PDA

View Full Version : What on earth..



White Blade
2006-01-09, 11:23 PM
Look, i can understand the whole lock up during the release hours of the strip, but what is up with the whole, "Oh, the forum reset, erase the last two hours of post!" thing. I had written up a really detailed thing about the lightsabers the characters in a PBP game that got zapped. What the heck?

RawBearNYC
2006-01-10, 12:11 AM
This happened as a result of our attempts to recover from the ongoing Denial of Service attacks against the server. Information is on the main news page.

And, dude, after spending hours battling a hacker bent on locking up the server, I'd prefer to not read disgruntled posts that start with "Look,...". In reality, even after a day spent getting licked by kittens, I'd still prefer not to read disgruntled posts that start with "Look,...".

White Blade
2006-01-10, 12:47 AM
Sorry. I just wanted to know why, it really annoyed me, seeing the circumstances I humbly apologize.

tape_measure
2006-01-10, 10:12 AM
yeah i too had the same happen to me. As frustrating as it was, i couldnt help but smile a bit at the kitten comment.

By the by, the site seems to doing well so far. Heh, I actually logged in quiickly....that hasnt happened in close to a month.
Way to Go!

RawBearNYC
2006-01-10, 10:52 AM
The DoS attack was only effective last Monday, Friday and yesterday. It didn't happen Tues, Wed, Thur, Sat or Sun. So, today's performance isn't indicative of anything. Tho, I'm hoping that alot of other problems might drop on this new server. Time will tell.

Samiam303
2006-01-10, 11:19 AM
Hey Rawbear, I had a question? Is it possible the attack is coming from something on Rich's computer? I mean, it only seems to happen on Comic Update Days...

RawBearNYC
2006-01-10, 11:42 AM
It's possible, yes. It's not likely tho. Most comuters used as DoS agents are Microsoft Windows and, more commonly, Linux PC's. Rich is using a Mac. If he turns his powerbook off when he's not using it then it can't be him. I don't know if he leaves it on all the time or not. It would be a neat trick to hack his computer to attack his site, but far more trouble than it's worth.

Samiam303
2006-01-10, 11:46 AM
Ah, I had forgotten he was using a Mac. I'm suggesting not so much that someone hacked his PC specifically to attack this site, but that it's just a Virus he got that's taking advantage of the fact the he connects to the server three times a week to upload comics. I mean, a friend of mine who hosts a webserver had a virus and was sending loads of spam e-mails from his domain without knowing it. Could it be something like that?

RawBearNYC
2006-01-10, 01:42 PM
The technology and the specific DoS attack doesn't work that way. If it were a virus is would be very specific (again, a feather in a hacker's cap, if he could pull that off). The attacks have started before he uploads the strip and the attacks have been on a Mon, a Fri and another Mon. So, there's no correlation between the uploads themselves and the attacks aside from them occurring on the same day.

Spammer viruses work differently and spoof the return addresses on the outgoing mail.

Samiam303
2006-01-10, 03:21 PM
Allright, I was just using the Spam thing to explain what I meant about it getting onto his PC. I hadn't realized that so much was actually known about what's going on. ;) ::)

Cheiromancer
2006-01-10, 03:54 PM
I don't understand why someone would launch a DOS attack on giantitp. While I don't claim to have much insight into the psychology of a hacker, I would have thought that they would go after a bigger target. Either for the status for humbling a mighty corporate entity, or to get revenge on a company for something unethical they did, or something like that.

But why would someone take offense at a free D&D webcomic?

Seerow
2006-01-10, 04:14 PM
Could this have anything to do with WWWWI?

Samiam303
2006-01-10, 04:26 PM
I don't understand why someone would launch a DOS attack on giantitp. While I don't claim to have much insight into the psychology of a hacker, I would have thought that they would go after a bigger target. Either for the status for humbling a mighty corporate entity, or to get revenge on a company for something unethical they did, or something like that.

But why would someone take offense at a free D&D webcomic?




Becuase they have no life and think it's funny? To irritate people like us? ...Why not?

RawBearNYC
2006-01-10, 06:32 PM
Hacking is a sort of vandalism. It provides a sense of pride for the hacker. Ever see an idiot at a concert with a laser pointer, trying to shine a dot on something on stage? They're trying to "touch" the stage, to have an effect on it. To be seen. Maybe the hacker hates Rich, cause he didn't get his book. Or Rich kicked him off the website cause he was a bigot (there have been a couple). Maybe the hacker loves the Order of the Stick and wants to make it his own by claiming control over it.

Hackers are children (even if they are of adult age), their actions lack mature considerations.

Zherog
2006-01-10, 07:59 PM
...their actions lack considerations.

There ya go, Ray. I fixed your last statement for you. ;D

RawBearNYC
2006-01-10, 08:21 PM
There ya go, Ray. I fixed your last statement for you. ;D
Cute, but in all seriousness, I think they consider the effect of their actions, just only the effect it has on them, giving them a little pathetic thrill or some overexagerated sense of power. But the consideration there, with maturity comes thinking of others.

Samiam303
2006-01-10, 11:15 PM
There ya go, Ray. I fixed your last statement for you. ;D

As RawBear said, that's exactly the problem: They put impressive levels of consideration into it, it's very well thought-out and planned to infiict maximum damage. It's nice to think that they're just inconsidarate, but just not accurate.

Cheiromancer
2006-01-11, 03:40 PM
As RawBear said, that's exactly the problem: They put impressive levels of consideration into it, it's very well thought-out and planned to infiict maximum damage. It's nice to think that they're just inconsidarate, but just not accurate.


Well, I'm glad they didn't do it today. ;D

The Giant
2006-01-11, 04:09 PM
Actually, I'm pretty sure they DID, or tried to. Luckily, RawBear and the ISP people have upgraded the site to be more resistant to such attacks. And it seems a bit zippier in general, too.

Samiam303
2006-01-11, 04:34 PM
Yeah, I've found it MUCH easier to load the site. Thanks a ton to all who participated in providing this great service to the GiantITP Community! ;D

Edna
2006-01-11, 05:44 PM
Actually, I'm pretty sure they DID, or tried to. Luckily, RawBear and the ISP people have upgraded the site to be more resistant to such attacks. And it seems a bit zippier in general, too.

Go, RawBear! And thanks to everyone who's been hard at work on this problem.

It's nice to be able to reach the site on a comic day--especially since I'm home sick today, and don't have the energy to do anything else. It's really too bad that one vandal can make so much trouble for everyone else.

Edna

RawBearNYC
2006-01-11, 06:57 PM
Actually, I'm pretty sure they DID, or tried to. Luckily, RawBear and the ISP people have upgraded the site to be more resistant to such attacks. And it seems a bit zippier in general, too.
Sorry to say, but I'm not completely in agreement. Last Wednesday the server was practically issue free. We took significant steps to protect the server, but I'll be able to sit back and say "whew" when Friday comes and there's no suffering. If there is, my hope is, you lot will wait patiently while I develop phenomonal cosmic power so I can smite this buttmunch from the comfort of my lviing room couch (then I'm going oafter spammers, shhhh, don't tell them, I want it to be a surprise).

Winged One
2006-01-11, 08:10 PM
Sorry to say, but I'm not completely in agreement. Last Wednesday the server was practically issue free. We took significant steps to protect the server, but I'll be able to sit back and say "whew" when Friday comes and there's no suffering. If there is, my hope is, you lot will wait patiently while I develop phenomonal cosmic power so I can smite this buttmunch from the comfort of my lviing room couch (then I'm going oafter spammers, shhhh, don't tell them, I want it to be a surprise).
Found a doily, have you? ;D

Anyway, thanks for upgrading it. I'd say it was worth my posts being eaten.

Samiam303
2006-01-12, 12:20 AM
Nice, I was wondering about that one... ::) ;D :P

Rethorn
2006-01-12, 12:19 PM
Could this have anything to do with WWWWI?


Yeah. Thats what I was gonna say. Giant, you haven't pissed Ebaum off lately have you? :) If it has anything to do with WWWW1 itll probably die down soon now that both sides have been relatively satisfied.

Tobaselly
2006-01-12, 01:06 PM
Can't you check the logs (or have your provider) for indications if the DDOS occured. That way you can tell if the upgrade had an affect or if they just didn't perform an attack.

Malachi, the Lich King
2006-01-12, 01:15 PM
Sorry to say, but I'm not completely in agreement. Last Wednesday the server was practically issue free. We took significant steps to protect the server, but I'll be able to sit back and say "whew" when Friday comes and there's no suffering. If there is, my hope is, you lot will wait patiently while I develop phenomonal cosmic power so I can smite this buttmunch from the comfort of my lviing room couch (then I'm going oafter spammers, shhhh, don't tell them, I want it to be a surprise).

Well, hopefully it will prove more resistant to the attacks. I wonder why Mondays and Fridays are the times being targeted but not Wednesdays? If I were inclined to do such things [and smart enough] I would be attacking every update day, not just 2 out of 3.

Samiam303
2006-01-12, 02:39 PM
Yeah. Thats what I was gonna say. Giant, you haven't pissed Ebaum off lately have you? :) If it has anything to do with WWWW1 itll probably die down soon now that both sides have been relatively satisfied.
Can anyone explain to me what "WWWW1" is? ...Is this something I should know? ::) ???

kriebly
2006-01-12, 02:51 PM
Can anyone explain to me what "WWWW1" is? ...Is this something I should know? ::) ???
A google search yielded suggestive pictures of jellyfish.

RawBearNYC
2006-01-12, 04:00 PM
Can't you check the logs (or have your provider) for indications if the DDOS occured. That way you can tell if the upgrade had an affect or if they just didn't perform an attack.

We don't want to log failed attempts at a DoS attack. We don't want the server to react to a SYN flood at all. We want it's resources to be dedicated only to legitimate requests. The server should be ignoring SYN flood requests, not logging them.

Rethorn
2006-01-13, 06:20 AM
A google search yielded suggestive pictures of jellyfish.


You won't find it with google. WWWW1 is the World Wide Web War 1. Basicly, Eric Bauman of Ebaums World stole someone else's work again and put it up on his sight. It was from a website called YTMND.com, and it was titled "Lindsay Lohan doesn't change facial expressions". Ebaums has been doing this to people for ages. However, what nobody expected was that they would rally an attack. They don't have forums. A YTMND is a picture background, some zooming words, and then music. Using the YTMNDs, they created "Fight for the for effort" YTMNDs and YTMNDs teaching people how to DDoS. Then at 11 PM on the night the GIF was put up on Ebaums they managed to get 3 thousand or so people from (unofficially) SomethingAweful, Fark, LUE, LUElinks, 4chan, IGN, and several other sites that Ebaum had stolen from and all logged onto his forums simultaneously and did whatever they could to screw with him in addition to the thousands of people DDoSing him.

The event is also referred to as YTMND-Day. Its actually quite amazing how many people they managed to get together in one day to do that and how organized they got, considering they're probably mostly teenagers (Apathy isn't a problem apparently) and don't have internet forums.

Some people from Ebaums, I believe, attempted to DDoS YTMND back. The site has been massively slow since then. Eric Bauman has a history of adding a 3 line code in his website so that whenever someone goes to it, it pings or does something to another website to eat their bandwith. They did it to SomethingAweful when they requested Eric Bauman take down something they had created.

Anyone ever teaching thousands of people to DDoS is never a good thing, and with OOTS being DDoSed on that day it may have something to do with that. Considering that YTMND has nothing (absolutely nothing) to do with OOTS, though, I don't believe that if it was a DDoS from them it wasn't intentional.

Samiam303
2006-01-13, 10:43 AM
However, it's quite possible that someone there learned to dDoS, got bored, wanted to try it and had nobody better to try it on then us...

Rawhide
2006-01-13, 10:49 AM
For a very good read on DDoS attacks, check out Steve Gibson of Gibson Research Corporation's "Attacks Against GRC.COM" diary. A very good read, I found it most interesting.
http://www.grc.com/dos/grcdos.htm


When you are done with that, you should also check out this page on Distributed Reflection Denial of Service.
http://www.grc.com/dos/drdos.htm

Tobaselly
2006-01-13, 10:53 AM
We don't want to log failed attempts at a DoS attack. We don't want the server to react to a SYN flood at all. We want it's resources to be dedicated only to legitimate requests. The server should be ignoring SYN flood requests, not logging them.

I was thinking check out the bandwidth logs actually. A DDOS should appear as odd peaks or increased bandwidth usage instead of whatever your normal traffic patterns are

RawBearNYC
2006-01-13, 02:11 PM
The good news is, it's Friday, the strip isn't up yet, and the site's not even broken a sweat. All is good in the land of Ray!

HempRope
2006-01-13, 03:59 PM
And the strip goes, up, and everything works. I heartily congratulate you.

Go have a drink.

Zherog
2006-01-13, 09:31 PM
Indeed. Nice job, Ray. :)