Slow Forums: PF Under DDOS Attack

  • Thread starter Borek
  • Start date
In summary: I'm not getting the 503 errors I was getting last night.It's Tuesday morning, March 6th, about 7:30 am EST.In summary, the Physics Forums website has been experiencing slow loading times and errors, particularly the "MySQL server has gone away" error. This is attributed to a DOS attack that occurred on March 5th and is still ongoing. The site moderators are working on fixing the issue and have contacted their data center for assistance. The attack is believed to be from a disgruntled individual or group, and the site is currently being monitored for any further attacks. The site's speed has improved since last night, but it is not yet back to
  • #71


Greg Bernhardt said:
I'm not sure they'd care. DoS attacks are quite common.

To make this day even worse, the FedEx man just put a package under my door handle effectively locking me in. I seriously can't get out of my apartment now. :cry: I may have to jump off my 2nd floor balcony.
Greg,

Sorry, but that is a funny, makes you wonder about the intellect of the FedEx Delivery person though. Good to see you are still keeping your wits and sense of humor, kick the damn door, (it will relieve stress from the DOS attack too, lol) the package may fly a bit, but so what, or call a neighbor close by.

Rhody...:redface:
 
Physics news on Phys.org
  • #72


This is getting really annoying. However, as I am not trapped in my apartment, I guess things can get worse...(good luck with that Greg!)
 
  • #73


Yeah, it's pretty bad. But I have faith that it'll get fixed.
 
  • #75


I have been trying to swap PMs with another member. That is an exercise in futility. If you PM, save your message in NotePad or similar so you won't have to re-type it.
 
  • #76


Plus getting tons of 101 errors when trying to view a thread, or view a new post, or search to see if new posts have been made in a thread.
 
  • #77


Greg Bernhardt said:
They are targeting PF's IP addy. We are on a dedicated server.

That's easy to fix:
[hidefromhackers]
1) Ask your ISP for a new static IP with no DNS listing
2) Send an e-mail to all unbanned members saying: "this is where the real party's at: (new IP address)
3) Leave a shell server on the normal PF address to make the hackers think that their hacking is actually working
[/hidefromhackers]

Problem: solved :wink:
mugaliens said:
Apparently, these particular geeks don't appreciate open platform discussions about some things.
Interestingly (sort of), I did a little google search to see if there was some kind of loser movement going on to block PF and all I could find was about "censorship" on PF from some banned member *cough*crackpot*cough* but it was a few years old.
 
  • #78


The problem is that much like an assassin, you need to either buy off a DDOS'er, or better, neutralize them. One is just inviting blackmail, and the latter is illegal.
 
  • #79


nismaratwork said:
The problem is that much like an assassin, you need to either buy off a DDOS'er, or better, neutralize them. One is just inviting blackmail, and the latter is illegal.

See my earlier post about the protection racket against bums. It makes no sense to target a place like this if the goal is blackmail. What are we going to pay them with? Gluons?
 
  • #80


caffenta said:
That's easy to fix:
[hidefromhackers]
1) Ask your ISP for a new static IP with no DNS listing
2) Send an e-mail to all unbanned members saying: "this is where the real party's at: (new IP address)
3) Leave a shell server on the normal PF address to make the hackers think that their hacking is actually working
[/hidefromhackers]

Problem: solved :wink:

Interestingly (sort of), I did a little google search to see if there was some kind of loser movement going on to block PF and all I could find was about "censorship" on PF from some banned member *cough*crackpot*cough* but it was a few years old.
Not "problem solved" but problem exacerbated. If Greg can't maintain a stable open site with which to interact with advertisers, there goes all the advertising income for views, click-throughs, etc.
 
  • #81


It wasn't a serious "solution". Just trying to keep people's spirits up in these difficult times, is all.
 
  • #82


caffenta said:
See my earlier post about the protection racket against bums. It makes no sense to target a place like this if the goal is blackmail. What are we going to pay them with? Gluons?

Presumably privelages... that's the ususal goal beyond mere destruction of these kind of underdeveloped bridge troll-snot.

Your idea, while interesting, is so easily circumvented as to be impractical; the reality is that you have fragmentation of the community... again, see Dalnet.

Anyway, you could reverse what you said, or rather, invert it, and make a canary trap out of it, but that would take more work than just using a few illegal tools to remove the problem directly. A botnet is, by definition, not a secure entitiy; it can be subverted and turned.
 
  • #83


nismaratwork said:
Anyway, you could reverse what you said, or rather, invert it, and make a canary trap out of it, but that would take more work than just using a few illegal tools to remove the problem directly. A botnet is, by definition, not a secure entitiy; it can be subverted and turned.

Trap, eh? It gives me an idea: the PF Sisterhood that lisab alluded to earlier in the thread.

It's very likely that the hacker is just some geek or a collection of geeks living in their parent's basement, yes? When confronted by girls, said geeks will either:

a) Run away in fear and leave us alone
b) Be attracted by the Sisterhood's beautiful Siren songs. Then we can trap them with some kind of confinement field. We know how to build a confinement field, right? We're physicists. Of course we know! And if the confinement field fails, the Sisterhood will just kick their sorry butts like lisab said. In fact, forget the confinement field altogether.

:smile:
 
Last edited:
  • #84


caffenta said:
Trap, eh? It gives me an idea: the PF Sisterhood that lisab alluded to earlier in the thread.

It's very likely that the hacker is just some geek or a collection of geeks living in their parent's basement, yes? When confronted with girls, said geeks will either:

a) Run away in fear and leave us alone
b) Be attracted by the Sisterhood's beautiful siren songs. Then we can trap them with some kind of confinement field. We know how to build a confinement field, right? We're physicists. Of course we know! And if the confinement field fails, the Sisterhood will just kick their sorry butts like lisab said. In fact, forget the confinement field altogether.


:smile:

What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?
 
  • #85


nismaratwork said:
What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?

what if I slipped in your IP by mistake? :biggrin:
 
  • #86


nismaratwork said:
What if it IS a girl? :smile:


Hmmm... actually... :bushing:

ANYWAY... Greg: You could just post all relevant IPs here... it's not traffic protected by your TOS, right? Share, and who knows, maybe some enterprising PF'ers read, and unconnected to that, things happen?
My new neighbor is a networking geek with his own company. Maybe if some of us knew more about the DoS, we could help resolve it. I'd ask him - he and his new bride are smitten with this neighborhood and their new neighbors. Maybe I can get my wife to bribe him with some garlic/rosemary/sun-dried tomato infused artisan bread...
 
  • #87


Greg Bernhardt said:
what if I slipped in your IP by mistake? :biggrin:

Hmmmmm...

1.) Which one?
2.) I'd hate to lose a good BNC... routing traffic isn't as fun as it used to be.
3.) It would be worth the trade.
 
  • #88


nismaratwork said:
What if it IS a girl? :smile:
Have you ever met a girl that would waste her time on something as pointless as a DoS attack? I mean, honestly. Even the geekiest girl is nowhere near the geek level of a geeky guy. There's a geekness bandgap or something.

I stand by my hypothesis: the hacker is a guy in his parents' basement.
 
  • #89


caffenta said:
Have you ever met a girl that would waste her time on something as pointless as a DoS attack? I mean, honestly. Even the geekiest girl is nowhere near the geek level of a geeky guy. There's a geekness bandgap or something.

I stand by my hypothesis: the hacker is a guy in his parents' basement.

Actually, yeah, I've met a few, but they are rare creatures, and very shy. You can coax them out with strawberries in a goblet with fresh whipped cream, but the slightest noise startles them.

:biggrin:
 
  • #90


nismaratwork said:
Actually, yeah, I've met a few, but they are rare creatures, and very shy. You can coax them out with strawberries in a goblet with fresh whipped cream, but the slightest noise startles them.

:biggrin:
Well, if they are the culprit, there is an even easier solution: we just start typing in ALL CAPS. That'll freak them out. :-p
 
  • #91


Is PF fixed?

FIX IT FIX IT FIX IT FIX IT
 
  • #93


Greg Bernhardt said:
we keep tweaking the firewall. keep giving me updates on site performance

Still slow loading pages. I get that "Oops, Chrome can't load the page" error about 10% of the time.

It seemed nearly normal about an hour ago, though.
 
  • #94


Greg Bernhardt said:
we keep tweaking the firewall. keep giving me updates on site performance

Still slow loading pages. I get that "Oops! Google Chrome could not connect to www.physicsforums.com" error about 10% of the time.

It seemed nearly normal about an hour ago, though.
 
  • #95


lisab said:
Still slow loading pages. I get that "Oops! Google Chrome could not connect to www.physicsforums.com" error about 10% of the time.

It seemed nearly normal about an hour ago, though.
Your double post says more about site performance than the contents of your post ever could. :wink:
 
  • #96


turbo-1 said:
My new neighbor is a networking geek with his own company. Maybe if some of us knew more about the DoS, we could help resolve it.

A denial of service attack is a pretty low tier attack. It could by run by anyone, with a small amount of knowledge, and more easily run by a script kiddie (someone who runs scripts to hack). There are much more devastating hacks that can be done using subtler methods, but with that comes a large increase in the knowledge needed.

I think the best thing that we could probably do for now is honestly stay away from the forums for a bit, let them sort it out on their own without nonthreatening IP's requesting service also. (heh, this just happens to be the exact thing I'm not doing)

And Greg, just a couple minutes ago, when I came to this thread, the forums were working relatively smoothly, but now, they are back to loading slowly.
 
  • #97


Grep said:
Your double post says more about site performance than the contents of your post ever could. :wink:

:smile:

This is true. It's slow, but you can tell this is not exactly a masterpiece DOS... I hate halfwits and hacks, but I'm glad in this case.
 
  • #98


Grep said:
Your double post says more about site performance than the contents of your post ever could. :wink:

Yeah...sigh. Right after I posted...those...it got really bad, I had to bail out.

Hang in there, Greg...give em hell! The PF Sisterhood is itchin' for a fight now!
 
  • #99


Isn't there a law against this...
 
  • #100


Where's Char...

He'd kick some Ninja butt...

https://www.youtube.com/watch?v=3KVf49FkqHo
 
  • #101


lisab said:
Hang in there, Greg...give em hell! The PF Sisterhood is itchin' for a fight now!

Ooh, ooh! I want front-row seat tickets!

Let's get ready to ruuumble! :cool:
 
  • #102


the my pf and get posts query is still excruciatingly slow for me.
 
  • #104


Greg Bernhardt said:
How are things now?

Very bad for me. 8 times out of 10 I can't enter in PH and posting this message took me at least 15 minutes (I must press reload lots of times in a row just to enter the thread because I can't connect to PF).
 
  • #105


Edit: Weird double post... 0_o

And Greg, the forums are working ok now, definitely a lot slower than normal, but better than before.
 
Last edited:

Similar threads

Replies
4
Views
2K
Replies
7
Views
1K
Replies
0
Views
96K
  • Sticky
3
Replies
96
Views
44K
Replies
3
Views
1K
Replies
30
Views
2K
Replies
13
Views
3K
Back
Top