nanog mailing list archives
Re: What hath god wrought?
From: Jay Farrell <jayfar () jayfar com>
Date: Tue, 21 May 2013 00:56:14 -0400
Are you certain it was a DoS attempt? They may have just been running a surveillance software package such as URLy warning, which GETs the pages of a site repeatedly and diffs them to watch for updates. In the case of an (non-)organization like Occupy I can't imagine law enforcement would neglect to do this. I've been on the receiving end of this sort of thing myself (long story). -- Jayfar On Tue, May 21, 2013 at 12:07 AM, Charles Wyble <charles-lists () knownelement com> wrote:
Sorry. The occupy site was on a shared hosting plan at the company I worked for. Source determined via Whois output for the attacking ip found via our analysis. It was a rather crude dos attack (repeated get requests). At first we figured they were just mirroring the site for offline analysis or something, but it soon became evident they were just hammering the site. Yes we could of sued. However the inevitable stonewalling, endless resources of the feds etc would of made for a long and exhaustive legal battle. This was at the height of the occupy activities. Far worse offenses were being committed by federal, state and local govts during that period than a dos attack by DHS. "Jason L. Sparks" <jlsparks () gmail com> wrote:"No attempt to hide the source IP" "I mean, they were using a shared hosting plan" What makes you certain it was DHS? Genuinely curious, because this is a hell of a claim. -- Jason On Mon, May 20, 2013 at 3:29 PM, Mike Hale <eyeronic.design () gmail com>wrote:Would it be futile though? I mean...DHS running a DOS against an American organization is the kind of stuff that makes Constitutional lawyers salivate. I'm not trying to call you out, btw. I'm genuinely curious why the hosting company itself didn't file suit. You've got a US Government agency abusing your resources and acting in a blatantly illegal manner. That's the kind of stuff that results in letters of resignation when publicized. On Mon, May 20, 2013 at 12:13 PM, Charles Wyble <charles-lists () knownelement com> wrote:Yes. I'm aware of that. It would be futile in most cases, which isahuge problem in and of itself, as that's really the only recourse.I mean they were using a shared hosting plan. Not exactly deeppocketed.My point is that the abuse of power is blatant and they areunafraid ofany kind of retaliation. They don't need to hide.Mike Hale <eyeronic.design () gmail com> wrote:"Sue them?" Uhm...yes? That's why we have courts that we can sue federalagenciesin. On Mon, May 20, 2013 at 11:58 AM, Charles Wyble <charles-lists () knownelement com> wrote:No proxy needed. No need to hide. While working for a very large hosting company, I once observedDHShammering an occupy related website. No attempt to hide the sourceipor anything.What are you going to do? Sue them? If they wish to take a siteoffline, they will ddos it or simply seize the domain under the national security banner."<<"tei''>>>" <oscar.vives () gmail com> wrote:On 20 May 2013 01:58, Michael Painter <tvhawaii () shaka com> wrote:http://arstechnica.com/security/2013/05/ddos-for-hire-service-works-with-blessing-of-fbi-operator-says/More on the same topic.http://krebsonsecurity.com/2013/05/ragebooter-legit-ddos-service-or-fed-backdoor/#more-19475Maybe the FBI use this to commit crimes in USA using a foreigncompanyas proxy so nothing dirty show on the books. That way the FBI can avoid respecting USA laws. -- -- ℱin del ℳensaje.-- Charles Wyble charles () knownelement com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0-- Charles Wyble charles () knownelement com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0-- Charles Wyble charles () knownelement com / 818 280 7059 CTO Free Network Foundation (www.thefnf.org)
Current thread:
- What hath god wrought? Michael Painter (May 19)
- Re: What hath god wrought? Joshua Goldbard (May 19)
- Re: What hath god wrought? <<"tei''>>> (May 20)
- Re: What hath god wrought? Charles Wyble (May 20)
- Re: What hath god wrought? Mike Hale (May 20)
- Re: What hath god wrought? Charles Wyble (May 20)
- Re: What hath god wrought? Mike Hale (May 20)
- Re: What hath god wrought? Jason L. Sparks (May 20)
- Re: What hath god wrought? Charles Wyble (May 20)
- Re: What hath god wrought? Jay Farrell (May 20)
- Re: What hath god wrought? David Conrad (May 21)
- Re: What hath god wrought? jim deleskie (May 21)
- Re: What hath god wrought? Phil Fagan (May 21)
- Re: What hath god wrought? Ryan Gard (May 24)
- Re: What hath god wrought? Charles Wyble (May 20)