Overclockers ??? - Page 5

Mark · 22-01-2009, 00:45

Quote:

Originally Posted by A Place of Light

If I had my bag of double entendres with me right now, I'd behaving a field day

Is that a non sequitur, or just a missing space?

Anyway, been happening on and off for well over a week now. Usually DDoS attacks last a few hours, or a day. Someone must really have a problem to sustain an attack this long.

Attacks on a friend's site or whatever are an annoyance. Attacking a company, and indirectly the livelihood of every employee working there, just isn't on.

Involving plod is no guarantee. The 'proper' hackers who do this sort of thing for a living (usually based in Russia and various other countries with rather chaotic legal systems) know how to cover their tracks. Suspicion doesn't get you a conviction.

A Place of Light · 22-01-2009, 00:51

Quote:

Originally Posted by Mark

Involving plod is no guarantee. The 'proper' hackers who do this sort of thing for a living (usually based in Russia and various other countries with rather chaotic legal systems) know how to cover their tracks. Suspicion doesn't get you a conviction.

That's an interesting point, as I was talking from the perspecitve that it's down to someone in the UK with a grudge against them personally.
If they're based somewhere like Russia-ski then the legal standpoint is weakened considerably.

Jhadur · 22-01-2009, 01:09

Just had an email from OCuk saying that they are having difficulties with the website and here are all our contact phone numbers if you want to get hold of us.

(shop numbers that is not personal)

divine · 22-01-2009, 01:21

Quote:

Originally Posted by A Place of Light

That's an interesting point, as I was talking from the perspecitve that it's down to someone in the UK with a grudge against them personally.
If they're based somewhere like Russia-ski then the legal standpoint is weakened considerably.

Anyone with an ounce of sense wouldn't be doing it themselves, they'll have 'employed' some russian or korean to do it. If they were, I suspect someone with the ability to create a bot net big enough to take down OcUK themselves can probably cover their tracks pretty well too.

What makes it hard to trace either way though, is the fact that none of the attacks will be made from the perpetrators PC, so even if they somehow managed to identify the bot net etc. it's a whole new task again to link that to an individual.

Which is why he's offering up £10k for someone to grass something helpful I suspect, he knows full well he probably can't trace them and this time, I doubt Donal Murphy will be much help

Chuckles · 22-01-2009, 01:30

Quote:

Originally Posted by divine

Which is why he's offering up £10k for someone to grass something helpful I suspect, he knows full well he probably can't trace them and this time, I doubt Donal Murphy will be much help

Thing is, even if the person gets grassed up, it isn't going to help secure a conviction. For the reasons you gave above, it would be near impossible to conclusive prove the persons guilt using evidence.

Mark · 22-01-2009, 01:35

Might be enough to send in the plod and get a forensic analysis of their PC though. Russian dude may know how to cover his tracks, but does the guy hiring him?

divine · 22-01-2009, 01:39

Quote:

Originally Posted by Chuckles

Thing is, even if the person gets grassed up, it isn't going to help secure a conviction. For the reasons you gave above, it would be near impossible to conclusive prove the persons guilt using evidence.

Indeed.

A bot net based DDoS attack is almost the perfect crime really, as you'd have to do something exceptionally stupid to link yourself to it to such a degree.

Chuckles · 22-01-2009, 02:10

Quote:

Originally Posted by Mark

Might be enough to send in the plod and get a forensic analysis of their PC though. Russian dude may know how to cover his tracks, but does the guy hiring him?

True, but I'd classify using your home PC to perpetrate the crime as a pretty major mistake!

Organise it through a cybercafe, library etc and it'd be impossible to prove. Even on a laptop on a wifi hotspot or unsecured wireless on a hard drive which is subsequently trashed would be good enough.

Garp · 22-01-2009, 06:08

DDoS's are an absolute pain to deal with. If you're lucky they come from an identifiable network / AS, but more often than not they're from everywhere and it's mother. Most bot nets used are triggered from various almost entirely anonymous sources. Older ones listen in on certain IRC channels, others check a set of servers, a list of which can be updated on the fly should the crackers feel under threat.

One of the customers at my previous job came under what could loosely be described as a DDoS. They're a major e-bay based used car company running their own server / website that gets a fair amount of business on a daily basis. For whatever reason someone decided to target them. There was nothing obvious going on other than that the server was running a bit hard. They reported the server running slow and I must admit it took us a while of head scratching (probably an hour) before I thought to check the network usage graphs, after which a quick tcpdump+wireshark revealed one (Swedish) ISP's network as being the source of 90% of the traffic. Filtered at egress to our network and all became well with customers box.

Others of our customers weren't so lucky. About all you can do is stick a riverhead (or similar) device to sit and look at the traffic and hope it can learn to spot the good and the bad. They're usually pretty good at it, but there is only so much you can achieve.

Justsomebloke · 22-01-2009, 06:29

How Frustrating must it be for Spie though, Untold wealth, Superb business, Fantastic Forums & Social side & some little unknown pulls it to bits using a Keyboard.
The term Keyboard Warrior doesn't sound so Light now.

In the back of my mind I am worried for those that work there, With the economy skidding along the floor on its arse I would have thought every single business out there needs every single customer they can get. How long can OcUK be viable as a business if customers cannot access the site to order.
Having wrote that I do get the feeling that Mark is the kind of chap that would fight tooth & nail to sort it even to the detroment of himself & the business. Kind of a I don't care what it costs or what I lose I am sticking it out & no **** is beating me sort of thing.

The Bloke/Shop/Forums has my Full support as Always.

22-01-2009, 01:09	#43
Jhadur Peter Pan Join Date: Jul 2006 Location: Lost Inside My Head Posts: 1,068	Just had an email from OCuk saying that they are having difficulties with the website and here are all our contact phone numbers if you want to get hold of us. (shop numbers that is not personal) __________________ "Life moves pretty fast. If you don't stop and look around once in awhile, you could miss it."

22-01-2009, 06:08	#49
Garp Preparing more tumbleweed Join Date: Jun 2006 Location: Hawaii Posts: 6,038	DDoS's are an absolute pain to deal with. If you're lucky they come from an identifiable network / AS, but more often than not they're from everywhere and it's mother. Most bot nets used are triggered from various almost entirely anonymous sources. Older ones listen in on certain IRC channels, others check a set of servers, a list of which can be updated on the fly should the crackers feel under threat. One of the customers at my previous job came under what could loosely be described as a DDoS. They're a major e-bay based used car company running their own server / website that gets a fair amount of business on a daily basis. For whatever reason someone decided to target them. There was nothing obvious going on other than that the server was running a bit hard. They reported the server running slow and I must admit it took us a while of head scratching (probably an hour) before I thought to check the network usage graphs, after which a quick tcpdump+wireshark revealed one (Swedish) ISP's network as being the source of 90% of the traffic. Filtered at egress to our network and all became well with customers box. Others of our customers weren't so lucky. About all you can do is stick a riverhead (or similar) device to sit and look at the traffic and hope it can learn to spot the good and the bad. They're usually pretty good at it, but there is only so much you can achieve. __________________ Mal: Define "interesting"? Wash: "Oh, God, oh, God, we're all gonna die"?

22-01-2009, 06:29	#50
Justsomebloke The Night Worker Join Date: Jul 2006 Posts: 5,228	How Frustrating must it be for Spie though, Untold wealth, Superb business, Fantastic Forums & Social side & some little unknown pulls it to bits using a Keyboard. The term Keyboard Warrior doesn't sound so Light now. In the back of my mind I am worried for those that work there, With the economy skidding along the floor on its arse I would have thought every single business out there needs every single customer they can get. How long can OcUK be viable as a business if customers cannot access the site to order. Having wrote that I do get the feeling that Mark is the kind of chap that would fight tooth & nail to sort it even to the detroment of himself & the business. Kind of a I don't care what it costs or what I lose I am sticking it out & no **** is beating me sort of thing. The Bloke/Shop/Forums has my Full support as Always. __________________

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

22-01-2009, 01:35	#46
Mark Screaming Orgasm Join Date: Jul 2006 Location: Newbury Posts: 15,194	Might be enough to send in the plod and get a forensic analysis of their PC though. Russian dude may know how to cover his tracks, but does the guy hiring him?