AO vunerable to DoS

View Poll Results: What do you think?

Voters
5. You may not vote on this poll
  • M$ controls the video card manufacturers

    2 40.00%
  • The video card manufacturers control what M$ puts in DirectX

    0 0%
  • A little bit of both

    3 60.00%
  • They're independent of each other

    0 0%
Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: AO vunerable to DoS

  1. #1
    Senior Member
    Join Date
    Jan 2002
    Posts
    657

    AO vunerable to DoS

    This isnt really much of a bug but more of a problem the site could possibly have.

    I know this is something very obvious to some to notice but sometimes i try to get on AO and notice the site is down... and is down for a while.. on irc.antionline.com we had a good laugh about it cause i pointed it out one time while i was postin and Remote_Access_ and others got a good tease on me sayin i broke AO lol , its one of thoes U had to be there kinda things

    But the thing im curious is if the reason the site was down was due to something on the lines of DDoS. Back in the day when i was a idiot *many still think i am LoL* i DDoSed AO to see how secure it was against packets and noticed the site did not even stand a chance... the next morning i checked if the site was up and it was still down... i was sorta worried i might have cause some real problems and tryed to email JP on the subject but got no response ... the next day the site was down in the morning but back up by night time.. so i was relived the site was fine due to the fact that the sitewas and still is a great place for information.

    The thing im wonder is if anyone has suggestions maybe to help AO against DDoS that maybe JP could look into to maybe make AO more stable against DDoS.. i know theres no real cure for DDoS but there are slight ways to make sites live threw DDoS.. ive seen some v-host last through DDoS of over 800 cables and never was able to find out what makes the dif then most websites on why some v-host on IRC can live threw mass DDoS but almost 99% of the sites out there cant.. is it the bandwidth or sumthin to help deal with the packets.

    Id love to hear from JP himself on how he would plan to deal with a DDoS attack against AO and if hes ever noticed one before cause i know of it happenin over 5 times and none of the times were the DDoS was stop by anything other then the person ending the attack.

    i love AO now dont get me wrong id NEVER attack AO again i love this place and its full of many people im learning to respect and call friends and i hope my exsperinces here only get better but i just wanna hear some opinions on how DDoS or other attacks on AO (if any) can or will be stoped..

    if u wish to speak to me in person im on irc.antionline.com every so often under the nick NetSyn

    -NetSyn
    [shadow]i have a herd of 1337 sheep[/shadow]
    Worth should be judged on quality... Not apperance... Anyone can sell you **** inside a pretty box.. The only real gift then is the box..
    Share on Google+

  2. #2

    Lightbulb Re: AO Vulnerable to DoS

    DDoS is a major web threat because there are no defences deployed.
    DDoS attacks can come from MANY compromised host and bots making
    the attack more powerful. These attacks have increased cause people
    with a good general knowledge about DDoS and DoS attacks write programs
    that make it easy for anyone to download, point, click, and then have sites
    down for hours due to these attacks. Information on DDoS and DoS attacks,
    how they work and what they do is EASILY available all over the internet.
    With the on growing technology of anonymity on the web, it's making it
    more and more difficult to find out who and where these attacks are coming from.
    If you wanted to find informatin on DoS attacks just go to Google and type DoS. Results: 25,800,000 pages in 0.14 seconds.
    I cant remember what security orginization it was but I believe they said:

    There is currently no way that any of us can protect our corporations against DDoS attacks.
    Remote_Access_
    Share on Google+

  3. #3
    Senior Member
    Join Date
    Aug 2001
    Location
    Pittsburgh
    Posts
    153
    Dos and Ddos attacks are some of the hardest attacks to prevent and the funny thing is that it is one of the most easiest things to do. One good thing is if the attacker is sending ICMP and UDP these packets can be filtered but will greatly affect the productivity of the network. One problem is that SYN and ACK packets cannot be filtered at all so basically the site is screwed either way. It's a shame.
    Share on Google+

  4. #4
    Who the hell is coming up with these stupid polls?

    As a system administrator, I'm sure JP, with common sense, would want the best possible security and it would probably not just let it get compromised.

    Posting some stupid poll about "Should AO have good protection?" is ridiclous.

    Quit wasting hard drive space with stupid questions.
    Jason Parker - http://www.o-negative.net
    o-Negative: Information Network
    Share on Google+

  5. #5
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post

    Listen netsyn, jparker is right. We dont need a silly poll on this. In fact this is a pointless question. Do you think for one second that JP hasnt already been dealt with more than his fair share of denial of service attacks? He probably is in them all the time with the loud mouth he has and **** talking he does(no offense JP) to the kiddiots who come in irc. Since the kiddies are responsible for 95% of the DDoS attacks everywhere, he probably has been hit more times than he can count. He is prepared, leave it at that.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19
    Share on Google+

  6. #6
    I've been getting hit with negative points for my post, and you know what.. It doesn't make it any less true.

    This is a stupid topic, and I'm going to always voice my opinion.

    To further my disgust, I'm going to add, NetSyn, that you probably got dynamic firewall rule thrown at your ass. *That* would be why the "site was down" to you, and personally, I would like to see the effect of this DDoS on my own network, o-negative.net. Since you seem to think someone in JP's position is incapable of running this network and he needs help from lame poll creating kiddiots.

    o-Negative awaits yours packet, sir.
    Jason Parker - http://www.o-negative.net
    o-Negative: Information Network
    Share on Google+

  7. #7
    Senior Member
    Join Date
    Oct 2001
    Posts
    689

    Post

    The poll is a waste, as are 90% of the other polls seen on this site. JP knows what he is doing so leave it at that. jparker, you crack me up.
    Wine maketh merry: but money answereth all things.
    --Ecclesiastes 10:19
    Share on Google+

  8. #8
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Greetings All:

    Ok, let's talk a bit about what I do to protect AntiOnline, along with some background information.

    We got over 4million intrusion attempts last year. To put this in prospective, according to the General Accounting Office, the entire US Department of Defense got 20,000 intrusion attempts against all of its networks combined last year. This makes us one of the internet's most attacked networks, if not THE most attacked network.

    So, it's ALWAYS safe to assume that we think about every imaginable way that someone could muck up our network, and make plans to protect against it. As a matter of fact, our current DOD sponsored research deals with stopping attacks, even though it's a type that has never been previously used, ie an "unknown" or "0-day" attack or exploit. This is what the security industry calls "anomaly detection". We have dozens of toys that we've developed over the past few years (some of which are the result of government sponsored research) that we use to protect ourselves against all SORTS of things.

    Now, as for floods, which this thread specifically addresses:

    For starters, AntiOnline averages over 200 floods a week, everything from ICMP to common SYN to DDOS. You'll probably notice that our network is RARELY down, which must mean that we have pretty good protective measures in place. Also, just because our website is down, doesn't mean it's because of a flood, either. For example, we do take our website offline every week for updates, backups, database maintenance, etc. That has nothing to do with DOS, and you'll notice that such planned outages usually occur late at night.

    Jparker is right, in many cases, with a wide variety of attacks, our network monitoring stations automatically update our router and firewall configurations (using applications proprietary to AO), to deny access to attacking users. We also do things like deny all ICMP traffic from entering our network, block source routing, use tcp intercept, etc. etc. etc. All of these measures make us as protected as one can be from DDOS. Now, if someone is able to fill up our pipe with junk packets, that's another issue. It rarely ever happens, and when it does, we've found that attacks of those sizes are very difficult to maintain, and usually don't last very long at all. When they seem like they are going to last for some time, we have a direct number to UUNet's security department, where the engineers are quick to filter traffic on their end for us. If you take a look, you'll notice that AntiOnline's backbone connects directly to one of UUNet's backbone routers, with no hops in between. There's a reason for that, too Once the UUNet engineers enter filters at their end, a DDOS would literally have to take down part of the backbone of the internet before we'd go down. Is that possible? Yes, it is. But, how often has part of the backbone been shut down by a DDOS?

    I hope that helps. And keep in mind, I didn't just start this job yesterday
    Share on Google+

  9. #9
    Thank you.

    P.S. - 4 million attempts?! - Stop pissing everyone and thier mother off! Muahahah!
    Jason Parker - http://www.o-negative.net
    o-Negative: Information Network
    Share on Google+

  10. #10
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Greetings All:

    BTW: since this isn't a bug, i'm moving this thread to the general chit chat forum.
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides