07/23/2020 DDOS attack on forum & fix - do you notice any complications?

This section will contain posting guidelines for the forum along with any other information that is relevant to this forum.
Locked
User avatar
neptronix   100 GW

100 GW
Posts: 14320
Joined: Jun 15 2010 5:56pm
Location: California refugee living in Utah, USA
Contact:

07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by neptronix » Jul 24 2020 10:01am

Hey all. The forum got hit by a pretty nicely designed DDOS last night. I went through and analyzed the traffic pattern and added some extra server rules which are quite restrictive.

Do let me know if you have issues viewing and using the forum as a result. More particularly if images aren't loading, etc.
"Love and compassion are necessities, not luxuries. Without them, humanity cannot survive." - Dalai Lama

My first major build: 1.6kW 8T MAC motor on a Trek 4500.
The new all-arounder: Leafmotor 1500w @ 4kW on a Turner O2 full suspension.
The monster scooter: 20" eZee on a Cannondale Semi Recumbent.
Whipper-snapper: ? on a lightweight BikeE Semi Recumbent

User avatar
marty   10 MW

10 MW
Posts: 2401
Joined: Apr 19 2007 5:44pm
Location: Buffalo, New York USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by marty » Jul 24 2020 6:57pm

DDOS = distributed denial-of-service

Well, thanks for fighting off the attack. Much appreciated :)

Everything looks good from here.
MARTY
Volt Electric Vehicles
http://www.voltev.com

User avatar
amberwolf   100 GW

100 GW
Posts: 30787
Joined: Aug 17 2009 6:43am
Location: Phoenix, AZ, USA, Earth, Sol, Local Bubble, Orion Arm, Milky Way, Local Group
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by amberwolf » Jul 24 2020 7:02pm

So far no issues, and it's actually snappier response than usual for this time of day, but I'll post any I find here.

Balmorhea   100 kW

100 kW
Posts: 1492
Joined: Oct 01 2019 8:30pm
Location: Austin

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by Balmorhea » Jul 25 2020 2:50am

I was browsing the forum at the time it happened. Didn’t know what the deal was, but it was obvious that something broke. I wonder what was the point?
___________
Finish Reconstruction.

User avatar
marty   10 MW

10 MW
Posts: 2401
Joined: Apr 19 2007 5:44pm
Location: Buffalo, New York USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by marty » Jul 25 2020 4:46am

People who want what ever they are selling to come up higher on the search engines will post links on forums. Search engines use spider robots. When these spiders see links to a certain product or web site, they rank them higher because they think people are linking to them.

Example - Check out the new sheets I bought from https://www.jcpenney.com/ I looked around on the internet and they seemed to have the lowest price and I can save on shipping by picking up at the store. Got a pink extra long sheet to put on the couch. Protect your couches and they will last longer. How will these sheets hold up? Only time will tell.

When a search engine spider reads the above text is might surmise that JCPenney is a good place to look for sheets, extra long sheets, and pink sheets. When people search for these items on the internet, JCPenney should come up higher on the first page.

I would guess that the intention of the DDOS creators is to plant robots in the server. These robots will post links to whatever they are selling. Or whoever they are trying to get elected. I might be wrong about this?

Some of the members here seem like computer chat robot trolls with artificial intelligence, programed to alter the US election or sell bedding for JCPenney?
MARTY
Volt Electric Vehicles
http://www.voltev.com

User avatar
ridethelightning   1 MW

1 MW
Posts: 1912
Joined: Jul 21 2013 9:48pm

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by ridethelightning » Jul 25 2020 5:00am

i noticed i could not get into the sphere last night. pics from es would come up on google but i couldnt get to the forum

User avatar
neptronix   100 GW

100 GW
Posts: 14320
Joined: Jun 15 2010 5:56pm
Location: California refugee living in Utah, USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by neptronix » Jul 25 2020 5:59pm

Balmorhea wrote:
Jul 25 2020 2:50am
I was browsing the forum at the time it happened. Didn’t know what the deal was, but it was obvious that something broke. I wonder what was the point?
They wanted to take the server down by overloading the database with SQL injections that caused expensive queries to run. It was only partially effective. I don't know why we were targeted.

Of all my server administration clients, ES has been attacked the most and required the most attention. Possibly by someone who was banned or does not like the owner, ebikes, etc. Who knows.
marty wrote:
Jul 25 2020 4:46am
I would guess that the intention of the DDOS creators is to plant robots in the server. These robots will post links to whatever they are selling. Or whoever they are trying to get elected. I might be wrong about this?
No, and that would be really, really, really hard to do. There are easier ways to set up spambots with legitimate user accounts. And our moderation team gets to deal with that fun part of things..
"Love and compassion are necessities, not luxuries. Without them, humanity cannot survive." - Dalai Lama

My first major build: 1.6kW 8T MAC motor on a Trek 4500.
The new all-arounder: Leafmotor 1500w @ 4kW on a Turner O2 full suspension.
The monster scooter: 20" eZee on a Cannondale Semi Recumbent.
Whipper-snapper: ? on a lightweight BikeE Semi Recumbent

AngryBob   1 kW

1 kW
Posts: 358
Joined: Jul 10 2019 4:37pm

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by AngryBob » Jul 26 2020 3:48pm

neptronix wrote:
Jul 25 2020 5:59pm
Possibly by someone who was banned or does not like the owner,
I got 20$ says it was Eric.

No hijack, no spam, just petty annoyance. This is Erick Hicks of Lunacycle in a nutshell.

Well, you all let him get away with criminal acts in the past, so I guess you folks are just OK with it?
"Not being treated like a dumb dick is one of the incentives we have to become less stupid." - Balmorhea.

User avatar
Dauntless   100 GW

100 GW
Posts: 9910
Joined: May 29 2010 1:49am
Location: Coordinates: 33°52′48″N 117°55′43″W

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by Dauntless » Jul 27 2020 12:41am

I can't say I've seen a glitch beyond my unreliable local connection.
neptronix wrote:
Jul 25 2020 5:59pm
Of all my server administration clients, ES has been attacked the most and required the most attention. Possibly by someone who was banned or does not like the owner, ebikes, etc. Who knows.
Any pattern of what's been getting posted at the time? Like a poster suddenly gets angry?
AngryBob wrote:
Jul 26 2020 3:48pm
Well, you all let him get away with criminal acts in the past, so I guess you folks are just OK with it?
But you think he would attack the board that way but not register and try to degrade topics? The programming can be fixed, but if he could run everyone off that would achieve the apparent goal. I think a more motivated attacker thinks like Neps.
Any sufficiently advanced technology is INDISTINGUISHABLE FROM MAGIC!
- Arthur C. Clarke

AngryBob   1 kW

1 kW
Posts: 358
Joined: Jul 10 2019 4:37pm

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by AngryBob » Jul 27 2020 6:01am

Oh, he's Motivated, he's just not very bright. Does have money to spend, though.

I haven't noticed any of his fake accounts or paid shills being active lately, have you? He would certainly find that deeply frustrating if his mouthpieces were muzzled.

A DDOS attack is not an attempt to hack in, just to shut down the site. Could be random, of course, but if ES was specifically targeted, who else makes a better suspect?

Any IP address locations obtained, like in California, perhaps?
"Not being treated like a dumb dick is one of the incentives we have to become less stupid." - Balmorhea.

User avatar
neptronix   100 GW

100 GW
Posts: 14320
Joined: Jun 15 2010 5:56pm
Location: California refugee living in Utah, USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by neptronix » Jul 27 2020 11:53am

AngryBob wrote:
Jul 26 2020 3:48pm
Well, you all let him get away with criminal acts in the past, so I guess you folks are just OK with it?
Please save your conspiracy theories and accusations of inaction for another thread.

I just want to know if the site is functioning the same for you guys after i have patched against this type of attack, because it could have affected those who use it, and your experience of ES is extremely important to me.

Unlike many years ago, we have regular redundant backups, we have a ridiculously locked down backend, and we have two systems administrators available to respond to issues like this. Our downtime is a fraction of what it used to be, but there will always be oddball events like this. We'll be ok!

Identifying a suspect is a lot less important than patching against attacks so that they never happen again.
"Love and compassion are necessities, not luxuries. Without them, humanity cannot survive." - Dalai Lama

My first major build: 1.6kW 8T MAC motor on a Trek 4500.
The new all-arounder: Leafmotor 1500w @ 4kW on a Turner O2 full suspension.
The monster scooter: 20" eZee on a Cannondale Semi Recumbent.
Whipper-snapper: ? on a lightweight BikeE Semi Recumbent

User avatar
neptronix   100 GW

100 GW
Posts: 14320
Joined: Jun 15 2010 5:56pm
Location: California refugee living in Utah, USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by neptronix » Jul 27 2020 12:12pm

Dauntless wrote:
Jul 27 2020 12:41am
Any pattern of what's been getting posted at the time? Like a poster suddenly gets angry?
That's extremely time consuming and not worth looking into because taking action to remedy and prevent a future attack is 100x faster than going on a witch hunt. The results of a witch hunt need to result in legal action which is expensive in both time and financial resources, both of which we don't have. Prosecuting a hacker doesn't make us any more secure against a future one.

Most of the time an attacker is a bot that's indiscriminately attacking the web at large, trying to gain access to systems that aren't adequately secured. As a linux systems administrator, i see server logs so full of this type of this low effort script kiddie shit every day. Your disk will fill up with these logs if you don't use log rotation, lol. The second you expose an IP address to the internet, someone is trying to hack it, and that's just a fact of how this game of cat and mouse is.

If someone was actually persistent and clever in attacking us, i'd take notice and investigate into who is doing it. But i have never seen anything serious enough to give a shit about who is behind it.
"Love and compassion are necessities, not luxuries. Without them, humanity cannot survive." - Dalai Lama

My first major build: 1.6kW 8T MAC motor on a Trek 4500.
The new all-arounder: Leafmotor 1500w @ 4kW on a Turner O2 full suspension.
The monster scooter: 20" eZee on a Cannondale Semi Recumbent.
Whipper-snapper: ? on a lightweight BikeE Semi Recumbent

AngryBob   1 kW

1 kW
Posts: 358
Joined: Jul 10 2019 4:37pm

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by AngryBob » Jul 27 2020 9:21pm

Eric has doxxed at least two people on this website. Ask Ypedal, Methods, or Marty. Or I could send you the screenshot.

$1000 Cash offered.

There was definite action taken to prevent prosecution. I can tell you who, and I can prove it.
"Not being treated like a dumb dick is one of the incentives we have to become less stupid." - Balmorhea.

User avatar
ZeroEm   100 kW

100 kW
Posts: 1015
Joined: May 03 2019 11:53am
Location: San Antonio, TX

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by ZeroEm » Jul 27 2020 9:32pm

Have not tried to up load pics but seems fine neptronix.
abundans cautela non nocet
2019 Performer E-Trike 9w/km
2013 Nissan Leaf S 7 bars 331.5w/KM

User avatar
Dauntless   100 GW

100 GW
Posts: 9910
Joined: May 29 2010 1:49am
Location: Coordinates: 33°52′48″N 117°55′43″W

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by Dauntless » Jul 27 2020 10:44pm

AngryBob wrote:
Jul 27 2020 9:21pm
There was definite action taken to prevent prosecution. I can tell you who, and I can prove it.
Your story is interesting to me for research purposes, I still fancy myself getting the chance to have a screenplay produced. But 'Named and Shamed' works mostly in the imagination of those who try to weaponize it. As Neps says, most likely more trouble than it's worth.

Mostly you have to make him feel he failed. Like with the trolls and the flying monkeys, you make them realize they gain nothing and therefore feel robbed of their adrenaline rush. The system runs fine, the bad guy is out there somewhere, crying 'Curses. Foiled again.'

I do find myself thinking of a low budgeter with a guy like you're describing as the villain. . . .
Any sufficiently advanced technology is INDISTINGUISHABLE FROM MAGIC!
- Arthur C. Clarke

User avatar
neptronix   100 GW

100 GW
Posts: 14320
Joined: Jun 15 2010 5:56pm
Location: California refugee living in Utah, USA
Contact:

Re: 07/23/2020 DDOS attack on forum & fix - do you notice any complications?

Post by neptronix » Jul 28 2020 2:24am

Okay, i got the information i needed. thanks.
"Love and compassion are necessities, not luxuries. Without them, humanity cannot survive." - Dalai Lama

My first major build: 1.6kW 8T MAC motor on a Trek 4500.
The new all-arounder: Leafmotor 1500w @ 4kW on a Turner O2 full suspension.
The monster scooter: 20" eZee on a Cannondale Semi Recumbent.
Whipper-snapper: ? on a lightweight BikeE Semi Recumbent

Locked