Castlecops main forum comes on, but sloooowly. However, their HIPS Wiki (http://wiki.castlecops.com/HIPS/IDP_programs/services) page, which we often refer to, is totally unreachable for 3 days now.

Is anyone able to reach that Wiki site? Does someone know the CC Administrator well enough to let him know about this issue?

{QUOTE-> Denial of Service: DDoS Attack
At approximately 1:30 AM July 8, 2008 CastleCops Wiki, German site, Hashes, Volunteer Blogs as well as other services were taken offline due to a DDoS in excess of 100 m/s, which was negatively impacting the ISPs other clients. Both the sites are still currently offline while servers are prepared for them at a new location. <-QUOTE}
Source: http://www.castlecops.com/

Cheers

Thanks subset.

Wow -- those poor blokes seem to draw a lot of DDoS attacks!!! I wonder why?

I wish LWM or one of the other inner sanctum fellows would drop by & explain CC's frequently recurring DDoS problem.

Uhhh... does anyone care to explain what is a DDoS exactly, why is it done, & by whom (usually)?

{QUOTE-> does anyone care to explain what is a DDoS exactly <-QUOTE}I would but then I'd have to....:P

A thread We had a few months back when DSLR was being hit is a very good read with some supplied links. This (http://www.wilderssecurity.com/showthread.php?p=1206595#post1206595) post for instance, which is just one of many with DDoS explanations.

Thanks for the link, Bubba. An interesting read. I still wonder why CC is so often a target.

P.S. Because of this ap-cray, I now intend to donate $ to the fund for improving their servers.

{QUOTE-> I still wonder why CC is so often a target. <-QUOTE}
Hi bellgamin,

I would assume that the ddos attacks are occuring because CastleCops help authorities shutdown malware and phishing sites as well as spammers. They also help users clean up there computers and educate them which all translates into lost profits for the bad guys.

{QUOTE-> Hi bellgamin,

I would assume that the ddos attacks are occuring because CastleCops help authorities shutdown malware and phishing sites as well as spammers. They also help users clean up there computers and educate them which all translates into lost profits for the bad guys. <-QUOTE}Shazam! I am now a "friend of Castlecops" because...

{QUOTE-> Any enemy of the enemy is my friend. <-QUOTE}

Bummers. Now the Castlecops forum is also unreachable, so I cannot as yet donate.

Does anyone know if there is an alternate URL for CC?

I haven't been able to get there for some time, when I have tried off and on. No idea about an alternate.......

It's back up. The forums that is.
Very very slow at loading but I can get there.

No such luck here; I haven't been able to get there since I got up this morning (about five hours ago)

There is no alternate url, and the Malware Lists 'mirrors' are unavailable as well.

As a major thorn in the side of spammers and other cybercriminals, Castlecops has been a prime target for criminal attacks.

In recent months the Castlecops Wiki pages have documented tens of thousands of spammed sites that have been suspended on request by several of the most abused registrars in China (Xin Net, Beijing Innovative Linkage Technology, Todaynic, Bizcn). This will have been a kick in the butt for cybercrime.

The other activities of Castlecops to rein in spammers (SIRT) malware (MIRT) and phishing operations (PIRT) and to prepare evidence for law enforcement for the arrest and prosecution of the perpetrators has also made the site a target.

It is possible, if not likely, that this is the reason for the latest round of Denial of Service attacks, designed to take Castlecops off the air.

The site owners are taking measures to mitigate the attack, of course. It is not for me to reveal such measures. But given the close relationship between Castlecops and law enforcement, I question the intelligence of the attackers.

Paul has just updated the status report:
This past week has brought a series of unfortunate events. The wiki, hashes, german and mirrors #1 sites are all moving from ApplicationX to ISC.org due to DDoS attacks on CastleCops there. Simultaneously, the main site had its MySQL server overused which is on a shared server. We are working on recovering performance. Since Saturday morning we have Analyzed and Repaired all tables. Right now we are Optimizing them with no ETA.

{QUOTE-> Right now we are Optimizing them with no ETA. <-QUOTE}

Do you mean ETC instead of ETA (I am presuming that you are using an English acronym)?

Still can not get to their forums.
Did very breifly but slow a few days ago.
But this part is back up........at least here it is. ;D
http://wiki.castlecops.com/Beta_Content

Any news about the situation now? I was able to view and post (I think) in the forums some days ago but it was slower than a turtle in slow motion and now I can't even get in.

Is castlecops still being attacked? I've found it slow and sluggish for a few weeks but haven't been able to access the forum at all today, connection just times out

Reportedly, the principal problem recently has been the server being unable to handle the amount of traffic required, and, again reportedly, a new server is being built.

No further information as yet, I'm afraid...

Thx, nice to know that.