CastleCops site down?

Discussion in 'other security issues & news' started by srinat, Feb 17, 2007.

Thread Status:
Not open for further replies.
  1. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    :D :D :D That makes as much sense as the post on TDS..you make way too many assumptions without being privy to the facts or understand DNS.
     
  2. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    What I hear you saying is that it is very difficult to dialogue with people like this and you don't feel it is appropriate even to try due to their methods. Then, you go on to state a fact that basically acts as a reason for opening dialogue [a month offline is very costly].

    You do raise a very difficult question, "Is it prudent to negotiate with 'terrorists'?" I don't have the answer to this one, but it is extremely important to consider.

    I will say that sometimes moderators, administrators, and others with "power" in an online forum setting occasionally let that control go to their head and use there power to effectively piss people off. When those pissed off people feel powerless it seems they feel their only recourse is to take extreme measures in an attempt as hurting the people that hurt them. One of those measures is to blast them off the Internet. In my opinion, someone at CC may have abused their authority and now they are feeling the repercussions of doing so.
     
  3. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Yea...because I was way off on the whole TDS thing. If you recall Primrose, I was one of the first to call TDS out for what it truly was. Sure there is information about Wayne and TDS that we don't have, but res ipsa loquitur and time has essentially proven that my initial allegations weren't far from reality. To this day, people have not received refunds, yet Wayne still accepts payments without delivering license codes.

    Back to the topic at hand, my point is that there are other alternatives than to return an attack with an attack.
     
    Last edited: Feb 19, 2007
  4. Zhen-Xjell

    Zhen-Xjell Security Expert

    Joined:
    Feb 8, 2002
    Posts:
    1,397
    Location:
    Ohio
    You are highly in error in that assumption.
     
  5. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350
    I'm basically saying that IMHO it's a bit naive to assume that you can negotiate with these people. They are unlikely to want to negotiate.
    This is pure speculation, DDos'ing (from what I know) on the scale that castlecops is facing, is very unliklely to be done by a disgruntled forum member turned troll. This type of attack is basically "organised crime" and should be treated with the seriousness it deserves by law enforcement agencies.
     
  6. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    I very well may be, but who says, "Yes...we abuse our 'power'?"

    I certainly do not have reason to believe that abuse of power is the cause, or even a reason, for you dilema. I am simply stating I have seen moderators, administrators, etc. let their "authority" get to their head. I have also seen DDoS attacks result from hurt feeling due to online remarks. See the case involving Steve Gibson @ GRC.com. Therefore, it is possible that a CC moderator of administrator pissed someone off and that person decided to get revenge. Certainly, you don't claim that it is out of the realm of possibility.

    I am open to a better explanation. My initial question included, "Why would someone orchasrated a DDoS attack against CC?"
     
    Last edited: Feb 19, 2007
  7. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Is it?

    You are 100% correct. It is pure speculation and I don't deny that. You also may be right about the possibility of this being organized crime. However, it is naive to assume that it is unlikely to be a disgruntled form member. The availability and scope of botnets allows even the most insignificant person to yeild the power to blast almost anyone off the net.
     
  8. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350
    This is pure speculation but is one of many possibilities - gmer.net (and every mirror site associated with it) suffered massive ddos last month, CC hosted gmer temporarily and helped get gmer.net up and running again.
     
  9. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    Londonbeat,
    Your explanation seems more plausible.
     
  10. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Agreed. I add that a ddos, no matter what "wrongs" is supposed to be "punishing" (and I shall add, I really, really doubt there were any done by Castlecops) is always an illegal activity that is done with deeply illegal means. You can't ddos a site with you regular machine or even a bunch of machines, this is always related to hundreds or thousands of zombies that were illegaly compromised.
     
  11. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    TNT,
    That is a good point. I, of course, was not condoning the action. At the same time, just because the action is illegal doesn't mean that the rationale behind it should be ignored.
     
  12. 1972vet

    1972vet Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    12
    Those who write malware these days are doing so in an effort to invade your computer and keep control of it...not just yours but ANYONE ELSE who unwittingly falls into the pit of mire they construct. Once there, any user on the compromised machine is intended prey.

    These unsuspecting users will forfeit their most private information to the writers of today's malware. With that private information, they assume the identities of those victims.

    Users who are engaged in the illegal activity of "stealing" people's identity are most likely behind the efforts to keep CastleCops offline.

    It's not rocket science...if they can steal your identity, they put YOUR money in THEIR pockets.

    If Keeping your identity and money safe from thieves is the objective, how would negotiating be beneficial?

    Along with your premise, it's assumed that those who are "pissed" are those from whom the potential to steal has been removed or blocked.

    Keeping in mind, those involved with any sort of negotiating that you suggest, a compromise is expected from both parties as well...I would ask, exactly who would you expect to benefit?
     
  13. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    1972vet,
    We seem to agree. Our difference seems to rest on the fact that you are arguing as if the perpetrator is organized crime and I am arguing as if the perpetrator is a disgruntled forum member. Your next question may be, “Why does it matter?” You may say both are criminals and should be treated as such. You would be right on that point as well.

    My point was not that the law should yield to the criminals because they are difficult to locate, but rather I was not looking at this from a legal perspective at all. The law should handle this in the manner in which the law provided. I am looking at this from the perspective of CC. Their solution, which seems consistent with others that have the misfortune of finding themselves the victim of a DDoS attack, is to throw bandwidth at the problem (which I erroneously characterized as an attack, which more accurately should have been termed “defensive measures”). In order to employ such defensive measures, CC is asking for help (i.e. money). My suggestion (assuming this attack to be from a disgruntled individual rather than organized crime), was to attempt to establish dialogue with the attacker and uncover the point of contention. This is cheap and could be effective.

    1972vet, I don’t think you and I are arguing within the same parameters with the same definitions. In other words, our definition of “attacker” was not equal.
     
  14. Mere_mortal

    Mere_mortal Registered Member

    Joined:
    Sep 10, 2004
    Posts:
    6
    That doesn't stop me for one. Now that you mention it, I come to think of it as being a full-back (in football), they are of the defence, yet also have attacking responsibilities. CastleCops and Wilders alike, both facilitate in the defense of peoples' networks, at the same time it is damaging the opposing force. Whether the battle is winnable or not, I will fight on.

    I really doubt that very much. This ain't some peed-off kid, it's organised crime.
     
  15. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    You are correct. This seems to be organized crime. Wow! I didn't realize the magnitude of this attack.
     
  16. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
  17. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
    Be well everyone ;) I just love all these theories.. reminds me of...


    Bubba went to a psychiatrist.
    " I've got problems. Every time I go to bed I think there's somebody under it. I'm scared. I think I'm going crazy."

    "Just put yourself in my hands for one year," said the shrink. "Come talk to me three times a week, and we should be able to get rid of those fears."

    "How much do you charge?"

    "Eighty dollars per visit, replied the doctor."
    "I'll sleep on it," said Bubba.

    Six months later the doctor met Bubba on the street. "Why didn't you ever come to see me about those fears you were having?" asked the psychiatrist.

    "Well Eighty bucks a visit three times a week for a year is an awful lot of money! A bartender cured me for $10. I was so happy to have saved all that money that I went and bought me a new pickup!"

    "Is that so! And how, may I ask, did a bartender cure you?"

    "He told me to cut the legs off the bed! - Ain't nobody under there now !!!"
     
  18. 1972vet

    1972vet Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    12
    HeHeHe...good one Primrose. That reminds me why I like this psychiatrist joke so much:

    This guy, with a frog on his head, went in to visit a psychiatrist. Taking a seat on the couch and after making himself comfortable, the psychiatrist says:
    "So, what can I do for you?"

    ...and the frog says:
    "I was hoping you could help me get this wart off my ass?"
     
  19. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,224
    Location:
    Sydney, Australia
    cc back up for me too

    @dallen: while i appreciate what you are trying to suggest, there is no reasoning with this kind of activity.

    This may not rate too highly on a world scale for injury or commercial damage, but, nonetheless, this is cyber terrorism on a grand scale.

    May be some crime syndicate? Why would that type of organisation attack a non commercial site and risk exposure: what gain for them? Unless this is a test.

    Likely some "junior hackers" testing their bot net?
    Prelude to some commercial blackmail?
    Showing off?

    Maybe just coincidental but seems a bit spooky: the ddos against gmers little site, the support from CC and then the ddos against CC.

    There is (correct me if I'm wrong) little or no chance of finding and stomping on these operators. They could be in any legal jurisdiction. Who would prosecute? Who would fund a civil suit against them? What really is the damage in $ & c?

    I hope they can be exposed held to ridiculeand stomped into the ground. It behooves all operators of all public forums and their ISPs/hosters to cooperate> who is next on the hit list?

    Honi soit qui mal y pense.

    Just the observations of a rube.

    Regards.
     
  20. 1972vet

    1972vet Registered Member

    Joined:
    Oct 2, 2005
    Posts:
    12
    I will happily correct your assumption...let's follow this line of thought to a logical conclusion.

    If there is no chance of finding these criminals and "stomping" on them, then the entire world is their playground. The CastleCops web site being non-commercial, notwithstanding, you can bet the farm, there are both commercial web sites as well as government that have undergone the exact same thing. Result?

    Here is the summary chart for your reading pleasure.
     
  21. herbalist

    herbalist Guest

    Most likely, they're being DDOSed because of PIRT, the taking down of phishing sites. Those who run these sites, along with spammers and botnet masters don't take kindly to someone interfering with their illegal profits. Law enforcement and laws themselves are years behind the reality of the net.

    Look back at Blue Security. They were knocked out permanently for fighting spammers. Whether people want to hear it or not, the internet is an almost unregulated war zone. Some of these botmasters have more computer power under their control than many countries. There's no usable international cooperation to fight this with as politics get in the way. I'm sorry to have to say it this way, but fighting this war nicely will get you nowhere. The criminal element controls a major portion of the net and a much larger percentage of users PCs than most realize. They're not going to give people back their PCs by voluntarily removing their trojans and rootkits, no matter how nice we ask. We have to take them back, one at a time, while trying to prevent others from having theirs taken. If we don't take back the net, it won't be worth having.
    Rick
     
  22. herbalist

    herbalist Guest

    Regarding the post asking why gmer would be attacked, then CC, it's quite simple really. Gmer was detecting their malicious code. It's existence is a threat to their income. When CC supported them, that upped the ante. Pirt also hits them in the wallet. They choose targets to either make money or to stop the loss of money. The motives are money and control, nothing more.
    Rick
     
  23. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    The more I read about this, the more interesting it becomes. In trying to decide how I'm going to merge my study of the law with my love for computers and technology, I'm thinking cyber-law might be a logical merger of the two into an area that seems to be on the horizon. Especially, considering:
    In the meantime, I will remain intrigued by this topic.
     
  24. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,224
    Location:
    Sydney, Australia
    @1972vet
    Thankyou.
    I am very happy to see that justice is grinding away.
    This one made me laugh ( in a sober kind of way)
    Shows integrity on the part of the DOJ
    http://www.usdoj.gov/criminal/cybercrime/racinePlea.htm

    I see that overall the total fines handed out equal about the bonus of one of the "big banks" CEO bonuses. :cautious:

    I note that since 2004 most of those cases have been prosecutions of individuals hacking US Govt networks.

    There is virtually no cases against spammers, ddoses against commercial sites (some against govt sites)

    there is some interesting reading in some of the cases:
    EG: According to the Complaint, because of LEUNG’s intrusion into Marsh’s database, Marsh was required to expend thousands of dollars to, among other things, secure its system from future unauthorized access and re-enter deleted data. So: shitty security in the first place at a large insurance co hmm?

    @herbalist
    Agree
    While I accept that PIRT and Blue Security make CC a target, do you really believe that gmer has in any way affected these syndicates?
    If so then logically, why have Symantec, AVG, BitDefender, Sophos, FSecure, PrevX et al ( and rk.xell.ru of course) not been targeted. (yet?)

    Not that the big commercial vendors would tell us, or they may be well protected.

    V succinctly put.

    Some of these cases while important are "tiddlers" and undoubtably represent the tip of the iceberg. How can you calculate the real cost of the blaster and melissa? (No mention of MS any where :shifty: )

    While I utterly despise the theft of identity and personal financial or any other details and while I applaud the DOJ for getting these guys, some of those companies involved should be ashamed of themselves for putting our stuff (and we all are in this together) at risk. They huff and puff about theft and yet fail to protect us.

    Whatever the motivation of taking down CC, what it points to is the "jungle warfare going on. Piss these hoods off and they will try and break you. :mad:

    Sorry, got a bit OT there

    Congrats to CC for weathering the storm. Donations sent.

    There is no defence against a massive ddos is that correct?
     
  25. herbalist

    herbalist Guest

    I wish you the best. The international nature of the net is much of the problem. Different laws in different nations. I don't see anything short of some form of international law, agreed on by most countries having any real effect. Just setting up an international agency with the skill and resources to fight this battle would be a big job. Then who pays for it? That's where any agreement will hit a brick wall, when the cost is figured out.

    The other part of the problem would be keeping such international laws up to date with the technology. If you've followed any of the international legal efforts regarding internet usage, they center around piracy. Amazing priorities, stopping the theft of audio files or someones "intellectual property" is more important than theft and malicious usage of anothers property (their PC). As long as the powers that be have such twisted priorities, nothing will get any better.
    Rick
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.