[Help] Prevent DDOS attack.

Ask your general or IRC related questions.
User avatar
YounGun
Posts: 164
Location: Bucharest, Romania

Post by YounGun »

Maybe before launching into brainles conversations, you could search the web : http://www.cisco.com/warp/public/707/newsflash.html

This is a full list http://www.denialinfo.com/
Image

User avatar
lemuel
Posts: 408
Location: Southeast Asia, Philippines

Post by lemuel »

yeah thanks anyway for those websites...

Irku
Posts: 206
Location: bucharest

Post by Irku »

Changed: Spybot search & Destroy is good for removing RadLight :lol:
Jay`z: protect your ports, log everything suspicious and pray for your ISP not to be attacked with 200MBps from your fault :lol:
And, by the way, ddos can deny ANY service, even IRC. So what I'm sayin is that some idiot could 'nuke' your mIRC with too many privmsgs from constantly changing nicks, from thousands of hosts.

P4rD0nM3
Posts: 10

Post by P4rD0nM3 »

You can lessen the chances of being DDoS'd, but once they want to DDoS you...you can't do anything about it.

PS: What you call script kiddies are not taht dumb...though most of them are...some are really good.

OUTsider
Posts: 435
Location: Netherlands

Post by OUTsider »

A firewall is useless on the endpoint, because the malicious packets already entered the line. The firewall only prevents replying to them so your upstream doesn't get filled. But when your downstream is full it is already too late.
The only decent way of filtering DDoS attacks is filtering the malicious traffic as high as possible. Prefferable at the attackers ISP itself. Which is not possible since most ISP's are slow in responding to mail. Don't easily believe in the fact that there network has been compromized because they think to be the elite of administration etc etc etc.

About virusscanners: Good, well known scanners ? Gee, I hope you don't mean norton antivirus, coz it <censored>. A lot of people I had to help in the past had it, kept it up to date and still got infected. Also norton is not able to remove trojans in most cases. Users end up entering safe mode and fix issues manually. And with those noobs all around the globe running XP that is going to be a hard lesson for them. They end up reinstalling a complete system coz of a silly small trojan they can't get removed. Another issue is that every trojan scanner has it's pro's and con's. Some do detect trojan X, others don't but do detect trojan Y which others don't do etc etc etc.

The company's involved in trojanscanners should combine there forces regarding making scanning patterns for trojans instead of working on there own. Every scanner should be able to detect all currently known trojans.

The same about trojanscanners can be said about adware/spybot scanners (Spybot S&D is nice, but why do you think it has support for ad-aware as well ?). They also don't detect it all. Just run adaware, then spybot. And if you think thats all, go to http://www.webroot.com and do a Spy Audit (link on the right top of the page). Don't feel surprised about the result.
Don't bother reading, I'm just the lame botlender, right ?

User avatar
lemuel
Posts: 408
Location: Southeast Asia, Philippines

Post by lemuel »

Hi!

Well I found one page about DDOS and sounds interesting I read the immideate and long prospects about DDOS.
This is the page - http://www.linuxsecurity.com/resource_f ... paper.html
I love Maria Katrina Rey

Irku
Posts: 206
Location: bucharest

Post by Irku »

Lemuel:
...And the compromised machines that are found will contain no evidence that can be used to locate the original attacker; your trace will stop with them...
Do you agree with that ? I think that once found, the "rootkit" can be reverse-engineered, conducting to the hacker. And that's all with ddos. Nothing is perfect on the Internet. A determined admin will always have the chance to catch the attacker. Everything's cool with that website you mentioned above, but they never mention that almost every ddos attack originate from irc. Major networks like Dal and Undernet are used as starting points (testing zones for script kiddies), while the ex script kiddies, actual hackers, make their own playgrounds, deploying ircds (eg bIRCD) on hacked hosts with huge band & uptime.

http://rootkit.host.sk - Morphine
http://askmatador.com/ep/bots/

And then start searching on Google something like "download this and that" to get a lot more irc-profiled, ddos sites.


yo, u might not thing of this as anyomous, but its not real info, its a stolen earthlink, so its good, now, to speak of the implemented attacks, yeah its me, and the reason me and my 2 other contributers do this is because in a previous post you call us "script kiddies", atleast so i was told, so, i teamed up with them and i knock the hell out of your cicso router, and....im building up more bots, no, not sub seven lame ass script trojans, i made my own, and it seems quite effective does it not? seems to me that ur backbone has trouble handling the crap sent at it, go ahead and drop icmp pings, u still need to say "NO" to them so it still takes
bandwith, thats where tracert comes in, to find the t3 box ur on, nice, i see u stop it as-of today, :) good for you, now ill find ways around it and we can keep playing these games, i find it very fun, shout out to hellfirez and drgreen, and yeah the hellfirez from subseven, hes a friend and he isnt a script kiddie u stupid hello...now, if u wish to talk to me in person, hows irc??? talk to WkD, the nick wicked was taken, good luck :)


This is how a kiddie talks... (Wicked, the attacker of grc.com)


And by the way... http://hxdef.czweb.org/antidetection.php --> I wonder who pays for that hello

j4l4ni
Posts: 4
Location: MSU @ Lanao Del Sur

Post by j4l4ni »

why.. what's the effect of ddoss atack on my computer?

can u explain please.
Ituloy Angsulong
JALANI C. MONTILA
MSU Chan MAn

User avatar
Jay`Z
Posts: 131
Location: East Side

Post by Jay`Z »

j4l4ni wrote:why.. what's the effect of ddoss atack on my computer?

can u explain please.


The link Lemuel provided ( http://www.linuxsecurity.com/resource_f ... paper.html ) explains it very well. You should read it.
"All people have the right to stupidity but only some of them abuse the privilege"
Image

User avatar
lemuel
Posts: 408
Location: Southeast Asia, Philippines

Post by lemuel »

indeed.

Thanks for the compliments. :wink:
I love Maria Katrina Rey

j4l4ni
Posts: 4
Location: MSU @ Lanao Del Sur

Post by j4l4ni »

oh i got it now. :P ddos for websites and box.. also for router? hehe.

thanks
Ituloy Angsulong
JALANI C. MONTILA
MSU Chan MAn

Lion-O
Posts: 11
Location: #linux

Post by Lion-O »

Best ways to prevent it from happening with regards to undernet would be making sure you're always logged into X and turn on usermode x (/mode <yournick> +x). Something which is getting harder with the day with all the netsplits going about.

The second, but this only applies when you set your hidden hostmask, is to never accept dcc related traffic. dcc chats, sends, etc. Because those can be abused to discover your IP adres after which you're vulnerable again.

I really wonder if undernet (ircu) will ever support instant cloaking now that the net is litterally infested with kiddies and drones.

Oh.... :classic:

That option could "displease" some kiddies off so I guess it'll never happen.
With kind regards, Lion-O

Dooku
Posts: 122
Location: Coruscant

Post by Dooku »

I hate ppl who use DDoS , i hate proxys i hate them ! they are just like hookers who get u drunk and steals your money , they don't have respect , they are "cheating" . "I'll DDOS your ass and undernets in minutes!" ITS A CHAT NETWORK !!! u don't like it ?! LEAVE IT !!! :devious: and let us chat and make your own net where u will be able 2 make there 1000000 of clones and what u want and ddos there , untill they will understand this ... the only solution is that we must ..... don't know shoot them ? :lol: (G-line them) and with ZT ! tell theyr ISPs about what are they doing
You must join me, and together we will destroy the Sith.
Image

Lysergic
Posts: 35

Post by Lysergic »

I don't have problems with hookers, as I don't associate with them (haha), but I think that instant cloaking should be a feature on every IRC-network.

User avatar
cArLiLLoS
Posts: 209
Location: Barcelona, Spain

Post by cArLiLLoS »

If you have seen "Minority Report", people live in a society that have successfully managed to PREVENT crimes by using gifted beings who SEE the future. They SEE the crime BEFORE it happens, so the police can rapidly act and catch the criminals before they commit the crimes.

Until that happen in a near or far future, we cannot yet prevent DDOS or any other form of attacks. We can have our system clean and up to date however so we can discourage attackers someway or at least won't make it so easy.

I don't see any reason to keep discussing this topic any further.