Slyck.com
 
Slyck Chatbox - And More

isoHunt Recovers From DDoS Attack

Discuss Slyck's latest news
Forum rules
PLEASE READ BEFORE POSTING: Slyck Forum Rules

isoHunt Recovers From DDoS Attack

Postby SlyckTom » Mon Jan 12, 2009 9:56 pm

If you have an RSS feed of isoHunt and wonder why it went dead today, the reason is threefold. First, isoHunt suffered a DDoS (Distributed Denial of Service) attack from what Gary Fung, administrator of the site, calls "russian user agents". The site actually suffered 2 intentional attacks, and one incidental.

According to Gary, the initial attack was launched against the search feature of the site, and the second was against the RSS feed. Implementing massive requests to both, which we're told was about 7,000 requests per second above normal, the site was brought to a virtual standstill. From the isoHunt forums:

"Starting a couple hours before midnight GMT on 10-Jan-2009 we started receiving a lot more requests and traffic than we would normally have at that time of day, which topped out at 8500 CPS (connections per second) before we could get in, figure out what was happening and act to mitigate it. Thankfully, the folks that attacked us the first time made it fairly easy for us to locate and filter their traffic, since I don't think there are many people living in South America or Asia who legitimately run their browsers in Russian."

The isoHunt administration counterattacked with IP bans and temporarily disabling the RSS feed. As they say in network administration, no guts, no glory. The day was saved and as of now, the site appears operational and functional. Additionally, the RSS feed has been restored.

As a side note, there was a suspected 3rd attack as well. However the third 'attack' was merely "silly IE toolbars" that were frantically trying to reconnect when the RSS feed was taken offline.




Follow us on Twitter @SlyckDotCom
Join our Facebook Fan page
SlyckTom
 
Posts: 5713
Joined: Fri Jul 26, 2002 7:22 pm
Location: New York City

Re: isoHunt Recovers From DDoS Attack

Postby voodoohippie » Wed Jan 14, 2009 3:28 am

Is this RIAA illegally DDOSing or scene revenge because their sacred stuff has left Usenet (thanks to graboid) or what? First they try and virus us with a host file virus, now this. What lame crap will they think of next. Commodore 64 wanna be hacker mentality in a different decade and of course more powerful computers however just as childish. I remember a lame cracking group called RCS (rebel cracking service) in the 80's and early 90's that only wanted their stuff traded among "club" members. They would try and crash other BBS's (bulletin board systems) that traded their warez or phone phreaking codes to make illegal long distance phone calls in the days of the C64/Amiga.
Check out The Legacy Album Rock http://thelegacy.shorturl.com for the best Album Rock, Classic Rock, Progressive Rock More than "Classic Hits"

Start an Internet Radio Station Legally and even stream Audio Ads.
http://startinternetradio.tk
voodoohippie
 
Posts: 458
Joined: Sat Nov 08, 2003 1:52 am

Re: isoHunt Recovers From DDoS Attack

Postby rsrikanth05 » Wed Jan 14, 2009 9:05 am

voodoohippie wrote:Is this RIAA illegally DDOSing or scene revenge because their sacred stuff has left Usenet (thanks to graboid) or what? First they try and virus us with a host file virus, now this. What lame crap will they think of next. Commodore 64 wanna be hacker mentality in a different decade and of course more powerful computers however just as childish. I remember a lame cracking group called RCS (rebel cracking service) in the 80's and early 90's that only wanted their stuff traded among "club" members. They would try and crash other BBS's (bulletin board systems) that traded their warez or phone phreaking codes to make illegal long distance phone calls in the days of the C64/Amiga.

That seems pretty much possible...
.........
User avatar
rsrikanth05
 
Posts: 1793
Joined: Sun Feb 20, 2005 6:11 am
Location: Up in the clouds

Re: isoHunt Recovers From DDoS Attack

Postby James R. Bath » Wed Jan 14, 2009 11:28 am

Abusers are rampant, downloading lists over and over 24/7 and are being dealt with.

That's a quote from Bluetack on December 7th, also a weekend attack. DDoS attacks that just happen to be targeting sites that help file-sharing work. I think *AA or a sympathetic government agency is more plausible. For anybody else to pull that off, they'd need a worm planted, as opposed to thousands of Russian computers hiding their traffic via South American and Asian proxies on a weekend and apparently flipping the attacks on and off like a network admin. Seems far too coordinated and focused for any sort of malware.
Get shades and bunnies and a faster, smaller, more secure eMule: eMule beba
User avatar
James R. Bath
 
Posts: 96
Joined: Sat Jul 05, 2008 1:17 pm
Location: a tube

Re: isoHunt Recovers From DDoS Attack

Postby no_dammagE » Sat Jan 17, 2009 8:45 pm

(Un)fortunately worm writers are same lameasses as the vast majority of the rest of programmers. They are humans, too. They make same dumb mistakes. You will find at least one botnet right now (heh, there is even a paper about it, I don't have the link to it anymore :/ ), you can infiltrate and make it fulfill your wishes. No need to install a new botnet. :twisted:

As of attacks themselves: somebody put his/her brain into a Daily Mirror. You cannot hold a DDoS active for a long time. And attacking a host whose lim(profit) -> 0 is brainless. :nopity:
Windows? Blah. Linux? Blah. BSD? Blah.
Just make sure you have a computer licence and I can open your fsckin files.
Vorbis | Theora | LaTeX | OpenDocument
User avatar
no_dammagE
 
Posts: 652
Joined: Sat Jul 05, 2003 9:37 am


Return to Slyck News

Who is online

Users browsing this forum: No registered users and 2 guests

cron
© 2001-2008 Slyck.com