I visited castle cops.com on 3.17 P.M GMT(greenwhich mean time).Is the site down due to hackers or what?You see a video called all your base are belong to ours.

CastleCops under DDoS attack.


http://weblog.infoworld.com/securityadviser/archives/2007/02/castlecops_unde.html

somebody set up us the bomb

That video is me, no worries.

From the infoworld article
-{ Quote: "At that point, CastleCops entered into a live or die situation. We don't have the money to add on extra bandwidth.

We need help from our friends in industry to stay alive and keep up the fight. This is all that Robin and I do, and we don't want to stop." }-
Is there a link we can use to help with the bandwidth costs? What else will help?
Rick

Mick_H1

Your post and replies are located here. (http://www.wilderssecurity.com/showthread.php?t=165877)

It was working again this morning, but it's not loading at all now, looks like it's being DDos'd again. :-\

They're up at the moment, but slow.
Rick

Yes, it´s very slow at this moment :'(

What a bummer..good luck guys.>:(

http://www.prolexic.com/

CC is no longer running advertisements, so donations/sponsorships would be appreciated.

I'm currently getting a message that the site is not available.

I get the same. I expect that's to deflect the DDoS. http://wiki.castlecops.com and http://de.castlecops.com are up and running though.

My IE progress bar is woefully slow in a vain attempt to get to CC. Looks to me like they been popped alright.

We're still working on it, but we're getting there. Anyway, here is an MRTG of the attack today. Almost a full 1Gb/s.

-{ Quote: "CC is no longer running advertisements, so donations/sponsorships would be appreciated." }-Could you perhaps give us the url for a neutral website where donations to Ccops can be made?

Paypal paul -at- computercops -dot- biz, or...

CastleCops
PO Box 753
Wooster, OH 44691

Zhen-Xjell said :
-{ Quote: "CC is no longer running advertisements, so donations/sponsorships would be appreciated." }-
CC is a valuable resource for security and privacy.
Yes, I will help:thumb:

Why are you being DDoS'd? It seems that when this occurs people always jump to the conclusion, "How are we going to fight back?" instead of "Why would someone be doing this?" The solution that you seem so desperate to come up with is, "How can we increase our bandwidth?" There are alternatives like finding out who you pissed off and seeing if you can enter into a dialogue with that person to resolve your differences.

The site is taking ages to load. And it never loads at all, to be frank.

-{ Quote: "The site is taking ages to load. And it never loads at all, to be frank." }-

Doesn't here either. :'( ... and PIRT/MIRT as well as all CC databases are therefore also unavailable.

Incidentally, it's most unfortunate that there are no mirrors for those databases. Helpers at malware removal forums all over the world depend on them!

But needless to say, right now the priority is of course to get the site itself back on line ASAP

Security is an unwinnable war. You either play the defender or the attacker.

We will prevail and be stronger by it. In fact once we are back hijacktrend will go into full gear. We'll have years of hijackthis profiling available for all to use.

I still hear people talking with a "fight, fight, fight" mentality. Why hasn't anyone addrssed my previous point?

-{ Quote: "Security is an unwinnable war. You either play the defender or the attacker." }-
If nadirah's premise is correct, and I believe it is, then it behooves you to try and reconcile your differences with your attacker.

I recommend reading The Art of War by Sun Tzu.
http://en.wikipedia.org/wiki/The_Art_of_War

-{ Quote: "Why are you being DDoS'd? It seems that when this occurs people always jump to the conclusion, "How are we going to fight back?" instead of "Why would someone be doing this?" The solution that you seem so desperate to come up with is, "How can we increase our bandwidth?" There are alternatives like finding out who you pissed off and seeing if you can enter into a dialogue with that person to resolve your differences." }-

I doubt you can really dialogue with this type of mindset (and why should you, they are basically ''terrorists''); look at the scum that was ddos'ing gmer - they kept it going a whole month.

-{ Quote: "Why are you being DDoS'd? It seems that when this occurs people always jump to the conclusion, "How are we going to fight back?" instead of "Why would someone be doing this?" The solution that you seem so desperate to come up with is, "How can we increase our bandwidth?" There are alternatives like finding out who you pissed off and seeing if you can enter into a dialogue with that person to resolve your differences." }-
;D ;D ;D That makes as much sense as the post on TDS..you make way too many assumptions without being privy to the facts or understand DNS.

-{ Quote: "I doubt you can really dialogue with this type of mindset (and why should you, they are basically ''terrorists''); look at the scum that was ddos'ing gmer - they kept it going a whole month." }-
What I hear you saying is that it is very difficult to dialogue with people like this and you don't feel it is appropriate even to try due to their methods. Then, you go on to state a fact that basically acts as a reason for opening dialogue [a month offline is very costly].

You do raise a very difficult question, "Is it prudent to negotiate with 'terrorists'?" I don't have the answer to this one, but it is extremely important to consider.

I will say that sometimes moderators, administrators, and others with "power" in an online forum setting occasionally let that control go to their head and use there power to effectively piss people off. When those pissed off people feel powerless it seems they feel their only recourse is to take extreme measures in an attempt as hurting the people that hurt them. One of those measures is to blast them off the Internet. In my opinion, someone at CC may have abused their authority and now they are feeling the repercussions of doing so.

-{ Quote: ";D ;D ;D That makes as much sense as the post on TDS..you make way too many assumptions without being privy to the facts or understand DNS." }-
Yea...because I was way off on the whole TDS thing. If you recall Primrose, I was one of the first to call TDS out for what it truly was. Sure there is information about Wayne and TDS that we don't have, but res ipsa loquitur and time has essentially proven that my initial allegations weren't far from reality. To this day, people have not received refunds, yet Wayne still accepts payments without delivering license codes.

Back to the topic at hand, my point is that there are other alternatives than to return an attack with an attack.

-{ Quote: "In my opinion, someone at CC may have abused their authority and now they are feeling the repercussions of doing so." }-
You are highly in error in that assumption.

-{ Quote: "What I hear you saying is that it is very difficult to dialogue with people like this and you don't feel it is appropriate even to try due to their methods. Then, you go on to state a fact that basically acts as a reason for opening dialogue [a month offline is very costly]. " }- I'm basically saying that IMHO it's a bit naive to assume that you can negotiate with these people. They are unlikely to want to negotiate.
-{ Quote: "
I will say that sometimes moderators, administrators, and others with "power" in an online forum setting occasionally let that control go to their head and use there power to effectively piss people off. When those pissed off people feel powerless it seems they feel their only recourse is to take extreme measures in an attempt as hurting the people that hurt them. One of those measures is to blast them off the Internet. In my opinion, someone at CC may have abused their authority and now they are feeling the repercussions of doing so." }-

This is pure speculation, DDos'ing (from what I know) on the scale that castlecops is facing, is very unliklely to be done by a disgruntled forum member turned troll. This type of attack is basically "organised crime" and should be treated with the seriousness it deserves by law enforcement agencies.

I very well may be, but who says, "Yes...we abuse our 'power'?"

I certainly do not have reason to believe that abuse of power is the cause, or even a reason, for you dilema. I am simply stating I have seen moderators, administrators, etc. let their "authority" get to their head. I have also seen DDoS attacks result from hurt feeling due to online remarks. See the case involving Steve Gibson @ GRC.com. Therefore, it is possible that a CC moderator of administrator pissed someone off and that person decided to get revenge. Certainly, you don't claim that it is out of the realm of possibility.

I am open to a better explanation. My initial question included, "Why would someone orchasrated a DDoS attack against CC?"

-{ Quote: "I'm basically saying that IMHO it's a bit naive to assume that you can negotiate with these people. They are unlikely to want to negotiate." }-
Is it?

-{ Quote: "This is pure speculation, DDos'ing (from what I know) on the scale that castlecops is facing, is very unliklely to be done by a disgruntled forum member turned troll. This type of attack is basically "organised crime" and should be treated with the seriousness it deserves by law enforcement agencies." }-
You are 100% correct. It is pure speculation and I don't deny that. You also may be right about the possibility of this being organized crime. However, it is naive to assume that it is unlikely to be a disgruntled form member. The availability and scope of botnets allows even the most insignificant person to yeild the power to blast almost anyone off the net.

-{ Quote: "
I am open to a better explanation. My initial question included, "Why would someone orchasrated a DDoS attack against CC?"" }-

This is pure speculation but is one of many possibilities - gmer.net (and every mirror site associated with it) suffered massive ddos last month, CC hosted gmer temporarily and helped get gmer.net up and running again.

Londonbeat,
Your explanation seems more plausible.

-{ Quote: "This is pure speculation, DDos'ing (from what I know) on the scale that castlecops is facing, is very unliklely to be done by a disgruntled forum member turned troll. This type of attack is basically "organised crime" and should be treated with the seriousness it deserves by law enforcement agencies." }-Agreed. I add that a ddos, no matter what "wrongs" is supposed to be "punishing" (and I shall add, I really, really doubt there were any done by Castlecops) is always an illegal activity that is done with deeply illegal means. You can't ddos a site with you regular machine or even a bunch of machines, this is always related to hundreds or thousands of zombies that were illegaly compromised.

TNT,
That is a good point. I, of course, was not condoning the action. At the same time, just because the action is illegal doesn't mean that the rationale behind it should be ignored.

-{ Quote: "There are alternatives like finding out who you pissed off and seeing if you can enter into a dialogue with that person to resolve your differences...
Why consider doing that? If a bank employee becomes disgruntled and launches a DDoS attack against the online banking web site, does the bank negotiate? Nope...the law gives the disgruntled employee free room and board.

I still hear people talking with a "fight, fight, fight" mentality. Why hasn't anyone addrssed my previous point?

If nadirah's premise is correct, and I believe it is, then it behooves you to try and reconcile your differences with your attacker...You also may be right about the possibility of this being organized crime.
Reconcile with organized crime? Seriously?

However, it is naive to assume that it is unlikely to be a disgruntled form member.
It's not naive...it's just not a likely possibility.

The availability and scope of botnets allows even the most insignificant person to yeild the power to blast almost anyone off the net.
Which is why when the law steps in and gives that one some free room and board, no one has any sympathy.
" }-

Those who write malware these days are doing so in an effort to invade your computer and keep control of it...not just yours but ANYONE ELSE who unwittingly falls into the pit of mire they construct. Once there, any user on the compromised machine is intended prey.

These unsuspecting users will forfeit their most private information to the writers of today's malware. With that private information, they assume the identities of those victims.

Users who are engaged in the illegal activity of "stealing" people's identity are most likely behind the efforts to keep CastleCops offline.

It's not rocket science...if they can steal your identity, they put YOUR money in THEIR pockets.

If Keeping your identity and money safe from thieves is the objective, how would negotiating be beneficial?

Along with your premise, it's assumed that those who are "pissed" are those from whom the potential to steal has been removed or blocked.

Keeping in mind, those involved with any sort of negotiating that you suggest, a compromise is expected from both parties as well...I would ask, exactly who would you expect to benefit?

1972vet,
We seem to agree. Our difference seems to rest on the fact that you are arguing as if the perpetrator is organized crime and I am arguing as if the perpetrator is a disgruntled forum member. Your next question may be, “Why does it matter?” You may say both are criminals and should be treated as such. You would be right on that point as well.

My point was not that the law should yield to the criminals because they are difficult to locate, but rather I was not looking at this from a legal perspective at all. The law should handle this in the manner in which the law provided. I am looking at this from the perspective of CC. Their solution, which seems consistent with others that have the misfortune of finding themselves the victim of a DDoS attack, is to throw bandwidth at the problem (which I erroneously characterized as an attack, which more accurately should have been termed “defensive measures”). In order to employ such defensive measures, CC is asking for help (i.e. money). My suggestion (assuming this attack to be from a disgruntled individual rather than organized crime), was to attempt to establish dialogue with the attacker and uncover the point of contention. This is cheap and could be effective.

1972vet, I don’t think you and I are arguing within the same parameters with the same definitions. In other words, our definition of “attacker” was not equal.

-{ Quote: "Security is an unwinnable war. You either play the defender or the attacker." }-
That doesn't stop me for one. Now that you mention it, I come to think of it as being a full-back (in football), they are of the defence, yet also have attacking responsibilities. CastleCops and Wilders alike, both facilitate in the defense of peoples' networks, at the same time it is damaging the opposing force. Whether the battle is winnable or not, I will fight on.

-{ Quote: "In my opinion, someone at CC may have abused their authority and now they are feeling the repercussions of doing so." }-
I really doubt that very much. This ain't some peed-off kid, it's organised crime.

You are correct. This seems to be organized crime. Wow! I didn't realize the magnitude of this attack.

Board seem to be back NOW ;)

http://www.castlecops.com/article-topic-1.html

Be well everyone ;) I just love all these theories.. reminds me of...


Bubba went to a psychiatrist.
" I've got problems. Every time I go to bed I think there's somebody under it. I'm scared. I think I'm going crazy."

"Just put yourself in my hands for one year," said the shrink. "Come talk to me three times a week, and we should be able to get rid of those fears."

"How much do you charge?"

"Eighty dollars per visit, replied the doctor."
"I'll sleep on it," said Bubba.

Six months later the doctor met Bubba on the street. "Why didn't you ever come to see me about those fears you were having?" asked the psychiatrist.

"Well Eighty bucks a visit three times a week for a year is an awful lot of money! A bartender cured me for $10. I was so happy to have saved all that money that I went and bought me a new pickup!"

"Is that so! And how, may I ask, did a bartender cure you?"

"He told me to cut the legs off the bed! - Ain't nobody under there now !!!"

HeHeHe...good one Primrose. That reminds me why I like this psychiatrist joke so much:

This guy, with a frog on his head, went in to visit a psychiatrist. Taking a seat on the couch and after making himself comfortable, the psychiatrist says:
"So, what can I do for you?"

...and the frog says:
"I was hoping you could help me get this wart off my ass?"

cc back up for me too

@dallen: while i appreciate what you are trying to suggest, there is no reasoning with this kind of activity.

This may not rate too highly on a world scale for injury or commercial damage, but, nonetheless, this is cyber terrorism on a grand scale.

May be some crime syndicate? Why would that type of organisation attack a non commercial site and risk exposure: what gain for them? Unless this is a test.

Likely some "junior hackers" testing their bot net?
Prelude to some commercial blackmail?
Showing off?

Maybe just coincidental but seems a bit spooky: the ddos against gmers little site, the support from CC and then the ddos against CC.

There is (correct me if I'm wrong) little or no chance of finding and stomping on these operators. They could be in any legal jurisdiction. Who would prosecute? Who would fund a civil suit against them? What really is the damage in $ & c?

I hope they can be exposed held to ridiculeand stomped into the ground. It behooves all operators of all public forums and their ISPs/hosters to cooperate> who is next on the hit list?

Honi soit qui mal y pense.

Just the observations of a rube.

Regards.

-{ Quote: "There is (correct me if I'm wrong) little or no chance of finding and stomping on these operators. They could be in any legal jurisdiction." }-

I will happily correct your assumption...let's follow this line of thought to a logical conclusion.

If there is no chance of finding these criminals and "stomping" on them, then the entire world is their playground. The CastleCops web site being non-commercial, notwithstanding, you can bet the farm, there are both commercial web sites as well as government that have undergone the exact same thing. Result?

Here is the summary chart (http://www.usdoj.gov/criminal/cybercrime/cccases.html) for your reading pleasure.

-{ Quote: "Why are you being DDoS'd? It seems that when this occurs people always jump to the conclusion, "How are we going to fight back?" instead of "Why would someone be doing this?" The solution that you seem so desperate to come up with is, "How can we increase our bandwidth?" There are alternatives like finding out who you pissed off and seeing if you can enter into a dialogue with that person to resolve your differences." }-
Most likely, they're being DDOSed because of PIRT, the taking down of phishing sites. Those who run these sites, along with spammers and botnet masters don't take kindly to someone interfering with their illegal profits. Law enforcement and laws themselves are years behind the reality of the net.

Look back at Blue Security. They were knocked out permanently for fighting spammers. Whether people want to hear it or not, the internet is an almost unregulated war zone. Some of these botmasters have more computer power under their control than many countries. There's no usable international cooperation to fight this with as politics get in the way. I'm sorry to have to say it this way, but fighting this war nicely will get you nowhere. The criminal element controls a major portion of the net and a much larger percentage of users PCs than most realize. They're not going to give people back their PCs by voluntarily removing their trojans and rootkits, no matter how nice we ask. We have to take them back, one at a time, while trying to prevent others from having theirs taken. If we don't take back the net, it won't be worth having.
Rick

Regarding the post asking why gmer would be attacked, then CC, it's quite simple really. Gmer was detecting their malicious code. It's existence is a threat to their income. When CC supported them, that upped the ante. Pirt also hits them in the wallet. They choose targets to either make money or to stop the loss of money. The motives are money and control, nothing more.
Rick

The more I read about this, the more interesting it becomes. In trying to decide how I'm going to merge my study of the law with my love for computers and technology, I'm thinking cyber-law might be a logical merger of the two into an area that seems to be on the horizon. Especially, considering:
-{ Quote: "Law enforcement and laws themselves are years behind the reality of the net.
" }-
In the meantime, I will remain intrigued by this topic.

@1972vet
-{ Quote: "I will happily correct your assumption" }-Thankyou.
I am very happy to see that justice is grinding away.
This one made me laugh ( in a sober kind of way)
Shows integrity on the part of the DOJ
http://www.usdoj.gov/criminal/cybercrime/racinePlea.htm

I see that overall the total fines handed out equal about the bonus of one of the "big banks" CEO bonuses. :dry:

I note that since 2004 most of those cases have been prosecutions of individuals hacking US Govt networks.

There is virtually no cases against spammers, ddoses against commercial sites (some against govt sites)

there is some interesting reading in some of the cases:
EG: According to the Complaint, because of LEUNG’s intrusion into Marsh’s database, Marsh was required to expend thousands of dollars to, among other things, secure its system from future unauthorized access and re-enter deleted data. So: shitty security in the first place at a large insurance co hmm?

@herbalist-{ Quote: "
Most likely, they're being DDOSed because of PIRT, the taking down of phishing sites. Those who run these sites, along with spammers and botnet masters don't take kindly to someone interfering with their illegal profits. Law enforcement and laws themselves are years behind the reality of the net.

Look back at Blue Security. They were knocked out permanently for fighting spammers. Whether people want to hear it or not, the internet is an almost unregulated war zone. Some of these botmasters have more computer power under their control than many countries. There's no usable international cooperation to fight this with as politics get in the way. I'm sorry to have to say it this way, but fighting this war nicely will get you nowhere. The criminal element controls a major portion of the net and a much larger percentage of users PCs than most realize. They're not going to give people back their PCs by voluntarily removing their trojans and rootkits, no matter how nice we ask. We have to take them back, one at a time, while trying to prevent others from having theirs taken. If we don't take back the net, it won't be worth having." }-Agree
-{ Quote: "Regarding the post asking why gmer would be attacked, then CC, it's quite simple really. Gmer was detecting their malicious code. It's existence is a threat to their income. When CC supported them, that upped the ante. Pirt also hits them in the wallet." }-
While I accept that PIRT and Blue Security make CC a target, do you really believe that gmer has in any way affected these syndicates?
If so then logically, why have Symantec, AVG, BitDefender, Sophos, FSecure, PrevX et al ( and rk.xell.ru of course) not been targeted. (yet?)

Not that the big commercial vendors would tell us, or they may be well protected.

-{ Quote: "They choose targets to either make money or to stop the loss of money. The motives are money and control, nothing more" }-
V succinctly put.

Some of these cases while important are "tiddlers" and undoubtably represent the tip of the iceberg. How can you calculate the real cost of the blaster and melissa? (No mention of MS any where :shifty: )

While I utterly despise the theft of identity and personal financial or any other details and while I applaud the DOJ for getting these guys, some of those companies involved should be ashamed of themselves for putting our stuff (and we all are in this together) at risk. They huff and puff about theft and yet fail to protect us.

Whatever the motivation of taking down CC, what it points to is the "jungle warfare going on. Piss these hoods off and they will try and break you. >:(

Sorry, got a bit OT there

Congrats to CC for weathering the storm. Donations sent.

There is no defence against a massive ddos is that correct?

-{ Quote: "In trying to decide how I'm going to merge my study of the law with my love for computers and technology, I'm thinking cyber-law might be a logical merger of the two into an area that seems to be on the horizon." }-
I wish you the best. The international nature of the net is much of the problem. Different laws in different nations. I don't see anything short of some form of international law, agreed on by most countries having any real effect. Just setting up an international agency with the skill and resources to fight this battle would be a big job. Then who pays for it? That's where any agreement will hit a brick wall, when the cost is figured out.

The other part of the problem would be keeping such international laws up to date with the technology. If you've followed any of the international legal efforts regarding internet usage, they center around piracy. Amazing priorities, stopping the theft of audio files or someones "intellectual property" is more important than theft and malicious usage of anothers property (their PC). As long as the powers that be have such twisted priorities, nothing will get any better.
Rick

We crossed posts.
-{ Quote: "While I accept that PIRT and Blue Security make CC a target, do you really believe that gmer has in any way affected these syndicates?" }-
Gmer is part of another front of this war, the "code vs code" aspect of it. The criminal element tries to make their malware undetectable. It's a fact that they've made specific efforts to defeat rootkit detection software, even though the typical user probably doesn't have a clue what a rootkit is. Gmer is one of those tools that does well at detecting the new methods of hiding their malware. That malware is what they're using to launch these attacks.

If you translate this into military terms (might as well, it is war) rootkits equate to stealth technology. Gmer represents an anti-stealth weapon they don't want to see in common use. By itself, gmer isn't much of a threat to them, except that it exposes the existence of their malicious code. The real threat it represents can be seen in how security-ware works. Someone develops a really good app that outperforms everything like it. The industry takes note, develops equivalent apps, then the big suite vendors start adding that feature to the security-ware used by the masses. Look at what's referred to as HIPS (application firewalls). Once the bigger vendors realized how effective it can be, it's being added to security apps everywhere. The last thing these criminals want to see is effective rootkit software in the average security suite. They'd lose a big percentage of their botnets if that happened.

If the methods Blue Security used had caught on and been adopted by bigger security companies, spammers would be be taking a major financial hit, so they hit the vendor while it was small, and alone, and took them out. While their methods may have been ethically debatable to some, it was effective.

There's one clear lesson here that everyone needs to understand. We can't ever let anyone on this side of the war stand alone again. Whether we agree with their methods or not, it's still far better than the tactics used by the criminals we're fighting. They're working together. We have to do likewise.
Rick

*cough*

They went down again just as I was viewing their forums.

This appears to be a VERY, VERY focused, concerted attack. I mean, it can't just be bots, can it? Someone appears to be keeping careful track of the Cops' efforts to counter the attack. I surmise that certain, ahh... "criminal elements" seriously do not want that site to exist (like, at all).

I wish CastleCops all success in overcoming the attacks. The only good phish is a fried phish.

-David

-{ Quote: "This appears to be a VERY, VERY focused, concerted attack. I mean, it can't just be bots, can it? " }-
Yes, it can. Bots are code robots, responding almost instantly to the commands of their master. You can bet whoever is behind the attack is monitoring everything that goes on and adjusting the instructions he gives the bots as needed.
Rick

Castle Cops site is quite variable right now. Got there easily but navigating around is erratic.

Well this CC sustained attack could be due to the PIRT/MIRT forums etc on there ?

It could also/instead be due to them hosting the GMER ARK ?

Maybe even an agrieved member, or two ?

But it may be nothing to do with any of the above. In fact it could possibly be someone who has never posted on there, but has had bad or incorrect things said about them, or something connected with them, in some ways ! They may feel as this hasn't been corrected, if true of course, that CC needs a lesson ?


StevieO

-{ Quote: "Yes, it can. Bots are code robots, responding almost instantly to the commands of their master. You can bet whoever is behind the attack is monitoring everything that goes on and adjusting the instructions he gives the bots as needed. " }-

Right--I figured that. What I meant in my comment was that it was not "just" bots in the sense of it being a one-time attack that some script kiddie(s) ran over the weekend and then got bored with. I mean, the bots do not appear to be presently unattended, yes? It seems like they're continuing to monitor (and adapt to) the site's progress in responding.

That said, you're right--they're back up again (<15 minutes after going down w/the DDoS sign going back up). Idunno...maybe it's not a new wave of attack. Maybe it's just part of the site owners' work to get things up and running again.

-David

-{ Quote: "Someone appears to be keeping careful track of the Cops' efforts to counter the attack. I surmise that certain, ahh... "criminal elements" seriously do not want that site to exist (like, at all)." }-

Very much in agreement with that statement. It matters none to me at all whether these pimple faced punks know it or not...but they too are being watched.

Frankly, I'm loving this...like watching a train wreck.

-{ Quote: "Well this CC sustained attack could be due to the PIRT/MIRT forums etc on there ?
More than likely, that's the case.

It could also/instead be due to them hosting the GMER ARK ?
Not very likely but plausible

Maybe even an agrieved member, or two ?
No insult intended, really...but Really!

But it may be nothing to do with any of the above. In fact it could possibly be someone who has never posted on there, but has had bad or incorrect things said about them, or something connected with them, in some ways ! They may feel as this hasn't been corrected, if true of course, that CC needs a lesson?
All of that is doubtful. Regardless, the point is this...we all agree here that no one has the right to do such a thing. The CC's web site, although the first born of Paul and his wife Robin, is the stepchild of us all.

We all love that child as if it was our own and will fight for it as any parent would fight for their own children all the while hoping and dreaming of their bright future.

Should anyone or thing approach near enough to the Bear cub the Mother Bear is expected to make THAT one, it's next meal.
" }-

-{ Quote: "Paypal: paul -at- computercops -dot- biz" }-
:thumb: Just to bump this important piece of information :thumb:

This is a dedicated focused Ddos apparently.

-{ Quote: ">>> UPDATE <<
We're under a DDoS, but we will prevail. Good shall overcome. --Paul Laudanski" }-

-{ Quote: ">>> SQL Outage: moving to another server. Keep up the good fight! --Paul Laudanski <<<

visit our wiki, or german site w/english forums.

*Lets Remember*" }-
From the above links:

german site w/english forum (http://de.castlecops.com/forum/search.php?searchid=8197&langid=1)

is working.

Dear sweet merciful heavenly host...

I quote from their site:

"We will not be silenced! Here is a current MRTG chart showing about two hours ago we had a 933Mb/s spike DDoS, while a 44Mb/s is now consistent. Someone isn't happy we're up and running."

Clearly this is no weekend job and no "disgruntled member" or anything like that. These are (*cough* !NewJersey! *cough*) organized cyber-criminals.

You know, I really never visited or paid attention to CastleCops before, but at this point I am seriously considering joining and helping out in some low-level (*cough* $$$ *cough*) manner. Anyone who pisses off organized criminals this much is someone I consider a major dude (by which I effectively mean "unpaid public servant" or somesuch).

-David

For those wondering what CastleCops or PIRT is about, see this Washington Post article:

http://blog.washingtonpost.com/securityfix/2007/01/in_praise_of_the_phish_fighter.html

To those donating, thank you very much. We will not be silenced!

Scope of the problem: and this is what is known
#$@^&**
http://www.darkreading.com/document.asp?doc_id=117924
Bot nets even fighting each other.

http://blog.washingtonpost.com/securityfix/2007/02/spammers_declare_war_on_antisc.html

-{ Quote: "CastleCops co-founder Robin Laudanski said the intermittent site shutdowns have been inconvenient, but added that they have bolstered support for the group from within the security community.

"I take [the attacks] as a compliment because if we weren't putting a dent in the bad guys' pocketbooks, we wouldn't be getting attacked," Laudanski said. "It means we're being a pain, and that we're doing something right."" }-


http://www.infoworld.com/article/07/02/23/09OPsecadvise_1.html

-{ Quote: "But as Paul and Robin of CastleCops said, "We're in this for the long haul. We aren't going to be intimidated. We aren't going to go away." " }-

http://www.castlecops.com/article-6749-nested-0-0.html

I would have to say I agree that is is because of GMER.
Oh or did I miss something again?

con

I could be wrong, but to my knowledge gmer did not see that kind of attack.

-{ Quote: "I would have to say I agree that is is because of GMER.
Oh or did I miss something again?
" }-
@controler

DDoS to my domain was much more weaker

Hi

Can't get to CastleCops again this morning. Anyone experiencing similar problem ?

Yep, same here.

Gerard

Hi

Just come back for me now :thumb: