Neowin DDoS again


Recommended Posts

Steven P.

Hi Guys, well members aware of previous attacks on Neowin will know why we were down for approx 18 hours. We have just come back and because of the style of the attacks against us there is no guarantee we will stay up for any pro-longed period. Our host, IPS can do little against these attacks that work like this:

tcp-routing.gif

It would seem he has 1000's of zombies (or infected PC's) that send genuine requests to common ports (21 and 80) making an investigation very difficult and blocking even more difficult. Well these requests flood the server and the network we are on forcing rackshack.net to pull our box from the network and effectively closing down any routing to us.

I can't begin to tell you how this is working on our staff and members and of course our host and sponsor who have the burden of sorting out this mess. I would just ask that members do not put Neowin in a position that gets us into any more trouble such as retaliation attacks. Just ignore it because the attackers already get way more attention than they deserve. Thanks for sticking by us, without our members it wouldn't be worth it :)

Link to post
Share on other sites
Batfink

Good to see Neowin back. Thanks for keeping us informed Neobond

Link to post
Share on other sites
CherTon

I thought i had click the wrong link yesterday.

It good to see neowin when I click the link again.

Link to post
Share on other sites
-=SD=-

Well that sucks neowin keeps getting hit, hopefully a new pokemon game will come out and that kid will forgot about attacking for awhile.

thx for the info on what went down.

Link to post
Share on other sites
fdiaz2day

I am not really sure but, a buddy of mine had this to say after i showed him that graphic above...

fdiaz2day@*******.net | Running DSL says:

i will tell you in a bit...but, now look at this...

fdiaz2day@*******.net | Running DSL says:

http://grc.com/dos/tcp-routing.gif

fdiaz2day@*******.net | Running DSL says:

neowin was under that type of attack

James says:

ahh-- if they had Data center cluster type b enabled it would have went down but-- the site would have stayed up

James says:

or if they also had a virtual server as a backup

James says:

it would have helped

domain *'d to protect myself from spam...

Note: This is NOT James from ieXbeta :p

Link to post
Share on other sites
kairon

What a brat this kid is. Whatever you do neobond, do not give up on the site, you'd just be letting a little 12 year old enjoy his power-trip further. Just be glad your site is so successful that your making lots of people jealous ;)

Link to post
Share on other sites
flakingbiscuit

thanks for the update neobond, hopefully the little kid will realize what's good for him and stop doin it. keep up the good work you admins :) :)

Link to post
Share on other sites
mallow

Thanks for all the hard work for the members! Think of the members!, lol ;)

Link to post
Share on other sites
Jason the Eighty Eighth
keep up the good work you admins :) :)

:yes:

Link to post
Share on other sites
Steven

Neobond, what version of apache is the site currently running?

/me is just curious :)

Link to post
Share on other sites
Steven P.
Neobond, what version of apache is the site currently running?

/me is just curious :)

Apache/1.3.27 Server at www.neowin.net Port 80

Link to post
Share on other sites
Steven
Neobond, what version  of apache is the site currently running?

/me is just curious :)

Apache/1.3.27 Server at www.neowin.net Port 80

I was just wondering if you were using one of the new 2.0.4x series, they've been riddled with DoS Holes in the last 2 months as you've probably noticed from all the news postings :D.

Link to post
Share on other sites
aem4162

Thanks Neobond!!! You guys are completely swell. (Y)

How do any of us know if we have the zombies? I've done virus scans and nothing comes up.

Link to post
Share on other sites
ramesees

Glad to see Neowin is back, I can't believe it was 18 hours!!

I hope that the admins and the staff at IPS and those at rackshack find a solution to this horrible problem soon, and that kid gets what he deserves (like a swift kick up the ass for a start!!)

Link to post
Share on other sites
CaKeY
Thanks Neobond!!! You guys are completely swell. (Y)

How do any of us know if we have the zombies? I've done virus scans and nothing comes up.

Could I be a zombie? Is there anything we users can do to help?

Link to post
Share on other sites
Tim Dorr

I think we need mod_dos installed on apache (though, it wouldn't stop the router saturation).

There really isn't much we can do on the technical side. Just have to wait for the FBI/lawyers to work it all out...

Link to post
Share on other sites
vip

Glad to see everything is up and running again, thanks NeoBond ... for keeping everyone caughtup on what's going on..

Link to post
Share on other sites
Steven P.
Thanks Neobond!!!? You guys are completely swell.(Y))

How do any of us know if we have the zombies?? I've done virus scans and nothing comes up.

Could I be a zombie? Is theranythingb> we users can do to help?

An up to date Anti-Virus scanner and Firewall will be enough in most cases. For example, I run Norton AntiVirus 2003 and check updates at least once a week, and the firewall I use is called Outpost and its a free one too, it simply is the best. you can get the free version here. There are also free virus scanners but go for the main stream ones like Norton and McAfee. Sophos is also good, well there are many members here who can advise on tha:):)

To learn about how your PC could be violated and to use the online tests look here: http://grc.com/dos/grcdos.htm (thanks Lindy;);)

Link to post
Share on other sites
fdiaz2day
To learn about how your PC could be violated and to use the online tests look here: http://grc.com/dos/grcdos.htm (thanks Lindy) ;)

Lots of useful info there...thanks. :)

Link to post
Share on other sites
bayrider

www.pcpitstop.com

they got a free virus scanner i think its by mcaffee or whatever, anyways, lots of good info on that site to protect yourself amongst other things

Link to post
Share on other sites
ahfunaki

Just glad to see the site back up...

Link to post
Share on other sites
yzero

you have to remember banning someone for something like spam or racism.. might just be the wrong guy to ban and he'll attack back.. buncha losers with no lives

Link to post
Share on other sites
Premgenius

Thankz...for that i dont know what i'd do with out Neowin... and dam you attackers

Link to post
Share on other sites
DrunkenMaster
Just have to wait for the FBI/lawyers to work it all out...

That's more like it...

Even if its a 12 yr old, if fines are in place, the parents will prob have to pay. I'd like to see people doing this fined and if old enough to go to jail. They're slowing down other Internet traffic at the same time and we will all have to pay higher access fees in the end because of this.

Link to post
Share on other sites
lawtai

Thanks for working on the problems, and getting this site back up!

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.