Key Posted August 23, 2015 Share Posted August 23, 2015 Hello everyone! We're under a new DDoS attack, this time on SYN. We have implemented a few additional security measures. Everyone, before posting or sending any PM/VM, please copy the text just in case. The security measure makes the page turn white now and then, especially when sending PMs. In case you get a white page, please hit the back button of the browser a few times and then paste the saved text. We are trying our best to block the DDoS and gather as much info as possible regarding the identity of the attackers. I know it's inconvenient, but please bear with us for the time being, until the attack is completely mitigated. Link to comment Share on other sites More sharing options...
Saga Posted August 23, 2015 Share Posted August 23, 2015 You know I never post nor comment in public on these matters. And you know I am blunt. But I've got two words for these people. ... Pitiful Simpletons. Link to comment Share on other sites More sharing options...
Emo-Lightning-No.6 Posted August 23, 2015 Share Posted August 23, 2015 Good luck fighting those stupid people... ^w^ Link to comment Share on other sites More sharing options...
Dai Posted August 23, 2015 Share Posted August 23, 2015 Sad I wish they had better things to do. Thank you for all the work guys and good luck! Link to comment Share on other sites More sharing options...
nyami Posted August 24, 2015 Share Posted August 24, 2015 maybe you should look into getting kasperysky to protect the site or something costs money but kaspersky has always been in the top 5 anti virus programs Link to comment Share on other sites More sharing options...
Lemur7 Posted August 24, 2015 Share Posted August 24, 2015 thanks for the heads up....and I hope you gets the ass-wipes doing this... Link to comment Share on other sites More sharing options...
topolino rosso Posted August 24, 2015 Share Posted August 24, 2015 thanks!! those are stupid people :Stomping: Link to comment Share on other sites More sharing options...
Key Posted August 24, 2015 Author Share Posted August 24, 2015 @ Please Register/ Sign In, in order to see the links. It's not a virus, we already have a good anti-virus installed on the server. This is an attack on SYN. The attackers basically create a continuous request to our server so they 'occupy' all the available slots to bring it down. As I said, I've raised the protections to mitigate the attack. Anyway, during the attack, even if we are mitigating it, members might experience slowness and even down time. Link to comment Share on other sites More sharing options...
Kurai Hoshi Posted August 26, 2015 Share Posted August 26, 2015 Good luck in fighting them.. What I always ask myself is why attack pages like this? I can "somehow" understand attacks on political forums/plattforms but honestly a simple forum for yaoi??? don't they have a life??? Link to comment Share on other sites More sharing options...
yaoifangirl Posted August 26, 2015 Share Posted August 26, 2015 Please Register/ Sign In, in order to see the links. I also asked this myself, but the answer is simple: other yaoi rival sites. Link to comment Share on other sites More sharing options...
Kokuran Posted August 28, 2015 Share Posted August 28, 2015 Thanks for the info and good luck finding these m.... Please Register/ Sign In, in order to see the links. For calling yourself blunt, you're really polite - impressive. Wish there were more people with that kind of Zen in forums. Link to comment Share on other sites More sharing options...
AnimeRob1337 Posted August 28, 2015 Share Posted August 28, 2015 I'm sure you have better resources at hand, but just in case.. I am a level 1 desktop technician / network technician. Ideally you'd want to limit # of simultaneous connections per unique MAC address -- they can set up algorithms to change the IP on the fly, cloning MAC addresses while trying to keep thousands of active requests going... a lot harder. I've never heard of an apache [especially for a community like ours; who the hell had the resources to DDoS an appache ,,, ? And why US? ] being taken down by DDoS, with such a limited community / limited potential "foes" [iE: It's not a "Clan" website for some team based gameplay. P.S.: Should have thought of this earlier... but if you get me a target IP; I have a 100mbit up/down line at my house. [business fiber optic] ... happy to donate revenge bandwidth ... IT people contact me with info if you want... Link to comment Share on other sites More sharing options...
Saga Posted August 28, 2015 Share Posted August 28, 2015 Hello AnimeRob1337, I am not a tech person, I am more on the graphic/design side of YO. But I surely have my dose of knowledge on some matters other than the graphic world plus inborn logical thinking. In the last few months I've read a lot about DDoS. You are right about 'the limited' potential but yet not. I understand that exactly yaoi site is less possible to be attacked than, per say, server of LoL or DotA. And yet, why not. Because to be attacked divides to rather small group of reasons; * a rival site/community; * for revenge (as I read you suggested which I personally think is not needed nor something wise); * believe it or not, for the heck of it * --- I leave one slot empty because sometimes human's reasoning is beyond ridiculous. Now we come to term with the reasoning why and who could attack YO. To be honest, speculations and version just like a storm. I never favored narrowed and limited possibilities. However, if we say it is a rival site it is not wrong. YaoiOtaku is not the only yaoi/manga/anime/BL drama and RPG, and so on and forth community. Possibilities are quite colorful and I believe this is used as a plus, in case the attacker is a rival. Now we come to the other reason, revenge. Funny though...YaoiOtaku never did something unfair or low. We treated everyone equal and we always make compromises. The staff as well is earthy and our rule number one is - treat everyone kind. Believe me or not, for the 4 years in YaoiOtaku I have been offended by a lot of users. I've seen arrogance and impossibly passive rudeness. Not even once we went banning around just because someone decided to speak boldly or harshly; we have a warning system polity (everything has a limit, you know). However, people really love to use 'the freedom of speech' as a cover while abusing and breaking constantly rules. Back to the topic; in case someone decided 'it is for revenge'... er, the only revenge they can think of is 'just because the site exists'. I mean it; if you browse around manga section, you will see manga taken down due to scanlator groups' requests. We do not ignore, we do not ban - we follow wishes. I don't get what revenge is there to take on us. Or if there is one 'self-made', this person is sick. And I will stand behind my words, whether is someone 'VIP' or a plain hater. And we go to the idea of 'just for the heck of it'. Indeed, some attackers just kill time doing it as we kill time reading manga. However, if users carefully follow the chronology or have done so... they will see an interesting pattern of the attacks. We never fail to get one around the end of August - beginning of September. Which means, this launch of attack is planned. When do you plan things? When you gather money. So, the one doing it,... there is a chance of the likely 47%, pays for the launch. If you want to attack, you just attack. Be it tonight or in one week - when you feel like it. But well drawn pattern is only when you plan. And here I reach the heat of my thoughts - who on the hecking earth gathers money...to use them/spend them on launching attacks? We surely speak of a very narrow minded person. (: As an ending I want to say, by no means the said in my post should be taken for 100% true. Remember, this is a simple logic for which you don't need complicated stats, you don't need tech knowledge, you don't need rank and you don't even need to be yaoi fan nor YaoiOtaku user to follow such a plain chain logic. Best regards, your Truth-speaker, Saga. Link to comment Share on other sites More sharing options...
Giggly Posted August 29, 2015 Share Posted August 29, 2015 For anyone wondering why a DDoS against YO affects you, here's my take: My understanding of the YO architecture when it comes to the server, there is one server. The server then transmits information to a cloud based system (cloudflare) which then monitors a users MAC ID etc etc. When a user connects to YO your seeing a version of the website hosted inside a cloudflare server, not the original server. This is to protect the original server from a direct hack, which could result in passwords being stolen etc. Since YO is own and funded largely by a single individual (Key) this is the most cost effective way to maintain a consistent level of operation (keep it running). The reason an DDoS attack against say League of Legends(LoL) doesn't effect the end user, falls down to the hosting architecture. Instead of LoL using 1 single primary server (like YO does), they have clusters of servers globally. This means when one server is DDoS'd or the traffic gets to great the end user is connected to a new server cluster. This makes downtime nearly impossible from an outside attach, unless all servers where hit at once. As you might of guessed, this sort of set up is extremely expensive and would require nearly thousands of dollars to maintain a month. Link to comment Share on other sites More sharing options...
Virdian* Posted August 31, 2015 Share Posted August 31, 2015 Those people just don't have anything better to do.. Link to comment Share on other sites More sharing options...
AnimeRob1337 Posted September 3, 2015 Share Posted September 3, 2015 Unfortunately everything said so far is.... unfortunately true. It's hard to locate a multiple or scattered or masked/spoofed/proxied address; and if it's a multifaceted attack based on our one [mirror, as I understand it, to protect the actual server -- but it's more like ... a copy of the site on a cloud database, not a mirror... but the similarities are many.] ... that makes it harder. Ideally yes, you'd want to have a backup daily sent to a server ; what I used to do for our old RUNESCAPE CLAN ... dear god, what have I done, lol. Yes. I was a runescape nerd from 13-18 while going through my yaoi discoveries as well. -- What I did for the clan website that was cheaper than paying for hosting, was take my old gaming/graphics machine, loaded Windows Server 2007 on it, and hosted from there. Then put in 26 character hexidecimal passwords on all access, 100+ bit encryption, if they take the real site down, then you could actually civilly sue them if they went after /your/ backup server machine at home. That'd be a direct attack on you and your ISP at your secondary hosting location [home] -- If anyone on the tech side wants to brainstorm, chat, etc, It's been a while since I've used IIRC for chat, but I have some old secure channels we can speak on. Proxy up for safety... I always consider masking my internet ID when discussing items of grey area .... don't need anyone minding my own business but me. I'm free to help as much as I can, and know a few tech people who could also give advice. Does anyone have specs on our cloudspace server's statistics? That'd be a great start for me. I want to breathe a new life into this community! More passion, more fun, more fluff, more talk! We are too limited and sticking together is the key. SO SPOON ME! JK, just let me know what you think of my ideas. For the at home backup server I would recommend at least an Intel core I5 w/ 4 gb memory, minimum. I7 with 8gb would be better, along with a seagate 15k rpm/64mb cache or an SSD harddrive for the content. I can point you to a custom PC building website that's very fair [ they helped me build my last 3 custom machines.] -- or lead you with what you have. Consider me your IT yaoi slave .... it's kinda hot. :_red_fox 4 .... LOL ))) EDIT: You know, I just remembered one of my best tactics! If we can get the info on when their attacks will take place again, or even get some basic data logging, I can continiously flood their ports until their switch/router reboots and they'd have to reprogram everything. Anyone here [iN ADMIN] have a US phone? I can PM you mine and if an attack starts, I can fire back and hopefully run a traceroute on our REAL target. This is a loving, caring, sharing place. I will not sit idling by while some foolish group exploits our website/community. Edit2: PPS: If anyone feels like being generous.... please read my BL/yaoi thread and contribute anything you think falls in that category. That would be more than thanks enough for my minor assistance here. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now