Latest Update..

[wilheim]

TheRX continues to be attacked by a large and sophisticated DOS. We are making every effort to fight off the attack, but it is a very difficult task.

Our team has worked around the clock to put together a solution, but it is going to take a few days to get it in place. We appreciate everybody's patience and understanding during this difficult time.

Please stay tuned as we truly are doing everything possible to have this attack defeated in no more than a few days (hopefully by Saturday's football).


Thank you all for your patience and loyalty, wilheim...

 

[wilheim]

Many thanks to the posters who have sent me so many encouraging emails. You guys make even this worth it..


I am very humbled by the outpouring of support behind the scenes.


Thanks, wil...

 

[roxymusic]

Hope that you can find and bring to prosecution the bastards behind all of this. This is the first post that I've been able to read the last few days. Has there there any attempt to extort yet? I know that you said there were none earlier.

 

[wilheim]

roxy music

This DOS is not about financial extortion so I doubt if we will get a demand for cash.



wilheim

 

[Cusipz]

More likely than not it is financial, they just aren't extorting you.

It's not cheap to rent a botnet running sophisticated db attacks on a forum. The russians charge good money for a thousand or so infected machines. A similar attack was used against a company I worked for.

It clearly is a sophisticated attack, as those run from a single-group range of IPs is easily defeated. So it's likely a combination of machines from diverse IPs running custom scripts designed to attack a flaw in the forum software.

So we probably have to wait for Vbulletin to issue a patch.

 

[bilbal]

There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.

 

[PO69]

Site is up at this time

 

[MistaFlava]

wow this is getting nuts.

not sure whether to post picks or not...my week 2 picks were erased.

good luck figuring it out guys

 

[steaktartar]

Site is up at this time

good thing i saw this post or i wouldnt have known

 

[GoBlue34]

There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.

Running a large IT department myself, I agree with this post.

 

[DayTraderNation]

Running a large IT department myself, I agree with this post.

Anyway you could help them out on this issue? Or too much? I would think any help would be better then none at this point! Can this be done over the internet (the help) or done in person, physically being there?

 

[quantumleap]

There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.

I agree. If you think of how many web sites there are that *aren't* vulnerable to a DOS attack it would lead me to believe that there are safeguards against such things, even sophisticated attacks. I'm sure Microsoft or financial company web sites would have people who would want them to be down but aren't.

 

[wilheim]

For the record..

I would like to call on you to all to kindly rest assured that we do have a plan in place and will defeat these attacks soon. The IT outfit that is doing the attacking is extremely well versed in these matters (possibly as good as any worldwide when it coms to DOS issues) and know all of the tricks from both sides of the fence.

They are like bedbugs, once you get them in your house it is hard to get rid of them but we most certainly will.



Thanks for your understanding, loyalty and patience, wil..

 

[bigbet1234]

Give'em hell Willy

Many thanks to the posters who have sent me so many encouraging emails. You guys make even this worth it..


I am very humbled by the outpouring of support behind the scenes.


Thanks, wil...

 

[bigbet1234]

:missingte

Leave it to PO69 for the breaking updates.

Damn I feel bad for this guy, I really do

good thing i saw this post or i wouldnt have known

 

[aceduecetrey]

Personally I think it is funny that they think this shit can work. I have no idea who it is, but I say fuck them and hopefully, it will come to light and we will go ahead and get them back in the only way we can and no longer use them.

 

[wolfie_cr]

Since everyone thinks its so 'easy' to counterattack a DoS attack I will just add my 2 cents on the issue.

There is no such thing as 'a site that is NOT vulnerable to a DoS attack' just as there is NO site that is 'not vulnerable to a hacking attempt', if something its exposed to the internet.....its vulnerable whether its because of lack of filtering/small pipe/vulnerabilities in the daemons that are running etc

You have sites that have been hacked, sites that have not been hacked yet and sites that don't know they been hacked

Depending on the resources you have available in both analyzing/filtering the attack with your upstream providers (and if the upstream providers are competent in this area....which is not guarranteed at all) it can be very hard to defeat an attack, specially if the attack is well designed so that a silly/simple null route......packet filtering etc doesn't do trick


CNN, Yahoo, Ebay etc have all been subject to crippling DDoS attacks...as well as very large sportsbooks that are also based in the UK (and those are the ones that were succesful at prosecuting the crooks....because the local autorities stepped in)

Bottom line, if it would be THAT simple there would not be companies specializing in preventing/defeating these attacks for BIG bucks

 

[GoBlue34]

Never said it was THAT easy but a site THIS big should have people that CAN help them stop the LARGE attack they are facing.

While I'm sure it's a bitch to figure out, we are going on almost a week now?

 

[wolfie_cr]

While I'm sure it's a bitch to figure out, we are going on almost a week now?

I might be wrong but I thought the initial issue was a meltdown of the database NOT a DDoS attack, totally separate things, now regarding THAT I could say that the backup strategy should have been much tighter to prevent losing days of posts but its a totally different issue

 

[douglas]

Wil .........your ex military ......you need to counter attack these Commies .........I got your back !