DoS attacks
#1
Posted 02 March 2007 - 12:47 AM
#3
Posted 02 March 2007 - 01:31 AM
"In order to master the markets, you must first master yourself" ... JP Morgan
"Most people lose money because they cannot admit they are wrong"... Martin Armstrong
http://marketvisions.blogspot.com/
#4
Posted 02 March 2007 - 02:30 AM
#5
Posted 02 March 2007 - 03:16 AM
~ Johann Wolfgang Von Goethe ~
#6
Posted 02 March 2007 - 03:24 AM
#7
Posted 02 March 2007 - 04:32 AM
Ditto.Enough already!
This is not one or 2 IPs who are attacking. There have been attacks from every continent on the planet (except possibly Australasia), from countries some of whom embrace democracy, some of whom do not. Over the last couple of weeks, we have banned HUNDREDS of IPs. I wish I could tell you that's there's a consistent pattern so I can ban whole ranges of addresses, but there isn't.
The attackers are not exhausting the search queries. Switching off search here was to just help the CPU have some extra grunt when the attacks get blocked, and we get hit with a surge of legitimate people who want information. That's when we need the CPU. When we're being flooded by attacks, the CPU load is low because of the network bottleneck.
At the moment, the average the number of visits to the site, is double our run rate. On bad days, it is a factor of 3 or 4 more, on 2 especially bad days, it's been 6.
All we can do is hope that these people are going to get bored and try and break somebody else's site. All this time they have NEVER seen an error 500 returned (which would tell them they've crashed the server), in my opinion that's what they're trying for.
But that ain't gonna happen.
We ARE contacting the attackers' ISP about their abuse of the internet.
If you really want to help, make a BIG donation from your retirement fund, and we'll be able to put some much more serious barriers in their way.
#8
Posted 02 March 2007 - 04:52 AM
#9
Posted 02 March 2007 - 05:04 AM
Edited by kisacik, 02 March 2007 - 05:07 AM.
#10
Posted 02 March 2007 - 05:16 AM
Ditto.
This is not one or 2 IPs who are attacking. There have been attacks from every continent on the planet (except possibly Australasia), from countries some of whom embrace democracy, some of whom do not. Over the last couple of weeks, we have banned HUNDREDS of IPs. I wish I could tell you that's there's a consistent pattern so I can ban whole ranges of addresses, but there isn't.
The attackers are not exhausting the search queries. Switching off search here was to just help the CPU have some extra grunt when the attacks get blocked, and we get hit with a surge of legitimate people who want information. That's when we need the CPU. When we're being flooded by attacks, the CPU load is low because of the network bottleneck.
At the moment, the average the number of visits to the site, is double our run rate. On bad days, it is a factor of 3 or 4 more, on 2 especially bad days, it's been 6.
Is it possible this is something else? I can't imagine this site would be the victim of such a relentless attack. Maybe it's automated and spreading. Like a virus that moves around and keeps other computers going back to you? So they kick off the attack and it spreads and grows with no effort on their part? Are they able to store any data on your system or have they cached any ad graphics on your system? I've heard of some sneaky ad programs that can create a D.O.S. like result. I think they park or use ads on your system to then feed their AD WARE that spreads from system to system. The Ad Ware has you as one possible site to snag the ad from and once it spreads wide enough you wind up with adenial of service like situation.
Hey, I don't know. I'm not trained in this stuff. But I've heard a few things. You guys have your hands on it so you probably have eliminated a lot of stuff.
Edited by Sentient Being, 02 March 2007 - 05:21 AM.
~ Johann Wolfgang Von Goethe ~