
SWI hit by another DDoS attack
#1
Posted 22 June 2004 - 11:23 AM
The forums were not effected by this attack.
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!
#2
Posted 22 June 2004 - 02:36 PM
Make a tool and spread it the legal way and organise a ddos session on cws.org. Think you could even do it legaly becaurse if the things cws is doing is legal why should it be illigal when we do it. Ow not doing it in the name of SWI ofcourse but if an anonimous would make a tool and do it to them.
The law isn't doing anything to stop this so why not take action ourselfs.
Serious here.
#3
Posted 22 June 2004 - 03:44 PM
Mike's been trying to spread the word about SPYBLOCK Act, S. 2145, which if passed should help ease the problems of malware a great deal, so contact your senators and spread the word.
#4
Posted 22 June 2004 - 04:09 PM
Edited by SirPeter, 22 June 2004 - 04:09 PM.
#5
Posted 30 June 2004 - 07:19 PM
I was wondering about DDoS again, is it even legal?
Cause honestly... I know this may sound dumb... but why not? They deserved it more than anything...
Otherwise, if it is legal, who's up for some secret meetings outside SWI

Hahaha, just kidding, I don't personally think we should lower ourselves to their level as a group... but thinking OUTSIDE of SWI, as individuals, if it is all legal, why not? As long as we don't do this on SWI's behalf, and we do it as individuals...
I don't know...
Bad Idea though...
Cleaners
Ad-Aware CWShredder Hijack This!
Sasser virus Removal
Sasser Removal
Proudly Developped CWS Search in VB6 and VB7(.NET)
Co-Owner of TechnoFusionElite.com > Personal Domain
#6
Guest_Guest_*
Posted 30 June 2004 - 07:50 PM
#7
Posted 05 July 2004 - 07:21 PM
side note:
I used to mail-bomb spammers by sending 'em 500K chunks of aggregated spam that I'd gotten previously. After about 4 to 10 <send> buttons, they'd start bouncing as their server went full. Poetic justice, if you think about it. One of 'em complained that their mailbox blew up (my heart bleeds for you) and my ISP warned that further retribution on my part would end my access. I've played nice since then. The tech guy at the ISP was amused at what I was doing, but it was illegal and he had to play it hard. I'm sure he was wishing he could figure out a way to do the same thing legally.
Soapbox:
With this latest round of hijacks and malware the last several months, it's getting bad enough that The Herd may finally stand up and bleat their annoyance. If the entire Internet Community agreed, we could IDS (Internet Death Syndrome) the servers that are foisting this cr#p off by simply not routing packets to or from them. They do NOT have a "right" to attack computers at random, and we can stop 'em. It'd take coordinated effort with the routers surrounding 'em, but it's do-able. Personally, I'd take the same approach with SPAM, but it's getting a lot harder to track the idiots down. If you figure out how many man-hours have been lost due to SPAM and hijacks, this last several months counts as a worse disaster than most hurricanes, and it's approaching World War status.
It'd likely only work in a few countries, but we COULD filter out the stuff being thrown in from offshore with sufficient packet filtering. They'd have to beef up the main nodes to handle the excess processing, but it's just tech, and we can handle that if we choose to. What say you, sheep?
#8
Posted 06 July 2004 - 12:10 AM
#9
Posted 06 July 2004 - 06:33 AM
Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.
#10
Posted 06 July 2004 - 07:51 AM
Especially if the Evidence ELiminator site is right :eek:[...]
Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.
Malware esan mala, ji mi disaman. SWI ji kikan ekster!
PM me if you know what that says. Whoever gets it right gets put here!
Bagman wins, good job!
#11
Posted 06 July 2004 - 01:29 PM
Edit: Not a DDoS attack this time. The main web server has died.
Edited by Mike, 06 July 2004 - 03:21 PM.
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!
#12
Posted 06 July 2004 - 02:51 PM
#13
Posted 06 July 2004 - 03:09 PM
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!
#14
Posted 06 July 2004 - 03:36 PM
They still use those????Especially if the Evidence ELiminator site is right :eek:[...]
Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates
Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file
Please donate to the site to help us help you. Info found HERE

PROUD member Since 2004
#15
Posted 06 July 2004 - 10:13 PM
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!
#16
Posted 07 July 2004 - 02:17 AM
Anyway I hope you can save the data

#17
Posted 07 July 2004 - 06:46 AM
Not the most professional act in the world; morons.Of all the BULLSHIT! The host for the server the forums run on SHUT THE DAMN THING DOWN! Completely without warning!
Anti-Virus (Only One of these)
AVG Avast
Firewall (Only One here too)
Kerio(Direct Download) Zone Alarm
Misc. (Use all 3 together)
IE Spyads SpywareBlaster Spyware Guard
Windows Update (Once a week)
get all CRITICAL Updates
Things you want(Still Free)
Mozillia Firefox
Google Toolbar (stops pop-ups)
Ad-Aware
Spybot S&D
MS MVP Hosts file
Please donate to the site to help us help you. Info found HERE

PROUD member Since 2004
#18
Posted 07 July 2004 - 07:33 AM
Unified Network of Instructors and Trained Eliminators - Member since 2007

Rants and other stuff: NoIdea.US
#19
Posted 12 July 2004 - 07:23 AM
#20
Posted 12 July 2004 - 01:45 PM
It is certainly something the government should take an interest in. It is not only counterproductive for users to have to waste their time cleaning and defending against this unethical eruption of code, but could be considered a threat to national security. What if there was another Bin Laden patiently planning a multi DDOS attack to shut down critical systems in our country? (Power grids, defense communication sattelites, etc) "Can't happen" you say?
You need more than just a law. You need public awareness. That creates political pressure that gets things done. Maybe a good place to start would be getting large corps like Dell and Microsoft to acknowledge the problem and lend a hand. ($$$) After all it's in their interest as well. Then you will have $$$ not only to run your site, but hire a political activist to get that public attention you deserve.
As for me, I will do my little part and drop a check in the mail to you. My way of saying thanks for the help, and go get em!

#21
Posted 12 July 2004 - 03:47 PM
My sentiments as well. I also agree with Exasperated in Phoenix (earlier post)I feel we do not need to use their methods. The work that is being done here must be having some effect or they would not pay any attention to the work being done here.Another point is that what is done in here is done for righteous reasons and not for monetary gain.That I assure you pisses them off.We are on the right track here!The attacks are a good sign.The more you figure them out and undue their evil the harder they have to work, and if they want to spend time DDosing us so be it. That's less time spent on writting new evil programs to get around us.We are in their face and they don't like it!!
We do have to take the high road. Why let them or anyone else think we are no better than they are? We ARE better. Those who sit around coming up with this crap have way too much time on their hands. And NO life at all, IMO.
I am turning into a crusader since my battle with these nasties. Just this morning, I got a pm from my sis at the ComputerCops forum. I had told her about how viruses can be sent through messenger systems and she doesn't believe it!
I sent a rant to her...

ok...I'll quit now....guess I'm still on the rant, huh?
Deb

#22
Posted 13 July 2004 - 04:47 PM
why is it illegal for us to do it and not for them? not that i'd know how...Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.
Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.
#23
Posted 13 July 2004 - 11:20 PM
#24
Posted 14 July 2004 - 04:27 AM
I agree completely.Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.
Let's face it:
The adware pushers and the cws and alikes DON'T do this stuff because they get a sadistic pleasure out or messing up people's PCs, or because get off on knowing what Pr*n sites someone visits.
They are in it for the money. And they succeed.
This is why spyware busting is a lot harder than virus busting. These guys have money to throw at it, at monitoring boards, buying anti-spyware to get around it, buying dozens of domain names and hosting in some far-off places.
So if you want to kick them, kick them where it hurts. In the wallet.
This takes a bit more work, but it certainly is doable. We have been doing it also, with some mixed success.
How?
- Install the adware/spyware.
- Examine it to see if you can find the urls of the ads inside,
- Trigger the ads (by visiting popular shopping sites,...)
- Note and document the exact URLs of the ads
- When you have those, you can start complaining to the vendors of the advertised products (most of the time they don't know about this scam), and to the "affiliate processors": CJ, Linkshare. Chance are that they will terminate the adware owners affiliate account. Even if they don't, we can warn other vendors using the processor not to allow the adware guys to be their affiliates.
Getting them kicked out of an affiliate program for fraud or the likes WILL hurt them.
Come to think about it, it might be good idea to put up an article on this, and to have a central point to organise this.
Anybody interested in joining this fight?
#25
Posted 14 July 2004 - 04:45 AM
Had the same problem before. We actually melted 2 disks in 8 months on the previous server.My main web server in Atlanta has died. The data center techs are pulling it apart now to see if the data on the hard drives can be saved
Our current provider also has the option for a backup data server, where we now backup all our data to every night.
Let me know if I can be of assistance,
#26
Posted 14 July 2004 - 02:47 PM
yikes!How?
- Install the adware/spyware.
the 'isearch' thing took long enough for ad aware to get rid of... like, 2 months or something, when i highlight something on IE and right click, i get the option to 'isearch the web'
hmm maybe i dont run ad aware often enough... but it certainly did miss it for a long time
and maybe i should start using more anti spyware programs...
#27
Posted 14 July 2004 - 04:28 PM
I'll be saving the server backup files to another server from now on. I could have lost 14,400 newsletter subscribers, all the content on the site and the entire malware collection in that little disaster.
Spyware: What you say!!
SpywareInfo: You have no chance to survive. Make your time!
#28
Posted 15 July 2004 - 10:45 PM
That is a great idea. I would def. do my part, although i don't have the most free time in the world. And also i dont know too much about computers i'm afraid to add ad-ware to my CPU, i already got some that i can't even get rid of. I have in the past written letters of complaints about one company to another, and to some FTC and other government places, probably wrote to the wrong department anyways...I agree completely.Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.
Let's face it:
The adware pushers and the cws and alikes DON'T do this stuff because they get a sadistic pleasure out or messing up people's PCs, or because get off on knowing what Pr*n sites someone visits.
They are in it for the money. And they succeed.
This is why spyware busting is a lot harder than virus busting. These guys have money to throw at it, at monitoring boards, buying anti-spyware to get around it, buying dozens of domain names and hosting in some far-off places.
So if you want to kick them, kick them where it hurts. In the wallet.
This takes a bit more work, but it certainly is doable. We have been doing it also, with some mixed success.
How?
- Install the adware/spyware.
- Examine it to see if you can find the urls of the ads inside,
- Trigger the ads (by visiting popular shopping sites,...)
- Note and document the exact URLs of the ads
- When you have those, you can start complaining to the vendors of the advertised products (most of the time they don't know about this scam), and to the "affiliate processors": CJ, Linkshare. Chance are that they will terminate the adware owners affiliate account. Even if they don't, we can warn other vendors using the processor not to allow the adware guys to be their affiliates.
Getting them kicked out of an affiliate program for fraud or the likes WILL hurt them.
Come to think about it, it might be good idea to put up an article on this, and to have a central point to organise this.
Anybody interested in joining this fight?
but just tell me what to write and to who and i'll do it whenever i get around to it!
-Lem
#29
Posted 16 July 2004 - 11:13 AM
Do you not backup the site to your own hard drive as well Mike?I'm taking care of the redundancy. Thankfully it was a raid array, so the other hard drive saved all the data.
I'll be saving the server backup files to another server from now on. I could have lost 14,400 newsletter subscribers, all the content on the site and the entire malware collection in that little disaster.
www.isecurity.org.uk
Useful Diagnostics:
Disable System Restore
Post a Hijack This Log
Download ALL Critical Updates and Service Packs
Show Hidden Files and Folders
Perform an online virus scan ----- Test your firewall ----- Donate to SpywareInfo ----- How did I get infected?
#30
Posted 21 July 2004 - 01:44 PM
Just incase anyone doesnt know what a DoS is, heres some links (Gibson Research wrote up some reports when they got attacked - tells you pretty much everything from symptoms to solutions)
http://www.grc.com/dos/grcdos.htm
http://www.grc.com/dos/drdos.htm
This guy is bright! Even if you know what they are, i suggest you read. The guy even infiltrated the virus's communication system (the virus that goes to the 'zombie' machines)!
#31
Posted 22 July 2004 - 05:19 PM

Having been away from the forum for a month, my return found that my ID and Password had been lost. I have re-registered and set up my preferences once more, but my history, postings and just about everything else had gone.

My question:

Regards and Best Wishes,

aka Mike Werner
Welcome to The Lubbock Lights.
#32
Posted 24 July 2004 - 12:19 AM
#33
Posted 24 July 2004 - 08:12 AM

Thanks for your reply, at least now I know that my previous work was worth absolutely nothing. Seems strange that before this, all memory and history was saved and brought forward.

I note that the "leaders" all have their history saved, but not the minions. I guess that we plebs have to start again from scratch, hardly seems worth it, just to have it all "lost" again, the next time all goes down?

The last time this happened, I found myself locked out, and it took some 4 weeks before I could get any answer to my entry problem, seemed just like no one even cared

Best Wishes,

aka Mike Werner
Welcome to The Lubbock Lights.
#34
Posted 24 July 2004 - 09:41 AM
Actually, no one had anything saved. Mike posted that he couldn't move anything to the new site because the database was too big.
see: http://www.spywarein...php?showtopic=2
For instance, cnm, an Administrator, had around 12,000 posts on the old site - since moving here, and starting at 0, she's now up to over 1700 - but she started at 0 just like everybody else.
With tens of thousands of members, sometimes individual problems do slip thru the cracks.
But, if no one cared about other peoples problems, this site wouldn't even be here, would it?
Online Virus and Trojan Scanners
Panda Software . . . Trend Micro . . . Bitdefender . . . Sygate Trojan Scan . . . Trojan Scan
Tools for Fighting Spyware
Spybot S & D . . . Ad-aware . . . CWShredder . . . HijackThis . . . PeperFix
Tools for Prevention
SpywareBlaster . . . SpywareGuard . . . IE-Spyad . . . avast! Free Anti-Virus . . . AVG Free Anti-Virus
Zone Alarm Free Firewall . . . Kerio Personal Firewall
Help support this site! Click here to learn how.
#35
Posted 24 July 2004 - 09:55 AM
We all had to re-register.
You will see that none of us are shown as joining before May 15.
The old board is still there and is readable (on a good day, that is - there are still complications from the proxies that make it often very slow or unavailable).
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#36
Posted 25 July 2004 - 04:42 AM
I wouldn't say that. If you helped a lot of folks in the past, including me, then we all remember what you did for us, regardless of your post count or other means of identification.now I know that my previous work was worth absolutely nothing.
I am extremely grateful for all the help given to me, both in the old board and in the new one. When my machine is giving me trouble, I don't care about name, post count, member status, avatar...etc,; all I care about is the human being on the other side who is kind enough to give me their time and advice.
So, Lord of the Rings, and everyone else who gives of their time, either in the old board and/or the new one: Thank You

Bobby
#37
Posted 25 July 2004 - 01:43 PM

I guess then it's back to normal, until the next time?

I just wish there was some way to strike back? (Just like the Empire)
without being illegal or dropping to their level.


Best Wishes and Thanks to all members.

aka Mike Werner
Welcome to The Lubbock Lights.
#38
Posted 25 July 2004 - 03:33 PM
#39
Guest_Guest_*
Posted 15 August 2004 - 07:14 PM
#40
Posted 15 August 2004 - 08:40 PM
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#41
Guest_William Ashley_*
Posted 16 August 2004 - 03:06 AM
Isp's can regulate all the transfers having "exclusions" and inclusions of datatags.I am relatively new to this, having just (finally) cleansed my PC of multiple infections of spyware. (Thanks again!) You provide a valuable service to the public. I too have seen a dramatic increase of these infections in recent months.
It is certainly something the government should take an interest in. It is not only counterproductive for users to have to waste their time cleaning and defending against this unethical eruption of code, but could be considered a threat to national security. What if there was another Bin Laden patiently planning a multi DDOS attack to shut down critical systems in our country? (Power grids, defense communication sattelites, etc) "Can't happen" you say?
You need more than just a law. You need public awareness. That creates political pressure that gets things done. Maybe a good place to start would be getting large corps like Dell and Microsoft to acknowledge the problem and lend a hand. ($$$) After all it's in their interest as well. Then you will have $$$ not only to run your site, but hire a political activist to get that public attention you deserve.
As for me, I will do my little part and drop a check in the mail to you. My way of saying thanks for the help, and go get em!
its just generally they dont get involved unless(unless I'm mistaken. I.E. business or government or someone making complaints etc.. and following up on them and what not.
Also a simple way of stopping abuse from outside is by setting up a filter for incoming data
the long run of privacy and security is going to be ip tagging of some sort that is website subscritpions only people with x ip will be able to get through site filters(unless the net doesn't get more corporate....) the ISPS can then get lists of data filters to static addresses. effectively censoring unwanted access.
Internally the networks should be planned as to not have critical systems connected to noncritical (interactive systems) honestly any powergrid or infrastructure issues is bad planning imo.
#42
Posted 16 August 2004 - 07:51 AM
#43
Posted 17 August 2004 - 10:39 PM
#44
Posted 20 August 2004 - 08:56 PM
side note:
I used to mail-bomb spammers by sending 'em 500K chunks of aggregated spam that I'd gotten previously. After about 4 to 10 <send> buttons, they'd start bouncing as their server went full. Poetic justice, if you think about it. One of 'em complained that their mailbox blew up (my heart bleeds for you) and my ISP warned that further retribution on my part would end my access. I've played nice since then. The tech guy at the ISP was amused at what I was doing, but it was illegal and he had to play it hard. I'm sure he was wishing he could figure out a way to do the same thing legally.
I would be very interested in learning this technique because even us old 34 year old's need our fun.. I am normally very tolerant, and understood my hotmail account being spammed with over 120 emails a day, but my ISP based email has now succumbed to it, and some days, payback is the only thing on my mind, after sifting thru 40+ spam emails, looking for the one important one from my relatives or friends. Even just to hit one or 2 of them, would maybe help alleviate my sadness.
Im in New Zealand, and we dont have very good anything down here.
Edited by kronos, 20 August 2004 - 08:57 PM.
#45
Posted 20 August 2004 - 11:12 PM
You will find that Merijn has a mirror site here.I find that www doesn't work _at all_, but www1 works like a dream. Unfortunately ~merijn is not mirrored there.
http://merijn.richar...lionhearted.com
I donated the space to Merijn to help in the fight against spyware and other parasites
- Excuse the Writing, I've Got a Dyslexic Keyboard
#46
Guest_Guest_*
Posted 24 August 2004 - 06:40 AM
1) NEVER click on the "unsubscribe" button and add your email address. You'll end up with more spam that way
2) If you get ad in via spam email, go to the website it suggests. Go to thier contact info and copy any email addresses you find there. Now take those email addresses and "unsubscribe" them from the rest of the junk you've recieved (I set up an html page for myself with a bunch of links). If you're REALLY annoyed...do a quick search for porn mailing lists in google....and sign them up for that crap.
3) It was mentioned earlier in this thread: Click on the links, and find out if they are "affiliate" links. Most paying affiliate companies have terms of service that do not allow spam email and other annoying activities. Report the link to the affiliate company...hopefully thier account will be closed down.