Jump to content

Another DDoS attack

Ashoat

By Ashoat
in News

 Share

Recommended Posts

Ashoat Explorer

Ashoat

Posted
Posted

I'm working on it. I've narrowed it down to one IP. As a result, only about 1000 accounts are down right now.

 

I'm going to run through a binary search to figure out the offending site. I'll let you know as soon as we've figured anything out.

Link to comment
Share on other sites
MrAss69 Newbie

MrAss69

Posted
Posted
HelioHost Account Queued

 

Ahoy! You're seeing this page because HelioHost has not gotten about to installing and configuring your account yet. This process usually takes 24 hours, and once it is complete your website should show up properly. While the account is being created we suggest taking a look at your control panel.

 

Thanks for choosing HelioHost! We wish you good luck with your website.

 

Sincerely,

The HelioHost Staff

 

So I guess, I'm one of the lucky guys whose accs are down?

Link to comment
Share on other sites
Sentinel Newbie

Sentinel

Posted
Posted

No this means it'll take about 24 hours to get your account deamonized(created)

So you don't have an account right now, it's in the process of being created, see one of the other threads.

 

Lol more DDoSing? stupid skiddies.

Link to comment
Share on other sites
MrAss69 Newbie

MrAss69

Posted
Posted

Ehm, then I wonder what I did the whole day?

 

The account was already created, but now it seems to have disappered...

Files are still in my directory on the server, MySQL-DB's still there but showing 0,0MB within cPanel (PHPMyAdmin shows that there's data though)...

Link to comment
Share on other sites
Sentinel Newbie

Sentinel

Posted
Posted

Oh i see...

 

Hrm, well perhaps the server lost your stuff? I dunno, I'm not sure this is the place to chase this up.

But here's a tip, back up regulary or whenever you make big changes.

Link to comment
Share on other sites
MrAss69 Newbie

MrAss69

Posted
Posted

Okay, just one last OT before getting back to business...

 

I was working on my site, when the DDoS started -> Unable to connect to anything here

After the server went back on -> Data's still there, but I'm getting this error, that my account would be queued when I'm trying to access it via web

 

This seems to be a problem related to the DDoS-Attack...

Link to comment
Share on other sites
Sentinel Newbie

Sentinel

Posted
Posted
Okay, just one last OT before getting back to business...

 

I was working on my site, when the DDoS started -> Unable to connect to anything here

After the server went back on -> Data's still there, but I'm getting this error, that my account would be queued when I'm trying to access it via web

 

This seems to be a problem related to the DDoS-Attack...

 

 

Then, if it's just an error relating to the DDoS, there's not much anyone can do, in my opinion. Unless the root admin buys a super expensive firewall, and wastes $1000+ p/month. That's won't offer a guarentee. Just wait it out until the attack has finished.

 

djbob person.. nosey question; on average how long do the attacks last? Do the IP's have a similar stringed IP? Throughout all the recent attacks? Tell me to shut up, if I'm being too nosey.

Link to comment
Share on other sites
Ashoat Explorer

Ashoat

Posted
  • Author
Posted

Okay, I've identified the account getting attacked. It's "biberhapi.com". I don't know what they're about, but I'm going to quarantine that account off on the old IP and move everyone else over to a new one.

 

A script is currently running to perform the switch. It probably won't take more than an hour.

Link to comment
Share on other sites
Tony M Newbie

Tony M

Posted
Posted

From 2 days ago I when I was accessing My website, I waited more than 5 minute so than the page is completely loaded. Yesterday I was accessing Helionet.org and I received an error (this might be the problem that You are talking about). Today My website loaded in only 15 seconds (not 5 minutes like 2 days ago). So I think that all Errors are Now Corrected. ;)

Link to comment
Share on other sites
Bruno Newbie

Bruno

Posted
Posted

whooops wrong place

 

was meant as a replay to http://www.helionet.org/index/index.php?showtopic=6216

 

poted on wrong window >.>

 

 

I had the same problem, and needed some traceback

Used this simple script, i hope it helps others to save time

....
_application = django.core.handlers.wsgi.WSGIHandler()

def application(environ, start_response):
   environ['PATH_INFO'] = environ['SCRIPT_NAME'] + environ['PATH_INFO']
#    return [myresp,]
   try:
       return _application(environ, start_response)
   except:
       start_response("200 OK", [("Content-type", "text/plain")])
   	tb = "Unexpected error: "+ str(sys.exc_info()[0])
   	tb = tb+"\nError was: "+str(sys.exc_info()[1])
#    	traceback.print_exc(file=sys.stdout)
   	tb = tb+"\nTraceback was: "+repr(sys.exc_info()[2])
   	tb = tb + "\n PATH was: "+str(sys.path)
   	return [tb,]

Link to comment
Share on other sites
  • 2 weeks later...
Col Newbie

Col

Posted
Posted
I just looked at a google cached copy of the site(used google translate) and it apears it is a site about some weight loss drug.

 

 

Odd isn't it - why would anyone want to DDoS what appears to be a Turkish site selling from what I can work out, peper as a weight loss drug??

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...