Slow Forums: PF Under DDOS Attack

  • Thread starter Borek
  • Start date
In summary: I'm not getting the 503 errors I was getting last night.It's Tuesday morning, March 6th, about 7:30 am EST.In summary, the Physics Forums website has been experiencing slow loading times and errors, particularly the "MySQL server has gone away" error. This is attributed to a DOS attack that occurred on March 5th and is still ongoing. The site moderators are working on fixing the issue and have contacted their data center for assistance. The attack is believed to be from a disgruntled individual or group, and the site is currently being monitored for any further attacks. The site's speed has improved since last night, but it is not yet back to
  • #176
Proton Soup said:
maybe that kid asking for poisons didn't like the DHMO answer

Next time we'll tell him to mix the bleach with ammonia and take deep breaths...
 
Physics news on Phys.org
  • #177
Last edited by a moderator:
  • #178
Greg Bernhardt said:
Why the past tense. It's still happening :) We'll never know.
Bobc2's philosophy of physics professor told him (link) that the room down the hall doesn't exist until he walks over there and opens the door, and since I trust everything that philosophers say, even when they contradict other philosophers, I say that this DDOS attack doesn't exist anymore.
 
  • #179
Proton Soup said:
maybe that kid asking for poisons didn't like the DHMO answer
Maybe he was on a IUPAC standards committee and simply didn't like the incorrect nomenclature. Do any of the DoS packets come from iupac.org?
IUPAC committee said:
We will smite PF!
:-p
 
Last edited:
  • #180
nismaratwork said:
... What the hell is the point of compromising so many computers, then abuse their connection...

500px-Botnet.svg.png
 
  • #182
The obvious answer as to "why it was done": for the lulz.
 
  • #183
currently having issues reaching PF, only via phone ATM.
 
  • #184
DevilsAvocado said:
MY botnet is ready for launch!
[PLAIN]http://www.newsupdatez.com/wp-content/uploads/2011/02/Space-Shuttle-Launch.jpg
 
Last edited by a moderator:
  • #185
DevilsAvocado said:
500px-Botnet.svg.png

Yeah, that and piracy, but it doesn't have to make me happy...
 
  • #186
Not perfect but definitely much, much better than 2 days ago. Enough to post without difficulties.
 
  • #187
I'm still occasionally getting time outs in Chrome, but it fixes after a couple refreshes. Doesn't seem like other sites have the same problem. Is the attack still going on?

It could just be my internet connection. It can be dodgy at some pretty random times. (Stupid AT&T)
 
  • #188
Jiggy-Ninja said:
Is the attack still going on?

Yes the attack is still going on.
 
  • #189
Greg Bernhardt said:
Yes the attack is still going on.
DAMN, how long is that now? The OP is from the 6th, has it really been almost a week of continuous DoS? Or have there been breaks at all there?
 
  • #190
Greg Bernhardt said:
Yes the attack is still going on.

Greg,

That may be true, but you have essentially rendered them sort of neutered. Too bad you could not retaliate, legally and technologically of course, my PM ears are open to any news.

Rhody... :mad: :wink:

P.S. Attacks like this remind me why I hate bullies, I had a few run ins with them as a kid and stood up to each one, once I did, and they suffered a bit of humiliation of their own, they stopped each and every time. Enough said.
 
  • #191
rhody said:
Greg,

That may be true, but you have essentially rendered them sort of neutered. Too bad you could not retaliate, legally and technologically of course, my PM ears are open to any news.

Rhody... :mad: :wink:

I am sending in my army of laser equipped squirrels! :D
 
  • #192
Greg Bernhardt said:
I am sending in my army of laser equipped squirrels! :D

Show them no mercy Greg ! Have the squirrels set them on fire !

Rhody... feels better now... NOT...
 
  • #193
assuming the ongoing attack is prohibiting me from reaching PF on my PC?
 
  • #194
Jiggy-Ninja said:
DAMN, how long is that now? The OP is from the 6th, has it really been almost a week of continuous DoS? Or have there been breaks at all there?

Botnets like this tend to be set on one course, then abandoned. The attack attenuates as users of the 'zombie' computers realize that something is wrong, and eventually dies off.

If it's increasing, then there's someone who really wants to be caught, and their absolute lack of effectiveness genuinely offends me.

If you attack a site, especially a forum... DDOS?? Its so cheap... easy; I'm disgusted. This may be the reason that I so dearly want Greg to share info so that... stuff... and stuff.

Forget lasers, send in the PF stormtroopers... I have a favor from a Canadian pal I'd be willing to cash in for this.
 
  • #195
Greg Bernhardt said:
I am sending in my army of laser equipped squirrels! :D
Squirrels suck. Use sharks with frickin' laser beams attached to the heads.

And if the sharks can't reach, send http://www.onepiecewallpaper.net/wallpaper/Miss-Friday-Unluckies/" after them.
 
Last edited by a moderator:
  • #196
nismaratwork said:
Botnets like this tend to be set on one course, then abandoned. The attack attenuates as users of the 'zombie' computers realize that something is wrong, and eventually dies off.

If it's increasing, then there's someone who really wants to be caught, and their absolute lack of effectiveness genuinely offends me.

If you attack a site, especially a forum... DDOS?? Its so cheap... easy; I'm disgusted. This may be the reason that I so dearly want Greg to share info so that... stuff... and stuff.

Forget lasers, send in the PF stormtroopers... I have a favor from a Canadian pal I'd be willing to cash in for this.
So it's the script kiddie equivalent of ringing the doorbell and running away? Except it's more like gluing the doorbell down so the owner has to live with the constant AAAAAAAAAAAAA buzzing in their heads until it gets fixed.

Haven't you watched Star Wars? Stormtroopers can't hit ANYTHING.

Edit: Oops, double post. I'm used to a different forum that auto-merges. Sorry
 
  • #197
Jiggy-Ninja said:
So it's the script kiddie equivalent of ringing the doorbell and running away? Except it's more like gluing the doorbell down so the owner has to live with the constant AAAAAAAAAAAAA buzzing in their heads until it gets fixed.

Got it in one JN! Another example I remember was: Imagine that one clown tries to get into your house...not a problem, turn him away. Now imagine a thousand clowns are indipendantly trying to get into your houe, through the windows, doors, floorboards... it's not skill, it's not even effective... it's brute force.

Script Kiddies... the former bane of my existence...

Jiggy-Ninja said:
Haven't you watched Star Wars? Stormtroopers can't hit ANYTHING.

Edit: Oops, double post. I'm used to a different forum that auto-merges. Sorry

Heh... good point about the Stormtroopers!
 
  • #198
nismaratwork said:
Got it in one JN! Another example I remember was: Imagine that one clown tries to get into your house...not a problem, turn him away. Now imagine a thousand clowns are indipendantly trying to get into your houe, through the windows, doors, floorboards... it's not skill, it's not even effective... it's brute force.

Script Kiddies... the former bane of my existence...
I'm usually pretty good at that sort of thing. Analogy and visualization (and always keeping in mind the limits of those) have been my main modes of thinking for years.

Clown analogy doesn't seems right. A DoS attack isn't trying to gain entry, it's just trying to overload the listener. It'd be more like a celebrity getting mobbed by 10,000 people all asking for an autograph constantly. Wouldn't be able to get anything done in a state like that.

Now I'm curious. Why "former"? Did you get out of network administration, get promoted so you no longer have to deal with that stuff, or what?

Why do you say they aren't effective? It may not be the most efficient or elegant means of attack, but this thread alone should be proof that it's effective at something.
 
  • #199
Jiggy-Ninja said:
I'm usually pretty good at that sort of thing. Analogy and visualization (and always keeping in mind the limits of those) have been my main modes of thinking for years.

Clown analogy doesn't seems right. A DoS attack isn't trying to gain entry, it's just trying to overload the listener. It'd be more like a celebrity getting mobbed by 10,000 people all asking for an autograph constantly. Wouldn't be able to get anything done in a state like that.

Now I'm curious. Why "former"? Did you get out of network administration, get promoted so you no longer have to deal with that stuff, or what?

The analogy works either way; the idea is to demonstrate the notion of overwhelming force; your's is better in explaining the extreme noise-signal effect caused by a DDOS. Still, don't underestimate them, just because Greg knows his stuff, doesn't mean some of those packets aren't malicious beyond "noise".

As for former, yet, I was in it and I left because of the rise of the script-kiddy. I saw the landscape change from a few people using what they could, exploiting large companies (not right, but I was young) and the like. That turned into getting a few computers to become scanners of multiple subnets to find new computers... rinse, repeat. Money started to come into the equation, and that was never something I wanted to be a part of.

Dalnet falling to some anonymous Turkish botnet was nearly the final straw, and once I'd reformed the people I cared about in a new network, I handed over the reigns to a friend and never looked back.

Jiggy-Ninja said:
Why do you say they aren't effective? It may not be the most efficient or elegant means of attack, but this thread alone should be proof that it's effective at something.

Oh, they can be effective, but you need to match your attack to your target! A forum is a very soft target, with new ways to undermine them available to those who want them... this is crude. Moreover, the site remained in operation, even if slowed, and proper DDOS doesn't allow that.

This has all of the hallmarks of an angry child abusing random people and companies, driving up the cost of hosting and throughput, and not even achieving the desired goal.

Either:
140px-Glider.svg.png


...Or buzz off and get a life. I may not like the former much of the time, but at least I understand and appreciate result. A script kiddy is like a rat, and only thrives because of numbers and the use of resources they are only able to gather because of the largesses of others.
 
  • #200
nismaratwork said:
The analogy works either way; the idea is to demonstrate the notion of overwhelming force; your's is better in explaining the extreme noise-signal effect caused by a DDOS. Still, don't underestimate them, just because Greg knows his stuff, doesn't mean some of those packets aren't malicious beyond "noise".
Those malicious packets would technically be considered a separate kind of attack though, wouldn't they? The DDoS in that case would just be a diversion or something to make the system more vulnerable.
Oh, they can be effective, but you need to match your attack to your target! A forum is a very soft target, with new ways to undermine them available to those who want them... this is crude. Moreover, the site remained in operation, even if slowed, and proper DDOS doesn't allow that.
And now my devilish curiosity is curious about those "ways" of which you speak, though I'd better stop, lest I fall under suspicion for future attacks. :rolleyes:
This has all of the hallmarks of an angry child abusing random people and companies, driving up the cost of hosting and throughput, and not even achieving the desired goal.
Either that, or something who just doesn't give a damn and just likes to cause grief1.
Either:
140px-Glider.svg.png


...Or buzz off and get a life. I may not like the former much of the time, but at least I understand and appreciate result. A script kiddy is like a rat, and only thrives because of numbers and the use of resources they are only able to gather because of the largesses of others.
That image is going to need a bit of explaining.

And yeah, script kiddies suck. Every game's got those idiots who think they're badass hackers just because they can use a Gameshark or something like that, when they don't even know the first bit about how those things even work.

1 Like that stupid "I before E / except after C / or when sounding like A / as in 'neighbor' and 'weigh'" rule which DOESN'T COVER "WEIRD"! I hate that word! Stupid English.
 
  • #201
Jiggy-Ninja said:
Those malicious packets would technically be considered a separate kind of attack though, wouldn't they? The DDoS in that case would just be a diversion or something to make the system more vulnerable.

And now my devilish curiosity is curious about those "ways" of which you speak, though I'd better stop, lest I fall under suspicion for future attacks. :rolleyes:

Heh... quick thinker aren't you? Yes, it can be a separate attack, often to initiate a stack overflow, and allow malicious code to run on. There are other ways, but you'll have to satisfy your devilish curiosity without me, when I left this behind, I really left it behind.


Jiggy-Ninja said:
Either that, or something who just doesn't give a damn and just likes to cause grief1.

BINGO! That is the essence of the scrit kiddy... a lack of foresight and empathy, but quick on trigger as though this was nothing. It's absurd behaviour, but not uncommon.

Jiggy-Ninja said:
That image is going to need a bit of explaining.

Look up, "Glider" and "Universal Hacker Logo" on google, and you'll learn all that you need, and some interesting bits besides that have nothin to do with hacking or griefing.

Jiggy-Ninja said:
And yeah, script kiddies suck. Every game's got those idiots who think they're badass hackers just because they can use a Gameshark or something like that, when they don't even know the first bit about how those things even work.

Amen.

Jiggy-Ninja said:
1 Like that stupid "I before E / except after C / or when sounding like A / as in 'neighbor' and 'weigh'" rule which DOESN'T COVER "WEIRD"! I hate that word! Stupid English.

Yep, English is an insane language... I love it at least in part for its absurdist turns. :biggrin:
 
  • #202
Insanity said:
assuming the ongoing attack is prohibiting me from reaching PF on my PC?
I wish I could help you with this. Hopefully the attack will end and you will be able to get back on with your PC.
 
  • #203
dlgoff said:
I wish I could help you with this. Hopefully the attack will end and you will be able to get back on with your PC.
Perhaps his PC is a zombie involved in the attack and he's being blocked.
 
  • #204
Evo said:
Perhaps his PC is a zombie involved in the attack and he's being blocked.

Hmmm... if Greg had to block subnets, it doesn't even have to his IP or computer, just a general region...
 
  • #205
i considered that, i could get here via a proxy, but couldn't log on.

i use two AV and spyware software, i will do a complete updated scan with them.
 
  • #206
Evo said:
Perhaps his PC is a zombie involved in the attack and he's being blocked.
Wow. I know nothing about this kind of thing. I went with other members advice to use avast.
 
  • #207
Linux :wink:

I wonder how long the attacks will continue. I was rather surprised (and extremely annoyed!) when the attack started on Sunday.

I've always wanted a firewall that traces incoming attacks and launches retaliatory strikes (launch the alert Vipers!), but I guess that http://www.schneier.com/crypto-gram-0212.html#1".

Regarding the image, for those not familiar with Conway's Game of Life: http://www.conwaylife.com/wiki/index.php?title=Glider

Be careful, there are people here at Physics Forums who know how to construct http://www.conwaylife.com/wiki/index.php?title=Glider_gun! (I spent far too much time using simulations of cellular automata in high school...)
 
Last edited by a moderator:
  • #208
jhae2.718 said:
Linux :wink:

I wonder how long the attacks will continue. I was rather surprised (and extremely annoyed!) when the attack started on Sunday.

I've always wanted a firewall that traces incoming attacks and launches retaliatory strikes (launch the alert Vipers!), but I guess that http://www.schneier.com/crypto-gram-0212.html#1".

Regarding the image, for those not familiar with Conway's Game of Life: http://www.conwaylife.com/wiki/index.php?title=Glider

Be careful, there are people here at Physics Forums who know how to construct http://www.conwaylife.com/wiki/index.php?title=Glider_gun! (I spent far too much time using simulations of cellular automata in high school...)

Don't shoot! I'm not armed with self-replicating gliders!

@dlgoff: Given what you just said, Avast! is a very good choice... are you using their firewall as well?
 
Last edited by a moderator:
  • #209
nismaratwork said:
@dlgoff: Given what you just said, Avast! is a very good choice... are you using their firewall as well?
Yes.

They seem to be on top of things when it comes to getting current definitions updates. i.e. Sometimes several updates in one day.
 
  • #210
dlgoff said:
Yes.

They seem to be on top of things when it comes to getting current definitions updates. i.e. Sometimes several updates in one day.

Good, then you're in fine shape, and I'm glad to hear it. Remember, your AV program is only as good as its last update.
 

Similar threads

Replies
4
Views
2K
Replies
7
Views
1K
Replies
0
Views
96K
  • Sticky
3
Replies
96
Views
44K
Replies
3
Views
1K
Replies
30
Views
2K
Replies
13
Views
3K
Back
Top