Bitcoin Forum
September 24, 2018, 01:04:35 AM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3] 4 5 »  All
  Print  
Author Topic: DDOS Payback  (Read 8113 times)
flix
Legendary
*
Offline Offline

Activity: 1227
Merit: 1000



View Profile
April 18, 2013, 05:02:36 PM
 #41

99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?


(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).
1537751075
Hero Member
*
Offline Offline

Posts: 1537751075

View Profile Personal Message (Offline)

Ignore
1537751075
Reply with quote  #2

1537751075
Report to moderator
1537751075
Hero Member
*
Offline Offline

Posts: 1537751075

View Profile Personal Message (Offline)

Ignore
1537751075
Reply with quote  #2

1537751075
Report to moderator
1537751075
Hero Member
*
Offline Offline

Posts: 1537751075

View Profile Personal Message (Offline)

Ignore
1537751075
Reply with quote  #2

1537751075
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537751075
Hero Member
*
Offline Offline

Posts: 1537751075

View Profile Personal Message (Offline)

Ignore
1537751075
Reply with quote  #2

1537751075
Report to moderator
1537751075
Hero Member
*
Offline Offline

Posts: 1537751075

View Profile Personal Message (Offline)

Ignore
1537751075
Reply with quote  #2

1537751075
Report to moderator
glitch003
Full Member
***
Offline Offline

Activity: 219
Merit: 100


View Profile
April 18, 2013, 05:36:08 PM
 #42

99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?


(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).

Pray tell, how would you tell the difference between DDoS data and real data?  The only people who have access to the information needed to make that distinction are the website operators who are being DDoSed.  Without their server logs, you're not going to accomplish much.
epetroel
Sr. Member
****
Offline Offline

Activity: 428
Merit: 250


View Profile
April 18, 2013, 05:38:14 PM
 #43

99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?


(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).

Gox said 4 hours ago on their twitter feed that this was a DDOS.  Or are you suspecting that Gox is lying about that?  If so, the only people with access to this "proof" you want would be Gox, SoftLayer, Prolexic, or the person actually doing the attack.
glitch003
Full Member
***
Offline Offline

Activity: 219
Merit: 100


View Profile
April 18, 2013, 05:40:21 PM
 #44

99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?


(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).

Pray tell, how would you tell the difference between DDoS data and real data?  The only people who have access to the information needed to make that distinction are the website operators who are being DDoSed.  Without their server logs, you're not going to accomplish much.


traceroute and ping em and their uplinks during attacks, look at packet loss this will tell you all you need to know. Look whether it is 0%, 100% or something closer 20-05%.

Packet loss due to a ton of legitimate traffic would look identical to a DDoS though.
acoindr
Legendary
*
Offline Offline

Activity: 1050
Merit: 1001


View Profile
April 18, 2013, 06:18:34 PM
 #45

Let me explain about DDoS (I know many here know).

The problem is it's like standing in the middle of a clear field against an unseen army in the forest. You have to stand in the field so people can find you, but you're completely exposed to attack. You just have to be able to take everything that comes your way.

Translated to Web technology this means most sites exposed to significant DDoS attack are effectively disabled. There are mitigation techniques/software to reduce the effectiveness of attacks, but as the link provided above, which gives good information, points out even spending thousands of dollars on expert defenses is not always enough. The only real answer, like standing in that field, is to be big enough and bad enough to take it, having loads of bandwidth, servers, software etc. to ride the attack out. Cloudflare is something that helps the issue greatly, because they take the expensive problem many have independently and address it with consolidated resources. Still, it's an underdog fight to start with.

So how to effectively address DDoS? You might try finding the attacker(s) using social means as mentioned. The problem there is you'll never find everyone if anyone. Pooling resources, money, brain power, etc. in the style of Cloudflare in more organized ways might help.

The problem is more systemic. For example, there are DDoS extortion cases where it's less costly for a victim site, like a profitable gambling one, to pay a ransom then suffer extended downtime.

I'd say you really have to take away the main weapon which is botnets. To do that you have to provided better security against computer sheeple allowing their computers to be used unwittingly. I actually had a business idea which was a computer that was virus proof (it basically stored files in a compartmentalized way, and clean re-installed the OS with a click or on automated schedule) but never developed it.

yona
Member
**
Offline Offline

Activity: 93
Merit: 10



View Profile
April 18, 2013, 06:49:10 PM
 #46

speaking of,
i can't get access to https://blockchain.info for the past 40min...
pinger
Legendary
*
Offline Offline

Activity: 1500
Merit: 1000


Bitcoin - Resistance is futile


View Profile WWW
April 18, 2013, 06:58:21 PM
 #47

speaking of,
i can't get access to https://blockchain.info for the past 40min...

This page (https://blockchain.info/) is currently offline. However, because the site uses CloudFlare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by CloudFlare | Hide this Alert

For rent
Stephen Gornick
Legendary
*
Offline Offline

Activity: 2506
Merit: 1001


View Profile
April 18, 2013, 08:30:44 PM
 #48

Is this a real attack or just exponential traffic growth?

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html
ChristianK
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
April 18, 2013, 08:47:45 PM
 #49

Ripple enthusiasts are too smart for that, and Litecoin users are too stupid.
Don't forget that Litecoin is essentially a coin that's build to be easily mineable with botnets.

Quote
Yeah, what system does Slashdot use? Or CNN.com? (any major news website, most are immune to DDOS).
They aren't immune. They are just big and therefore expensive to attack.
Even banks can be attacked : http://www.informationweek.com/security/attacks/bank-ddos-attacks-resume-wells-fargo-con/240151825
The folks that attacked those banks weren't even all that powerful. Just one random group of angry hackers.

Quote
The problem is more systemic. For example, there are DDoS extortion cases where it's less costly for a victim site, like a profitable gambling one, to pay a ransom then suffer extended downtime.
MtGox is effectively a profitable gambling site.
Elwar
Legendary
*
Offline Offline

Activity: 2590
Merit: 1251


www.varyon.io


View Profile WWW
April 18, 2013, 08:50:28 PM
 #50

The irony is that the anonymity of Bitcoin would likely keep us from tracking the source.

The most likely scenario is that someone who wants to buy a bunch of bitcoins or has a bunch and wants to play the market just hops onto Silk Road, finds someone with 1000 bots for rent. They pay them a couple hundred bucks in bitcoins, they get temporary control over them and start hitting MtGox. They sell their BTC as the value starts to drop and they put a buy order in at a lower price. Once they hit their buy they pull the bots and the price starts to climb back up. Easy money.

So, to track this person down you would find the source of the bots. This is likely a bunch of random computers with a virus. Even if you could track down the person who created the virus, the actual person who started the DDOS paid in bitcoins.

Or you could use the transparency of Bitcoin to find out what the cost of a DDOS would be, look for a transaction on the blockchain within a day of the DDOS that is close to that price. Then try to track the source address to see who it is.

                     ▄▓▓▓▓    ▄▓█▓▄
                  ▄▓██████    ██████▓▄
                ▐████████▓    ▓████████▌
            ▄▓▓▄ ▀██▓▀▀▀         ▀▀▓██▓ ▄▓▓▄
         ▄▓█████▌ ▄▄▓▓██▓▌     ▓██▓▓▄▄ ▐█████▓▄
       ▓███████▀▄▓███████▌    ▐███████▓▄▀▓██████▓
       ▓█████▓ ▓█████████▌     █████████▓ ▓█████▓
               ▀▓████████      █████████▓
     ▄▄             ▀▀▀▀▀       ▀▀▀▀             ▄▄
    ▓████▓▓                                  ▄▓█████
    ▐██████ ▄▓█▓▓▄▄                   ▄▄▓▓▓▓ ██████▌
     ▓█████ ████████▓▓            ▄▓████████ █████▓
      ▓███▓ █████████▓            ▓█████████ ▓████
            ▀███████▀               ▓██████▀
        ▓███▓ ▓███▓      ▄▓██▓▄      ▓███▓ ▓███▓
        ▓█████▄        ▄▓██████▓▄        ▄▓████▓
         ██████▓      ▓██████████▓      ▐██████
         ▐████▓       ▀▓████████▓▀       ▓████▌
           ▀▀▀    ▄▓██▓▓▄▄ ▀▀ ▄▄▓▓███▓     ▀▀▀
                 ▓█████████  ██████████▄
                 ▓▓██████▓▓  ▀▓██████▓▓
██
██
██
██
██
██
██
██
██
██
██
██
██
██
.......Social Media.......
██▄▓█████████████████████▓▓▄
▓██████████████████████████▌
███████████████████▓▓▀  ▓██▌
██████████████▓▀▀       ▓██▌
████████▓▀▀      ▄█    ▐███▌
███▓▀        ▄▄▓▀      ▓███▌
███▓▄▄▄   ▄▓█▓         ████▌
████████▓ ▓▌          ▓████▌
█████████▓    ▄       █████▌
██████████▌ ▄▓██▓▄   ▐█████▌
███████████████████▓▓██████▌
▐██████████████████████████
  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▄███████████████████▄
██████████████████████▌
██████████████████████▌
████████████     █▀███▌
███   █████        ▐██▌
███               ▐███▌
███               ████▌
████             █████▌
█████▄▄         ██████▌
████         ▄████████▌
██████████████████████▌
██████████████████████▌
██
██
██
██
██
██
██
██
Elwar
Legendary
*
Offline Offline

Activity: 2590
Merit: 1251


www.varyon.io


View Profile WWW
April 18, 2013, 08:55:21 PM
 #51

MtGox could also check the logs to see who consistently sells before or early into a DDOS attack and buys near the end of the attack.

They may be able to discover a pattern.

                     ▄▓▓▓▓    ▄▓█▓▄
                  ▄▓██████    ██████▓▄
                ▐████████▓    ▓████████▌
            ▄▓▓▄ ▀██▓▀▀▀         ▀▀▓██▓ ▄▓▓▄
         ▄▓█████▌ ▄▄▓▓██▓▌     ▓██▓▓▄▄ ▐█████▓▄
       ▓███████▀▄▓███████▌    ▐███████▓▄▀▓██████▓
       ▓█████▓ ▓█████████▌     █████████▓ ▓█████▓
               ▀▓████████      █████████▓
     ▄▄             ▀▀▀▀▀       ▀▀▀▀             ▄▄
    ▓████▓▓                                  ▄▓█████
    ▐██████ ▄▓█▓▓▄▄                   ▄▄▓▓▓▓ ██████▌
     ▓█████ ████████▓▓            ▄▓████████ █████▓
      ▓███▓ █████████▓            ▓█████████ ▓████
            ▀███████▀               ▓██████▀
        ▓███▓ ▓███▓      ▄▓██▓▄      ▓███▓ ▓███▓
        ▓█████▄        ▄▓██████▓▄        ▄▓████▓
         ██████▓      ▓██████████▓      ▐██████
         ▐████▓       ▀▓████████▓▀       ▓████▌
           ▀▀▀    ▄▓██▓▓▄▄ ▀▀ ▄▄▓▓███▓     ▀▀▀
                 ▓█████████  ██████████▄
                 ▓▓██████▓▓  ▀▓██████▓▓
██
██
██
██
██
██
██
██
██
██
██
██
██
██
.......Social Media.......
██▄▓█████████████████████▓▓▄
▓██████████████████████████▌
███████████████████▓▓▀  ▓██▌
██████████████▓▀▀       ▓██▌
████████▓▀▀      ▄█    ▐███▌
███▓▀        ▄▄▓▀      ▓███▌
███▓▄▄▄   ▄▓█▓         ████▌
████████▓ ▓▌          ▓████▌
█████████▓    ▄       █████▌
██████████▌ ▄▓██▓▄   ▐█████▌
███████████████████▓▓██████▌
▐██████████████████████████
  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▄███████████████████▄
██████████████████████▌
██████████████████████▌
████████████     █▀███▌
███   █████        ▐██▌
███               ▐███▌
███               ████▌
████             █████▌
█████▄▄         ██████▌
████         ▄████████▌
██████████████████████▌
██████████████████████▌
██
██
██
██
██
██
██
██
paraipan
Legendary
*
Offline Offline

Activity: 924
Merit: 1000


Firstbits: 1pirata


View Profile WWW
April 18, 2013, 09:06:06 PM
 #52


This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
acoindr
Legendary
*
Offline Offline

Activity: 1050
Merit: 1001


View Profile
April 18, 2013, 09:39:10 PM
 #53

If most of the IP's used in DDoS's are infected PC's then wouldn't that mean most of these PC's are vulnerable to attacks?

ALL computers are vulnerable to attack, though some more so than others.

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

lol if only it were that simple.
Elwar
Legendary
*
Offline Offline

Activity: 2590
Merit: 1251


www.varyon.io


View Profile WWW
April 18, 2013, 10:14:40 PM
 #54

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

That is funny. A virus fighting virus attack.

Maybe reset their background to a picture of the lone ranger with a message "Your system is now free from bad guys"

                     ▄▓▓▓▓    ▄▓█▓▄
                  ▄▓██████    ██████▓▄
                ▐████████▓    ▓████████▌
            ▄▓▓▄ ▀██▓▀▀▀         ▀▀▓██▓ ▄▓▓▄
         ▄▓█████▌ ▄▄▓▓██▓▌     ▓██▓▓▄▄ ▐█████▓▄
       ▓███████▀▄▓███████▌    ▐███████▓▄▀▓██████▓
       ▓█████▓ ▓█████████▌     █████████▓ ▓█████▓
               ▀▓████████      █████████▓
     ▄▄             ▀▀▀▀▀       ▀▀▀▀             ▄▄
    ▓████▓▓                                  ▄▓█████
    ▐██████ ▄▓█▓▓▄▄                   ▄▄▓▓▓▓ ██████▌
     ▓█████ ████████▓▓            ▄▓████████ █████▓
      ▓███▓ █████████▓            ▓█████████ ▓████
            ▀███████▀               ▓██████▀
        ▓███▓ ▓███▓      ▄▓██▓▄      ▓███▓ ▓███▓
        ▓█████▄        ▄▓██████▓▄        ▄▓████▓
         ██████▓      ▓██████████▓      ▐██████
         ▐████▓       ▀▓████████▓▀       ▓████▌
           ▀▀▀    ▄▓██▓▓▄▄ ▀▀ ▄▄▓▓███▓     ▀▀▀
                 ▓█████████  ██████████▄
                 ▓▓██████▓▓  ▀▓██████▓▓
██
██
██
██
██
██
██
██
██
██
██
██
██
██
.......Social Media.......
██▄▓█████████████████████▓▓▄
▓██████████████████████████▌
███████████████████▓▓▀  ▓██▌
██████████████▓▀▀       ▓██▌
████████▓▀▀      ▄█    ▐███▌
███▓▀        ▄▄▓▀      ▓███▌
███▓▄▄▄   ▄▓█▓         ████▌
████████▓ ▓▌          ▓████▌
█████████▓    ▄       █████▌
██████████▌ ▄▓██▓▄   ▐█████▌
███████████████████▓▓██████▌
▐██████████████████████████
  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
▄███████████████████▄
██████████████████████▌
██████████████████████▌
████████████     █▀███▌
███   █████        ▐██▌
███               ▐███▌
███               ████▌
████             █████▌
█████▄▄         ██████▌
████         ▄████████▌
██████████████████████▌
██████████████████████▌
██
██
██
██
██
██
██
██
Anon136
Legendary
*
Online Online

Activity: 1624
Merit: 1178



View Profile
April 18, 2013, 10:22:24 PM
 #55

if we actually knew who was doing it what would be the point of ddosing him back? just post up a bounty for his broken knee caps. say 100btc per cap?

Rep Thread: https://bitcointalk.org/index.php?topic=381041
If one can not confer upon another a right which he does not himself first possess, by what means does the state derive the right to engage in behaviors from which the public is prohibited?
paraipan
Legendary
*
Offline Offline

Activity: 924
Merit: 1000


Firstbits: 1pirata


View Profile WWW
April 18, 2013, 10:42:09 PM
 #56

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

That is funny. A virus fighting virus attack.

Maybe reset their background to a picture of the lone ranger with a message "Your system is now free from bad guys"

Could be a good idea and here is why:

Quote
Most vaccines contain a little bit of a disease germ that is weak or dead.

http://www.phac-aspc.gc.ca/im/vs-sv/vs-faq01-eng.php

BTCitcoin: An Idea Worth Saving - Q&A with bitcoins on rugatu.com - Check my rep
Peleus
Member
**
Offline Offline

Activity: 112
Merit: 100


View Profile
April 18, 2013, 10:53:24 PM
 #57

As someone with a fair bit of security experience in both the white and blackhat aspects of network security - You're not finding anyone I assure you.

pinger
Legendary
*
Offline Offline

Activity: 1500
Merit: 1000


Bitcoin - Resistance is futile


View Profile WWW
April 18, 2013, 10:54:42 PM
 #58

It can't be so difficult to do, just make a cleaning site with a browser exploit kit, and put it on some free bitcoins sites and start the advisory.

For rent
meowmeowbrowncow
Sr. Member
****
Offline Offline

Activity: 322
Merit: 250



View Profile
April 18, 2013, 10:58:48 PM
 #59

I'd guess that means a bot could target them with the same attack to install and update an antivirus and remove all the spam toolbars from their browser.

That is funny. A virus fighting virus attack.

Maybe reset their background to a picture of the lone ranger with a message "Your system is now free from bad guys"
..while running a DDoS on the whole of Wales in the background mwahahah!!



LOL

"Bitcoin has been an amazing ride, but the most fascinating part to me is the seemingly universal tendency of libertarians to immediately become authoritarians the very moment they are given any measure of power to silence the dissent of others."  - The Bible
agaumoney
Newbie
*
Offline Offline

Activity: 53
Merit: 0


View Profile
April 18, 2013, 11:13:29 PM
 #60

banks can't legally do it. at least not here in the US.

What difference does that make?
Pages: « 1 2 [3] 4 5 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!