Is CastleCops Wiki accessible?

Discussion in 'other security issues & news' started by bellgamin, Jul 10, 2008.

Thread Status:
Not open for further replies.
  1. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Castlecops main forum comes on, but sloooowly. However, their HIPS Wiki page, which we often refer to, is totally unreachable for 3 days now.

    Is anyone able to reach that Wiki site? Does someone know the CC Administrator well enough to let him know about this issue?
     
  2. subset

    subset Registered Member

    Joined:
    Nov 17, 2007
    Posts:
    825
    Location:
    Austria
    Source: http://www.castlecops.com/

    Cheers
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Thanks subset.

    Wow -- those poor blokes seem to draw a lot of DDoS attacks!!! I wonder why?

    I wish LWM or one of the other inner sanctum fellows would drop by & explain CC's frequently recurring DDoS problem.

    Uhhh... does anyone care to explain what is a DDoS exactly, why is it done, & by whom (usually)?
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    I would but then I'd have to....:p

    A thread We had a few months back when DSLR was being hit is a very good read with some supplied links. This post for instance, which is just one of many with DDoS explanations.
     
  5. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Thanks for the link, Bubba. An interesting read. I still wonder why CC is so often a target.

    P.S. Because of this ap-cray, I now intend to donate $ to the fund for improving their servers.
     
  6. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Hi bellgamin,

    I would assume that the ddos attacks are occuring because CastleCops help authorities shutdown malware and phishing sites as well as spammers. They also help users clean up there computers and educate them which all translates into lost profits for the bad guys.
     
  7. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Shazam! I am now a "friend of Castlecops" because...

     
  8. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    Bummers. Now the Castlecops forum is also unreachable, so I cannot as yet donate.

    Does anyone know if there is an alternate URL for CC?
     
  9. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,779
    I haven't been able to get there for some time, when I have tried off and on. No idea about an alternate.......
     
  10. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
    It's back up. The forums that is.
    Very very slow at loading but I can get there.
     
    Last edited: Jul 13, 2008
  11. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
    No such luck here; I haven't been able to get there since I got up this morning (about five hours ago)

    There is no alternate url, and the Malware Lists 'mirrors' are unavailable as well.
     
  12. Red Dwarf

    Red Dwarf Registered Member

    Joined:
    Jan 1, 2007
    Posts:
    9
    As a major thorn in the side of spammers and other cybercriminals, Castlecops has been a prime target for criminal attacks.

    In recent months the Castlecops Wiki pages have documented tens of thousands of spammed sites that have been suspended on request by several of the most abused registrars in China (Xin Net, Beijing Innovative Linkage Technology, Todaynic, Bizcn). This will have been a kick in the butt for cybercrime.

    The other activities of Castlecops to rein in spammers (SIRT) malware (MIRT) and phishing operations (PIRT) and to prepare evidence for law enforcement for the arrest and prosecution of the perpetrators has also made the site a target.

    It is possible, if not likely, that this is the reason for the latest round of Denial of Service attacks, designed to take Castlecops off the air.

    The site owners are taking measures to mitigate the attack, of course. It is not for me to reveal such measures. But given the close relationship between Castlecops and law enforcement, I question the intelligence of the attackers.
     
  13. Red Dwarf

    Red Dwarf Registered Member

    Joined:
    Jan 1, 2007
    Posts:
    9
    Paul has just updated the status report:
    This past week has brought a series of unfortunate events. The wiki, hashes, german and mirrors #1 sites are all moving from ApplicationX to ISC.org due to DDoS attacks on CastleCops there. Simultaneously, the main site had its MySQL server overused which is on a shared server. We are working on recovering performance. Since Saturday morning we have Analyzed and Repaired all tables. Right now we are Optimizing them with no ETA.
     
  14. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    Do you mean ETC instead of ETA (I am presuming that you are using an English acronym)?
     
  15. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
  16. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Any news about the situation now? I was able to view and post (I think) in the forums some days ago but it was slower than a turtle in slow motion and now I can't even get in.
     
  17. Londonbeat

    Londonbeat Registered Member

    Joined:
    Sep 21, 2006
    Posts:
    350
    Is castlecops still being attacked? I've found it slow and sluggish for a few weeks but haven't been able to access the forum at all today, connection just times out
     
  18. TonyKlein

    TonyKlein Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    4,350
    Location:
    The Netherlands
    Reportedly, the principal problem recently has been the server being unable to handle the amount of traffic required, and, again reportedly, a new server is being built.

    No further information as yet, I'm afraid...
     
  19. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Thx, nice to know that.
     
Loading...
Thread Status:
Not open for further replies.