me is just curious :) Link to comment Share on other sites More sharing options...
Steven P. Administrators Posted May 31, 2003 Author Administrators Share Posted May 31, 2003 Neobond, what version of apache is the site currently running?/me is just curious :) Apache/1.3.27 Server at www.neowin.net Port 80 Link to comment Share on other sites More sharing options...
Steven Posted May 31, 2003 Share Posted May 31, 2003 Neobond, what version of apache is the site currently running?/me is just curious :) Apache/1.3.27 Server at www.neowin.net Port 80 I was just wondering if you were using one of the new 2.0.4x series, they've been riddled with DoS Holes in the last 2 months as you've probably noticed from all the news postings :D. Link to comment Share on other sites More sharing options...
aem4162 Posted May 31, 2003 Share Posted May 31, 2003 Thanks Neobond!!! You guys are completely swell. (Y) How do any of us know if we have the zombies? I've done virus scans and nothing comes up. Link to comment Share on other sites More sharing options...
ramesees Posted May 31, 2003 Share Posted May 31, 2003 Glad to see Neowin is back, I can't believe it was 18 hours!! I hope that the admins and the staff at IPS and those at rackshack find a solution to this horrible problem soon, and that kid gets what he deserves (like a swift kick up the ass for a start!!) Link to comment Share on other sites More sharing options...
CaKeY Posted May 31, 2003 Share Posted May 31, 2003 Thanks Neobond!!! You guys are completely swell. (Y)How do any of us know if we have the zombies? I've done virus scans and nothing comes up. Could I be a zombie? Is there anything we users can do to help? Link to comment Share on other sites More sharing options...
Tim Dorr Veteran Posted May 31, 2003 Veteran Share Posted May 31, 2003 I think we need mod_dos installed on apache (though, it wouldn't stop the router saturation). There really isn't much we can do on the technical side. Just have to wait for the FBI/lawyers to work it all out... Link to comment Share on other sites More sharing options...
vip Posted May 31, 2003 Share Posted May 31, 2003 Glad to see everything is up and running again, thanks NeoBond ... for keeping everyone caughtup on what's going on.. Link to comment Share on other sites More sharing options...
Steven P. Administrators Posted May 31, 2003 Author Administrators Share Posted May 31, 2003 Thanks Neobond!!!? You guys are completely swell.(Y))How do any of us know if we have the zombies?? I've done virus scans and nothing comes up. Could I be a zombie? Is theranythingb> we users can do to help? An up to date Anti-Virus scanner and Firewall will be enough in most cases. For example, I run Norton AntiVirus 2003 and check updates at least once a week, and the firewall I use is called Outpost and its a free one too, it simply is the best. you can get the free version here. There are also free virus scanners but go for the main stream ones like Norton and McAfee. Sophos is also good, well there are many members here who can advise on tha:):) To learn about how your PC could be violated and to use the online tests look here: http://grc.com/dos/grcdos.htm (thanks Lindy;);) Link to comment Share on other sites More sharing options...
fdiaz2day Posted May 31, 2003 Share Posted May 31, 2003 To learn about how your PC could be violated and to use the online tests look here: http://grc.com/dos/grcdos.htm (thanks Lindy) ;) Lots of useful info there...thanks. :) Link to comment Share on other sites More sharing options...
bayrider Posted May 31, 2003 Share Posted May 31, 2003 www.pcpitstop.com they got a free virus scanner i think its by mcaffee or whatever, anyways, lots of good info on that site to protect yourself amongst other things Link to comment Share on other sites More sharing options...
ahfunaki Posted May 31, 2003 Share Posted May 31, 2003 Just glad to see the site back up... Link to comment Share on other sites More sharing options...
yzero Posted May 31, 2003 Share Posted May 31, 2003 you have to remember banning someone for something like spam or racism.. might just be the wrong guy to ban and he'll attack back.. buncha losers with no lives Link to comment Share on other sites More sharing options...
Premgenius Posted May 31, 2003 Share Posted May 31, 2003 Thankz...for that i dont know what i'd do with out Neowin... and dam you attackers Link to comment Share on other sites More sharing options...
DrunkenMaster Posted May 31, 2003 Share Posted May 31, 2003 Just have to wait for the FBI/lawyers to work it all out... That's more like it... Even if its a 12 yr old, if fines are in place, the parents will prob have to pay. I'd like to see people doing this fined and if old enough to go to jail. They're slowing down other Internet traffic at the same time and we will all have to pay higher access fees in the end because of this. Link to comment Share on other sites More sharing options...
lawtai Posted May 31, 2003 Share Posted May 31, 2003 Thanks for working on the problems, and getting this site back up! Link to comment Share on other sites More sharing options...
Recommended Posts