Slow Forums / Inaccessable (Updated)

[ImMeSoHi]

weird..my forum is loading fine now...and the server status is still busy, but forum is loading fine.

o.O odd

But keep up the good work staff

[Lakers]

I made it through on 104
just need 86

[CLAIRE]

its so annoying...does anyone know when it will be fixed?

[Sam]

My forums on servers 67,75 & 107 are now all back up and running and running the fastest that they have done all afternoon!

Ta,
Sam

[Zath]

Oct 9, 2008 7:47:27 GMT -8 ImMeSoHi said:

Oct 9, 2008 7:41:26 GMT -8 imo pop, said:

question: how come this forum is working?

If your able to at least get into your headers and footers like I am, then I suggest backing your headers/footers up.

This is unnecessary.
A denial of service attack clogs up access with constant attempts at connection or pings etc, its not actually an attempt to destroy data.

[lyndaoh]

Weird. When I try to log into mine it brings me back here.

[VD]

Only 2 servers offline, the rest all busy. Looking good.

[Megs]

My site is currently up and running

[littlelouie11]

looks like server 91 is working fine, our site is back up... thanks guys

[Renegade]

according to pat's update it was one forum being targeted and steps were being taken to fix things - so i'd guess they moved that board somewhere else or something, to allow other forums to load ok.

[Sam]

Oct 9, 2008 8:06:26 GMT -8 Megs said:

My site is currently up and running

Yeah, same here too .

Ta,
Sam

[goodolboy]

Oct 9, 2008 8:06:26 GMT -8 Megs said:

My site is currently up and running

mine too

[number9]

My forum is really slow and then loads "page cannot be displayed. status is busy, but don't really know what that means. Forum board 44.

[Dance Harmony]

For those of you who haven't clicked on links, Here's the Wiki description of what a DDoS attack is:

A distributed denial of service attack (DDoS) occurs when multiple compromised systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods.

Malware can carry DDoS attack mechanisms; one of the more well known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.

A system may also be compromised with a trojan, allowing the attacker to download a zombie agent (or the trojan may contain one). Attackers can also break into systems using automated tools that exploit flaws in programs that listen for connections from remote hosts. This scenario primarily concerns systems acting as servers on the web.

Stacheldraht is a classic example of a DDoS tool. It utilizes a layered structure where the attacker uses a client program to connect to handlers, which are compromised systems that issue commands to the zombie agents, which in turn facilitate the DDoS attack. Agents are compromised via the handlers by the attacker, using automated routines to exploit vulnerabilities in programs that accept remote connections running on the targeted remote hosts. Each handler can control up to a thousand agents.[11]

These collections of compromised systems are known as botnets. DDoS tools like stacheldraht still use classic DoS attack methods centered around IP spoofing and amplification like smurf attacks and fraggle attacks (these are also known as bandwidth consumption attacks). SYN floods (also known as resource starvation attacks) may also be used. Newer tools can use DNS servers for DoS purposes. (see next section)

Unlike MyDoom's DDoS mechanism, botnets can be turned against any IP address. Script kiddies use them to deny the availability of well known websites to legitimate users.[1] More sophisticated attackers use DDoS tools for the purposes of extortion — even against their business rivals.[12]

It is important to note the difference between a DDoS and DoS attack. If an attacker mounts a smurf attack from a single host it would be classified as a DoS attack. In fact, any attack against availability would be classed as a Denial of Service attack. On the other hand, if an attacker uses a thousand zombie systems to simultaneously launch smurf attacks against a remote host, this would be classified as a DDoS attack.

The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track down and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines.

Although most DDoS attacks are malicious in nature, the same technique can be used to aid the Internet community. Internet fraud schemes, such as Nigerian 419 scams or phishing, commonly involve fraudulent websites that either impersonate a real website for purposes of stealing the victim's identity, or lend credibility to a scammer's fictional business venture to lure the victim into a false sense of confidence. Scam baiters, who combat these scams by posing as victims for the purpose of wasting the scammer's time and money and obtaining information that can be used by authorities, will forward sites they encounter during the course of their conversations to groups that specialize in site-killing.[citation needed] The group will first try to have a site taken down by informing the host of said site that the site is being used fraudulently. In the case where that approach fails, the group will organize a "takedown" of the site by encouraging its members to visit the site en masse and continually refresh its content (an intentional form of the Slashdot effect sometimes referred to as flash mobbing, although that term is technically reserved for real-world gatherings). Alternately, some groups have special web pages that link to images hosted by these fake sites and show the images to visitors (usually members or supporters of the site-killing group) while constantly reloading them, which is known as intentional bandwidth hogging.[citation needed] The purpose, similar to malicious DoS attacks, is to (a.) rapidly consume all of the website's allocated monthly bandwidth, after which requests for the site's content are refused, (b.) draw the attention of the site's host, who when faced with the constant onslaught on the entire hosting network's resources, will usually remove the site, and/or (c.) take up all available connections and maximum throughput of the host so that would-be victims cannot access the site.

Hope that helps!

[timothy]

Oct 9, 2008 6:59:20 GMT -8 VS Admin said:

We have identified the forum that is the target of this attack. We are continuing to work to minimize the impact of this attack on our services.

Oh that means that a forum specifically si beig attacked? Why? Which? Who? It's awful

Well it seems to be that my forum is npow working quite fine (106) thank you!