Exactly, brilliant! We don't need anybody to close our ears and eyes to what's going on in the world as though we were babes, we have minds of our own with which to judge.
-
Join the MyBroadband community
South Africa’s biggest forum. Discuss, discover, and connect with thousands of members.
-
Question of the Day: Do you think Bafana Bafana will win tonight?
MagicDude4Eva
Banned
The scary part is that underground market places exist where you can purchase 80,000-120,000 hosts capable of launching DDoS attacks with up to 100Gpbs attack patterns for USD1000 for a day.
It's not scary, it's a reality... there is sooo much more to the internet than just Google, (The underground,Dark side to the internet) that not many of us see.. But it is definitely there...
I only discovered it recently (knowing it existed but just didn't have time to research) I was also "shocked" or "scared" but got over it... not many people will ever see that part, well not in this era...
Also it's not "internet" as such its more of a VPN (tunnel) to underground PC's/Servers...
Still get goosebumps tho when I think about it
It's not scary, it's a reality... there is sooo much more to the internet than just Google, (The underground,Dark side to the internet) that not many of us see.. But it is definitely there...
I only discovered it recently (knowing it existed but just didn't have time to research) I was also "shocked" or "scared" but got over it... not many people will ever see that part, well not in this era...
Also it's not "internet" as such its more of a VPN (tunnel) to underground PC's/Servers...
Still get goosebumps tho when I think about it
Oh please, stop acting like the Deep web is some secret club nobody knows about.
Step 1: Download TOR.
Step 2: Look through the hidden wiki and go exploring.
Whoop di do was that so hard?
LMAO, I know that, but there's more...
Maverick Jester
The Special One
Agreed, but different security patterns dictate how you deploy your infrastructure, and whether as you mentioned earlier, the LTM module does really well at things like compression, load balancing and offloading. Given that we do not have AFM, it made more sense to those in charge.
Then you may as well host your entire datacentre at IS...
Maverick Jester
The Special One
From what I remember, Bryanston is their failover site.
Not surprising that it only affected IOL- the attack targeted them. I really don't think that core infrastructure at IS will be shared with other companies, but at the end of the day, IOL did not have the relevant protection measures in place on their own site anyway. Them being the only party impacted by this is a testament to that.
Its not known if there were any other server/websites that was behind that firewall, the way I see it, is that the firewall went into "safe mode" and stopped traffic passing through it, (normal behavior)
The only other way that could've decreased downtime was that if IOL had a replicated site at another location and switch traffic to that destination when the firewall went down...
Just my thought/assumption...
Sinbad
Honorary Master
- Joined
- Jun 5, 2006
- Messages
- 88,625
- Reaction score
- 41,136
According to the news, 50 sites were affected.
http://www.bdlive.co.za/national/media/2013/06/13/hacktivists-hit-iol-over-praise-of-mugabe
CharlieBravo
Active Member
- Joined
- May 10, 2010
- Messages
- 85
- Reaction score
- 0
Pretty much no firewall will stop a Layer7 Denial-of-Service attack. You also cannot mitigate it by pointing the domain name to a different server as it uses http requests and not the IP.
IOL and the likes would need to seek the services of someone liek Prolexic, cloudflare or black lotus to mitigate these types of attacks. The traffic just looks to normal. If the traffic is spoofed then it will look like the attack is coming from many machines when in reality it is probably just using some sort of Proxy list. If a botnet is being used then this would likely be 200+ infected machines attacking. Hard to block thousands of IP's when it looks like normal Http requests
I can not see how this group is in anyway affiliated to Anonymous the collective. None of their followers are main characters from the collective.
The most likely thing that is happening is 1 person maybe 2 has discovered something called a booter or a stresser. These are services that can be purchased from websites to use their attack servers to launch a Denial-of-Service attack for x amount of seconds. Why do I believe they are using a booters/stressers because the attacks appear to be very limitied in time duration.
Generally when Anonymous attack a website it goes down for at least a day, if not the attack is most likely being mitigated by Cloudflare and the likes.
Anonymous also state as a rule that NO media outlets are to be attacked. The idea is that information on the internet is free and shared. IOL have never been seen as party leaning towards an political party and therefore the attack is completely unwarranted.
Booters and Stressers:
These can push out up to 30Gbp/s when attacking and can charge as little as $18pm with 1 hour slots. Anyone with paypal, bitcoin etc can sign up to these. They are by no means reserved for the underground hacker groups.
IOL and the likes would need to seek the services of someone liek Prolexic, cloudflare or black lotus to mitigate these types of attacks. The traffic just looks to normal. If the traffic is spoofed then it will look like the attack is coming from many machines when in reality it is probably just using some sort of Proxy list. If a botnet is being used then this would likely be 200+ infected machines attacking. Hard to block thousands of IP's when it looks like normal Http requests
I can not see how this group is in anyway affiliated to Anonymous the collective. None of their followers are main characters from the collective.
The most likely thing that is happening is 1 person maybe 2 has discovered something called a booter or a stresser. These are services that can be purchased from websites to use their attack servers to launch a Denial-of-Service attack for x amount of seconds. Why do I believe they are using a booters/stressers because the attacks appear to be very limitied in time duration.
Generally when Anonymous attack a website it goes down for at least a day, if not the attack is most likely being mitigated by Cloudflare and the likes.
Anonymous also state as a rule that NO media outlets are to be attacked. The idea is that information on the internet is free and shared. IOL have never been seen as party leaning towards an political party and therefore the attack is completely unwarranted.
Booters and Stressers:
These can push out up to 30Gbp/s when attacking and can charge as little as $18pm with 1 hour slots. Anyone with paypal, bitcoin etc can sign up to these. They are by no means reserved for the underground hacker groups.
MagicDude4Eva
Banned
I do think that a Radware DefensePro might protect from such attack behaviour - at least that's what they advertise. We tried the device and it failed (mostly due to poor local support and inexperience of the local reseller)
MSM Whores !
They should go to ZIM
Join the MDC
Make donations to the MDC
then
Print articles that are scathing of Mugabe --
and
then see what happens to their "rights to free expression" of those who [DO NOT] support Mr Mugabe.
Perhaps they should read about --> die Weiße Rose
VERY very stupid people these ( so called academics and intellectuals )
They should go to ZIM
Join the MDC
Make donations to the MDC
then
Print articles that are scathing of Mugabe --
and
then see what happens to their "rights to free expression" of those who [DO NOT] support Mr Mugabe.
Perhaps they should read about --> die Weiße Rose
CharlieBravo
Active Member
- Joined
- May 10, 2010
- Messages
- 85
- Reaction score
- 0
Nope - these products will claim to stop DDoS attacks but only if they are Layer4 attacks and some Layer7 attacks that match their signatures. These devices generally look for UDP or Syn packets to block. Layer7 is a totally different kettle of fish. They use POST/GET/HEAD requests so the firewall thinks its legit. The packet hits the server and send back the acknowledgement but the attack server/botnet never completes the request and this leaves the slot open if you like. Eventually the server accumulates all these requests that arent completing, totally overwhelming it before it falls over.
Having said that how many devices can stop a 30gbps attack in SA? Our pipes just wont handle it and the attack will most likely bottleneck the network before bringing the actual site down.
Having said that how many devices can stop a 30gbps attack in SA? Our pipes just wont handle it and the attack will most likely bottleneck the network before bringing the actual site down.
?
What do the Ingress keepers do ? ( the landing stations for the fibre International links )
What would a couple of hundred million p/m "legit" -- "trigger" comms do to the NSA ?
Block @ source
What do the Ingress keepers do ? ( the landing stations for the fibre International links )
What would a couple of hundred million p/m "legit" -- "trigger" comms do to the NSA ?
Bar0n
Executive Member
- Joined
- Nov 12, 2010
- Messages
- 5,552
- Reaction score
- 7
In the case of IOL: Block international traffic for a bit if you know the majority of your traffic is national.
Maverick Jester
The Special One
Ouch... a bit concerning for me. Will need to give IS a ring then...
Thanks for that piece of history, never knew about the White Rose Movement.
Beheaded, I thought that went out with the French Revolution.
Last edited: