<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by acw:
Will,
Do you have any idea where the attacks come from?<HR></BLOCKQUOTE>
russia is the place most frequently mentioned, going back some years, with these type of attacks so that would be the best guess although tu lu ming claims panama.
i don't think pinnacle has any idea of the origin but i think WWTS was also attacked with some of that coming from london so some division of Scotland Yard is investigating. of course same does not mean that the attack originated from london --- maybe just that a lot of the traffic was routed via an IP in london.
Will,
Do you have any idea where the attacks come from?<HR></BLOCKQUOTE>
russia is the place most frequently mentioned, going back some years, with these type of attacks so that would be the best guess although tu lu ming claims panama.
i don't think pinnacle has any idea of the origin but i think WWTS was also attacked with some of that coming from london so some division of Scotland Yard is investigating. of course same does not mean that the attack originated from london --- maybe just that a lot of the traffic was routed via an IP in london.
Well, it's not Kevin Mitnik. He was the first of the high-publicity hacker arrests years ago. Even after he got out of jail, he was not allowed to touch a computer for several years. You can be sure that even though he is now a free man, the FBI (il)legally still taps his communications and monitors his every move.
My guess is that the FBI could get Yahoo to monitor any access to that email address. However, I suspect that Hollywood has not actually contacted FBI or Scotland Yard. (And if I am wrong, I hope the hackers agree with me and get caught with their pants down .)
As for the books, I mentioned this once before in another thread: after Ebay got attacked a few years ago, they help develop some special router or firewall device that detects and ignores DOS attacks.
Now, some good news that I just remembered: DonBest tech guy told me about this last year when they got DOS attacked and they used it.
Soooo.... Hollywood, WWTS, etc. CALL DON BEST and ask their tech guys who makes this box and how you can get one!!!!
I hope this helps.
My guess is that the FBI could get Yahoo to monitor any access to that email address. However, I suspect that Hollywood has not actually contacted FBI or Scotland Yard. (And if I am wrong, I hope the hackers agree with me and get caught with their pants down .)
As for the books, I mentioned this once before in another thread: after Ebay got attacked a few years ago, they help develop some special router or firewall device that detects and ignores DOS attacks.
Now, some good news that I just remembered: DonBest tech guy told me about this last year when they got DOS attacked and they used it.
Soooo.... Hollywood, WWTS, etc. CALL DON BEST and ask their tech guys who makes this box and how you can get one!!!!
I hope this helps.
A very efective way to defend yourself in a more secure way, is to buy one of this Bad Boys, it worth it. Also you should be updating your servers with all the Windows Update and Critical Updates. It is a pain on the butt.
Firewall
http://www.watchguard.com/products/
Firewall
http://www.watchguard.com/products/
I see a lot of posts regarding buying equipement to protect agains a DDOS.
Although the attack will cause the servers at the sportsbook to run at much higher % utilization the real problem is the quantity of bandwidht used by the attackers. Even if the equipement used at the entrace of the network can drop the bad traffic there is nothing left bandwidht wise for the legitimate traffic.
Although the attack will cause the servers at the sportsbook to run at much higher % utilization the real problem is the quantity of bandwidht used by the attackers. Even if the equipement used at the entrace of the network can drop the bad traffic there is nothing left bandwidht wise for the legitimate traffic.
Thanks a bunch for all the support guys. At this moment we're doing everything we can to put an end to this attack.
As we have posted before, we have enough staff to write all the action over the phone. Please call us to get in your wagers.
Thanks to all of you guys that have brought ideas to the table, we'll keep you guys posted.
One more thing. All our customers can rest assured that all their confidential information is at safe places. We don't keep this info in our system, as a form to prevent any breach of security.
To all other shops under attack:
Please do not give in. If we pay once, we'll have to pay again.
Jay:
Thanks for the call, we'll look into it.
Will
Hollywood International
1-800-220-0002
As we have posted before, we have enough staff to write all the action over the phone. Please call us to get in your wagers.
Thanks to all of you guys that have brought ideas to the table, we'll keep you guys posted.
One more thing. All our customers can rest assured that all their confidential information is at safe places. We don't keep this info in our system, as a form to prevent any breach of security.
To all other shops under attack:
Please do not give in. If we pay once, we'll have to pay again.
Jay:
Thanks for the call, we'll look into it.
Will
Hollywood International
1-800-220-0002
<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by exilarch:
Hollywood is smart.They keep in contact with the players via the RX and they let us know what is going on. I wish all books would do this. Would cut down on a lot of speculation.<HR></BLOCKQUOTE>
that would make sense
Hollywood is smart.They keep in contact with the players via the RX and they let us know what is going on. I wish all books would do this. Would cut down on a lot of speculation.<HR></BLOCKQUOTE>
that would make sense
about kevin for those of you who don't know
http://www.cnn.com/2003/TECH/internet/02/11/hacker.hacked.ap/
http://www.cnn.com/2003/TECH/internet/02/11/hacker.hacked.ap/
The issue is what type of bandwith the books are using. If it's a 2-10meg line, it doesnt take too many pc's on a dsl line to cause a DoS. If they tried that on someone using a 40-100 meg line they would need a serious trojan to get the site tied up. But at this point the ISP is the only one who can help by blocking ip numbers further up the line. Can't imagine the FBI being much help to sportsbooks....
TTinCO,
You are a 100% right, there is no way to prevent all DOS Attacks, but using a good hardware combine with the tons of Updates and Patchs, logical firewalls, you are able to prevent being part of the reflection of the DOS Attacks, because there is a million of tools to reflect an attack, thats the reason that we can not catch those guys. This morning he was using a server from Racsa Costa Rica Link and two hours ago he was using several different server all over US.
Smurf DoS attack uses a forged ICMP (Internet Control Message Protocol) echo request. Other DoS tools, like the TFN (Tribe Flood Network) family, use the SYN flooding techonique, which creates half-open connections. Playing with ports on your firewall and Access Layer of your link can gave you a path to follow.
2002, it was not a very good year to this company http://grc.com/dos/drdos.htm they are being studying a lot of different cases.
[This message was edited by lessthanzero on September 20, 2003 at 05:01 PM.]
[This message was edited by lessthanzero on September 20, 2003 at 05:01 PM.]
You are a 100% right, there is no way to prevent all DOS Attacks, but using a good hardware combine with the tons of Updates and Patchs, logical firewalls, you are able to prevent being part of the reflection of the DOS Attacks, because there is a million of tools to reflect an attack, thats the reason that we can not catch those guys. This morning he was using a server from Racsa Costa Rica Link and two hours ago he was using several different server all over US.
Smurf DoS attack uses a forged ICMP (Internet Control Message Protocol) echo request. Other DoS tools, like the TFN (Tribe Flood Network) family, use the SYN flooding techonique, which creates half-open connections. Playing with ports on your firewall and Access Layer of your link can gave you a path to follow.
2002, it was not a very good year to this company http://grc.com/dos/drdos.htm they are being studying a lot of different cases.
[This message was edited by lessthanzero on September 20, 2003 at 05:01 PM.]
[This message was edited by lessthanzero on September 20, 2003 at 05:01 PM.]
Gentlemen:
We just posted this in another thread, so we thought we should post it here as well. The following is the extortion letter we first received:
<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>From: Kevin Mitnik [mailto:weekendattackers@yahoo.com]
Sent: Friday, September 19, 2003 8:46 AM
To: info@hollywoodsportsbook.com
Cc: cs@hollywoodsportsbook.com; help@hollywoodsportsbook.com; accounts@hollywoodsportsbook.com; banking@hollywoodsportsbook.com; manager@hollywoodsportsbook.com
Subject: Under attack
Dear Sportsbook operator,
Your site has been targeted for an attack this weekend. This may already be happening as this email is being sent.
You have a flaw in your network that will allow this attack to take place. Once the attack starts, no one will be able to find your website.
You have 2 choices. You can ignore this email and try to keep your site up, which will cost you tens of thousands of dollars in lost wagers and customers, or you can send us $30k by Western Union to make sure that your site experiences no problems. If you send the $30k your site will be protected not just this weekend, but for the next 12 months. This will let you enjoy business with no worry.
If you choose not to pay for our help, then you will probably not be in business much longer, as you will be under attack each weekend for the next 20 weeks, or until you close your doors.
You can always choose to wait, see what happens, and then contact us for our help when you realize you can't do it yourself, however, then it will cost you more and your site will still be down. The choice is yours as we await your response
p.s. The sites that were attacked and paid last weekend are happy that they paid and are protected and look forward to a profitable football season.<HR></BLOCKQUOTE>
We need to make something really clear, because our interest is to be as forth coming as possible. We have no facts to prove that other shops paid. It might be one more thing these scumbags are saying, just to make it easier for them to collect the money. And in the remote case that OTHERS did pay, we ARE still NOT paying.
***IMPORTANT NOTICE FOR ALL OUR CUSTOMERS***
We have always taken all personal and confidential information out of our customers' data base. We manually write all this info in paper and file it. Old fashioned? Perhaps, but at least we are now sure that NO HACKER will EVER get his hands on our data base. We have been doing this for years now.
That's actually the reason why the list of Hollywood players has never been for sale either. Even if we were to be hacked, they wouldn't get ANYTHING.
Besides, a DDoS attack simply means unavailability of band with. Not a breach of security.
Will
Hollywood International
1-800-220-0002
We just posted this in another thread, so we thought we should post it here as well. The following is the extortion letter we first received:
<BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>From: Kevin Mitnik [mailto:weekendattackers@yahoo.com]
Sent: Friday, September 19, 2003 8:46 AM
To: info@hollywoodsportsbook.com
Cc: cs@hollywoodsportsbook.com; help@hollywoodsportsbook.com; accounts@hollywoodsportsbook.com; banking@hollywoodsportsbook.com; manager@hollywoodsportsbook.com
Subject: Under attack
Dear Sportsbook operator,
Your site has been targeted for an attack this weekend. This may already be happening as this email is being sent.
You have a flaw in your network that will allow this attack to take place. Once the attack starts, no one will be able to find your website.
You have 2 choices. You can ignore this email and try to keep your site up, which will cost you tens of thousands of dollars in lost wagers and customers, or you can send us $30k by Western Union to make sure that your site experiences no problems. If you send the $30k your site will be protected not just this weekend, but for the next 12 months. This will let you enjoy business with no worry.
If you choose not to pay for our help, then you will probably not be in business much longer, as you will be under attack each weekend for the next 20 weeks, or until you close your doors.
You can always choose to wait, see what happens, and then contact us for our help when you realize you can't do it yourself, however, then it will cost you more and your site will still be down. The choice is yours as we await your response
p.s. The sites that were attacked and paid last weekend are happy that they paid and are protected and look forward to a profitable football season.<HR></BLOCKQUOTE>
We need to make something really clear, because our interest is to be as forth coming as possible. We have no facts to prove that other shops paid. It might be one more thing these scumbags are saying, just to make it easier for them to collect the money. And in the remote case that OTHERS did pay, we ARE still NOT paying.
***IMPORTANT NOTICE FOR ALL OUR CUSTOMERS***
We have always taken all personal and confidential information out of our customers' data base. We manually write all this info in paper and file it. Old fashioned? Perhaps, but at least we are now sure that NO HACKER will EVER get his hands on our data base. We have been doing this for years now.
That's actually the reason why the list of Hollywood players has never been for sale either. Even if we were to be hacked, they wouldn't get ANYTHING.
Besides, a DDoS attack simply means unavailability of band with. Not a breach of security.
Will
Hollywood International
1-800-220-0002
WILL........the letter says "send us 30k by western union"
might as well say send us a check for 30k.........
seems to me if they really wanted money.......they would come up with a better idea of getting it.........
probably just like most other hackers they do it just to cause problems...
might as well say send us a check for 30k.........
seems to me if they really wanted money.......they would come up with a better idea of getting it.........
probably just like most other hackers they do it just to cause problems...
I WONDERED ABOUT THAT...HOW THE HELL WOULD THEY COLLECT THE MONEY?
WE HAVE TO JUMP THROUGH HOOPS TO COLLECT A COUPLE THOUSAND, WHAT WOULD THEY HAVE TO DO TO COLLECT 30,000?
I HOPE THE FBI SETS THEM UP, AND SENDS THE MONEY, AND IS THERE WAITING FOR THEM WHEN THEY COLLECT.....
WE HAVE TO JUMP THROUGH HOOPS TO COLLECT A COUPLE THOUSAND, WHAT WOULD THEY HAVE TO DO TO COLLECT 30,000?
I HOPE THE FBI SETS THEM UP, AND SENDS THE MONEY, AND IS THERE WAITING FOR THEM WHEN THEY COLLECT.....
