Jump to content
The Education Forum

Logging onto Forum


Guest Gary Loughran

Recommended Posts

Guest Gary Loughran

Recently everytime I go to the forum I am forced to log in before I can even preview posts. Quite often I would just read posts etc. only logging in to make an attempt at contribution or to view pictures.

Does everyone else experience this. As I type there are 16 folk on the forum 7 members, 7 guests and 2 anonymous. I assume this is the whole education forum and not just the JFK section?

Has there been a policy change applied, and if so, is it just to the JFK section?

Cheers

Gary

Link to post
Share on other sites
Recently everytime I go to the forum I am forced to log in before I can even preview posts. Quite often I would just read posts etc. only logging in to make an attempt at contribution or to view pictures.

Does everyone else experience this. As I type there are 16 folk on the forum 7 members, 7 guests and 2 anonymous. I assume this is the whole education forum and not just the JFK section?

Has there been a policy change applied, and if so, is it just to the JFK section?

Cheers

Gary

yes this is exactlty what is happening and i am wondering whats up, also.

not to mention what happened a couple of days ago when somehow the bandwidth was exceeded and i had to give up on trying to read

posts muchless log in.

i was following the wikipedia/cia discussion at the time, then abruptly could not get a connection to the server for some time before i gave up and went to bed.

i thought this to be an unnerving occurance.

Edited by Donald Diabo
Link to post
Share on other sites
Recently everytime I go to the forum I am forced to log in before I can even preview posts. Quite often I would just read posts etc. only logging in to make an attempt at contribution or to view pictures.

Does everyone else experience this. As I type there are 16 folk on the forum 7 members, 7 guests and 2 anonymous. I assume this is the whole education forum and not just the JFK section?

Has there been a policy change applied, and if so, is it just to the JFK section?

Cheers

Gary

yes this is exactlty what is happening and i am wondering whats up, also.

not to mention what happened a couple of days ago when somehow the bandwidth was exceeded and i had to give up on trying to read

posts muchless log in.

i was following the wikipedia/cia discussion at the time, then abruptly could not get a connection to the server for some time before i gave up and went to bed.

i thought this to be an unnerving occurance.

These events are connected. We have witnessed a massive increase in "guest" traffic over the last 10 days knocking us offline on 3 separate occassions in the last week.

I am forcing members to log in before the board is accessible for a little while so I can better monitor what has been going on.

Link to post
Share on other sites
Recently everytime I go to the forum I am forced to log in before I can even preview posts. Quite often I would just read posts etc. only logging in to make an attempt at contribution or to view pictures.

Does everyone else experience this. As I type there are 16 folk on the forum 7 members, 7 guests and 2 anonymous. I assume this is the whole education forum and not just the JFK section?

Has there been a policy change applied, and if so, is it just to the JFK section?

Cheers

Gary

yes this is exactlty what is happening and i am wondering whats up, also.

not to mention what happened a couple of days ago when somehow the bandwidth was exceeded and i had to give up on trying to read

posts muchless log in.

i was following the wikipedia/cia discussion at the time, then abruptly could not get a connection to the server for some time before i gave up and went to bed.

i thought this to be an unnerving occurance.

These events are connected. We have witnessed a massive increase in "guest" traffic over the last 10 days knocking us offline on 3 separate occassions in the last week.

I am forcing members to log in before the board is accessible for a little while so I can better monitor what has been going on.

I assume you get the IP addresses for these guests?

Hopefully this is a good sign which indicates newfound interest in this subject.

If the bandwidth problem continues, and if it would help, could you require guests to login also?

Link to post
Share on other sites
Guest Gary Loughran

Thanks for the reply Andy. Can guests still use the forum though? When I posted 7 were noticeable in the browsing tray.

Do you think there is a malicious purpose in the guests usage, such as DOS by exceeding bandwidth. I admit to quite often perusing as a guest, until I either need to post or view an image. FWIW.

Thanks again

Gary

Edited by Gary Loughran
Link to post
Share on other sites
Recently everytime I go to the forum I am forced to log in before I can even preview posts. Quite often I would just read posts etc. only logging in to make an attempt at contribution or to view pictures.

Does everyone else experience this. As I type there are 16 folk on the forum 7 members, 7 guests and 2 anonymous. I assume this is the whole education forum and not just the JFK section?

Has there been a policy change applied, and if so, is it just to the JFK section?

Cheers

Gary

Yup, same here. In fact its part of the reason I post less frequently, 'cause I'm so lazy I never changed my password so I have to look it up and don't bother unless I have something earthshaking (like this) to say.

It sure precludes the spontaneous response. But I understand your reason Andy and appreciate the explanation. This forum has a big ol' bullseye on it.

Link to post
Share on other sites

Excellent:

http://www.grc.com/default.htm

DOS attacks

"Nothing more than the whim of a 13-year old hacker is required to knock any user, site, or server right off the Internet.

I believe you will be as fascinated and concerned as I am by the findings of my post-attack forensic analysis, and the results of my subsequent infiltration into the networks and technologies being used by some of the Internet's most active hackers.

This page in PDF Format: If you wish to read, print, or share this page offline, you are invited to download this freely redistributable 137k byte PDF file:

http://www.grc.com/files/grcdos.pdf

When you are through with this page, you may also be interested in seeing the report of the January 11th, 2002 "DRDoS" attack. The report contains very thorough explanations of bandwidth floods and traditional denial of service attacks:"

While there check out "Shields Up". Some may be surprised.

Seems to me Andy is doing a progressive Kline with rules. I wonder how effective that really is?

"DRDoS – The Distributed Reflection Denial of Service Attack

GRC.COM was attacked on January 11th. We were blasted off the Internet by a next-generation distributed denial of service attack employing innocent third-party servers. The complete report and explanation is now online.

What Happened?

On the evening of May 4th, 2001, GRC.COM suddenly dropped off the Internet:

GRC.COM Bandwidth Utilization

Stemming the Flood with Our ISP

Within a minute of the start of the first attack it was clear that we were experiencing a "packet flooding" attack of some sort. A quick query of our Cisco router showed that both of our two T1 trunk interfaces to the Internet were receiving some sort of traffic at their maximum 1.54 megabit rate, while our outbound traffic had fallen to nearly zero, presumably because valid inbound traffic was no longer able to reach our server. We found ourselves in the situation that coined the term: Our site's users were being denied our services.

I had two priorities: I wanted to learn about the attack and I wanted to get us back online.

I immediately reconfigured our network to capture the packet traffic in real time and began logging the attack. Dipping a thimble into the flood, I analyzed a tiny sample and saw that huge UDP packets — aimed at the bogus port "666" of grc.com — had been fragmented during their travel across the Internet, resulting in a blizzard of millions of 1500-byte IP packets. Mixed into this appeared to be ICMP debris from large-packet ping commands.

We were drowning in a flood of malicious traffic and valid traffic was unable to compete with the torrent.

At our end of our T1 trunks, our local router and firewall had no trouble analyzing and discarding the nonsense, so none of our machines were adversely affected. But it was clear that this attack was not attempting to upset our machines, it was a simple brute force flood, intended to consume all of the bandwidth of our connection to the Internet . . . and at that it was succeeding all too well."

It brings to mind the US Airforce Cyberspace division, as well as the Young Republicans Cybergoons, which are set up to do just this sort of thing. However, it can just be a contractor to some grouping, or an individual.

The first thing that needs doing is an ongoing real time logging of traffic and then have a specialist analyse the data. Klining may help to pinpoint but quite possibly only if the attack is poorly thought through. The router needs to have effective filters put in place.

The FBI will only act if damage exceeds $5000.

There may be a number of Zombies at work here.

The solution is ultimately a collaboration including with router manufacture to develop effective filters. A fast response with solid filters will at least reduce the damage.

Some countries ISP's seem less interested in stemming the problem.

All members and visitors should tread the GRC info and take care to check regularly for infections that may contribute to these attacks.

I wonder if the Cybergoons and other attackers apparently centered in Texas is significant. The goons did work out of Dallas. I would also watch the USAF and the former USSR states like the Ukraine.

Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
×
×
  • Create New...