Someone threatens the website of a systen I'm quite pleased with, http://e107.org. It's a PHP open source content management system (I'm using it for a few sites), so it deserves all the support it can get.
It's happened frequently that this site was abused, but this time it's getting meaner.
I'm frustratingly MAD. All I can do is report it over here. Just to get it off my chest. Feel free to join me in mourning or fighting, I don' t know :'( :'( :'(

let jailist http://e107.org/user.php?id.1 site owner post the entire log of whatever he got and it may be possible to estimate the seriousnes of it...

Read his news post here: http://e107.org/news.php?extend.482

URL tags added to the link

I second that.
It's about time some of the best programmers the Internet has, put finaly an end to attacks, virussus and other things by let us find who does those things and wipe them from the Internet forever.
As (a bit late) X-mas wish I hope we get back 'our' internet like it was ment too, if not for us, then for our children.

:) Coml@@g

It seems that a Mambo (yet another open source CMS) community site also has some problems with mail bombers, etc.

See the news messages of 27/12 and 28/12 on that site (http://www.mamboportal.com/)

TLM

I'm sad to see other related sites suffer the same treatment I do, and I'm very pleased to see the developers of Mambo got their issue resolved, they don't deserve this treatment any more than any of us do.

jalist
http://e107.org

{QUOTE-> quoting: meneer link=board=18;threadid=18467;start=0#msg113932 date=1072651826]
Someone threatens the website of a systen I'm quite pleased with, http://e107.org. It's a PHP open source content management system (I'm using it for a few sites), so it deserves all the support it can get. <-QUOTE}

Disgusting - although not uncommon, unfortunately >:(. I do agree Andre, it's a wonderful open source management system indeed, and truly deserves all the support it can get.

{QUOTE-> It's happened frequently that this site was abused, but this time it's getting meaner.
I'm frustratingly MAD. All I can do is report it over here. Just to get it off my chest. Feel free to join me in mourning or fighting, I don' t know :'( :'( :'(
<-QUOTE}

IMHO there's only one choice: fight back!. We have been there: severe mailbombing for a seven days in a row, hacking attempts, you name it. Lesson learned: never give in - period.

Although this isn't the most suitable place to join forces, I for one am willing to help wherever I can (addy is in my profile). The developer is very welcome to register over here and/or drop me an email.

As for those speaking up in favor of e107: don't hesitate to register as a member over here - and make sure to enable to hide your email from the public.

regards.

paul

Steve,

First of all: welcome!

See my post above - I'm willing to help out whenever I can. Joining forces is a good thing to do in situations like these.

regards.

paul

Thanks Paul, although I'm not sure what could be done ...

{QUOTE-> quoting: Steve Dunstan link=board=18;threadid=18467;start=0#msg114024 date=1072663932]
Thanks Paul, although I'm not sure what could be done ...
<-QUOTE}

Steve, any logs available?

regards.

paul

Go get'em Paul!!! >:(

I'm glad this gets a lot of response... and perhaps Steve's the first one with more karma points than posts ;D ;D ;D

Nevertheless, André, I sure like to see some logs - not especially over here but in PM would do...

regards.

paul

Thanks for your offer Paul, I'm very grateful.
Well the only actual thing he's done so far is mailbomb me, nearly 80,000 yesterday (my email server has maxed and is not accessable until my host clears it for me). Looking at the headers, it looks like he used a free webhost to do the dirty work for him, I've emailed them but not recieved a reply.
If you think seeing the email headers would help I'd be glad to forward them to you.

Thanks again.

Glad to be of assistance, Steve.

As for the mailbomb issue and the email headers, feel free to drop me an email. My addy is in my profile. Putting some extra presure on that free webhost at the least won't do any harm ;)

regards.

paul

Update:
The e107.org site is down for some two weeks now. Last weeks the performance was low. but now the site is not available at all.
It seems a DDoS attack was or is taking place :'( >:(

{QUOTE-> quoting: meneer link=board=18;threadid=18467;start=0#msg135134 date=1077608110]
Update:
The e107.org site is down for some two weeks now. Last weeks the performance was low. but now the site is not available at all.
It seems a DDoS attack was or is taking place :'( >:(
<-QUOTE}

Again? >:( I really do hope Steve Dunstan will be up and running again soon - if needed using a mirror.

regards.

paul

They came up, but now are back down.

This time it seems like a concerted ddos on all three primary e107 sites. e107coders, e107themes and e107 itself (all dot org).

I see that coders is back up now with modified code but I still can't get to the other two.

This really is frustrating, Steve is a gifted programmer with a great CMS that I've been pimping for nearly a year now. It's very quick to install (file upload + 10 minutes gives you a useable site) and is now very stable, even for a newcomer to php like myself.

To see this sort of thing happen, caused by (rumour has it) a disgruntled wannabe contributor, is galling in the extreme.

Steve (and e107) deserve(s) better than this.

PS. Hi.

Red Halibut/Tubilah



On edit: This has all the potential of the great hyperlobby/Galen Thurber fiasco (another "jilted lover).

This is what the hosting provider reports:
{QUOTE-> Folks I have only been hosting e107 for two weeks now. Not only did I take on Steve's problem but I brought that problem to myself as they now attack me directly as well. As for ic3.gov I trumped that. Two FBI agents are combing through my logs as of two days ago.

This is a Smurf style attack(Hundreds of servers all of over the world) all requesting a Search of e107 or a search from my search engine.

We had the server load as high 1050 at one point. There has been charges brought against two companies for not pulling their servers being used in the attack when informed.

The rotating Proxy ip is not a new thing to me as I get folks to try to use it to fraud my search engine on a regular basis. So this person didn't know I already has measures in place to bounce back and grab the phone company lines he was using.

I deliberately let him through on day 2 and 3 and will again should he start until the arrest is made. This is an act of terriosm since the signing of the patriot act. My case has been giving priority since my server going down costs the firearm industry 2 .1 million dollars a day.

As for your solutions of error pages that is what happened the past two days when it said forbiddened. This was to allow my other clients to operate in peace.

I have since clustered my servers for a DNS load share.

In short I had ever intention of sucking them in and getting massive damages so the charges would stick. The current bill is over 6.4 million dollars in damages.

I have a whole world of hackers and DOS attackers on us every week. Although this was the first Smurf Attack. I found it educational. <-QUOTE}
Perhaps these crackers can report about their FBI engangement ;D