Menu
What's new
UOGamers Community

This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!

  • To obtain new Razor updates, please reinstall Razor from our new website.

Update on Attacks

R

Ryan

Guest
Update on Attacks

Just wanted to let you know that last night after hours and hours of work we have busted through the logs have gotten several of the attacking "drones" taken off line.

We will continue to work throughout the day and week and let you know as we progress. This is a SLOW process but it is, the only route we can take. Defiance a shard in Europe has had similar attacks and is cooperating with us to help bring this shit to a stop.

We appreciate your patience.

Thanks,
Ryan
 
B

Betty-Starburst

Wanderer
Re: Update on Attacks

Awsome. I will post a picture in honor of this.

 
T

tapio

Wanderer
Re: Update on Attacks

Grabbed this from the Defiance Forums, it is good to see you guys are making progress, I hope you nail the bastard/s soon.

Quote:

Dear Sir!

We are sorry about the incident and we are removing the server from the
net completely right now. Also we want to say thank you for the warning email,
and we would ask to end the network restrictions between our IP. We will
search for traceable logs within our system and if we find any valuable
data we will send it to you asap

thank you again for the warning and sorry for the inconvenience

Peter Horvath



One down.

Quote:



Hello Nick,

Your request is under investigation, the user of the IP is informed and
replied that this was not his fault. But the traffic can verify the DoS at
the given time. So we hope that the customer can find the fault and fix it.

thx
Berk Uysaler
--
SILVER SERVER \\ t_bbt \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ \\\ \\




Two Down

Quote:


We did have traffic of ~50-70mbit between 2100 and 0100 (GMT+1) which I
have already started to look into this morning, though it seemed to have
originated from the wrong switch for that machine ... I will take a
closer look at the box and see if there are any usable traces left to
possibly track back the origin ... the box in question is a rather
"ancient" web server, up for replacement/migration ...

At the moment, I can't find any obvious info as for additional processes
or changes on the system itself - I will have to check the logfiles of
the http server for any info. Anyway, there have been multiple ftp
logins from unusual sources which may have abused some hole in the ftpd ...


Regards, G.Glendown / NETHINKS GmbH




Three Down.

More coming down now - Logs being sent from each server -- I hope this guy is smarter than me, as he just made a big mistake attacking my network.

We also have access to three of the servers that attacked and we are inspecting who has installed a packet daemon and where the packet daemon is receiving it's attack signals from.

Obviously I haven't posted the mail from the servers we have access too.
But when / if he launches another attack, we will have full logs of what / who sends the signal to launch via netgrep's and tcpdumps, then start our final stage of the investigation.

Once we trace back to the "ordering" server, it will be a simple matter of asking the ISP to let us have access to it, then we should be close to nailing this guy.
 
J

jeremias

Wanderer
Re: Update on Attacks

defiance has been atack because,maybe, the UOgamer`s guys were playing there whyle uog was down Fuck IT
 
R

Ryan

Guest
Re: Update on Attacks

jeremias said:
defiance has been atack because,maybe, the UOgamer`s guys were playing there whyle uog was down Fuck IT
Click to expand...


Well..

I'll tell you this, I am of the school forgive and forget... but this attack crap is getting out of hand.

Light and I are working our assess off to figure out who is doing this... the real problem I have is that I dont get to do this as a job ;(

Regardless.. I am working the best I can, and will continue to work on this.

Thanks,
Ryan
 
C

_Choru_

Master of the Interweb
Re: Update on Attacks

Ryan said:
Well..

the real problem I have is that I dont get to do this as a job ;(
Click to expand...

At least because its just a hobby you can say fuck it and take some time to relax, if it was a job that really wouldnt be an option.
 
T

Tru Destroyer

Wanderer
Re: Update on Attacks

God I hope you get these little pricks!!!!

I do have a few questions :

#1 Why does uogateway still say the shard is up?? Is It?? and if it is why cant i connect?/

#2 U said that your are stopping some of the drone comps all i am wanting to know is if you will inform us on if are comps are one of them or not??

#3 anyone know a char ingame named Mr.T he was talking some wierd shit earlier in the day when the first attack happend.. asking if i was in the us and laughing cuz i stole a idoc after he script placed just thought his ip might be the one but just a geuss...

Keep up the good work guys We Are All Supporting U And Behind U 1000000%
 
You must log in or register to reply here.
Top