AO Was Attacked this Weekend

**rdb123** · 09-02-2003, 07:14 PM

Originally posted by Miscue

Jack, more than likely they are the source of a bunch of zombie machines with some form of trojan on them that allows outsiders to control their machines. Back in the day, you had to search for zombie machines to control and keep a list if you wanted to attack something. The new ones (well, not that new really) report to a central location... like to an IRC server and await orders.

There are other approaches as well, but this is popular.

You can thank all the computer dolts out there who allow their computers to be compromised.

Miscue's pretty much correct. All those things you see there are different DNS's. You can resolve the DNS by reverse-looking up the IP address. Those are all individual computers--their users are probably trojaned and don't even know it.

**logamus** · 09-02-2003, 07:16 PM

Originally posted by Jonneh
Spawn more Overlords.

hehe

**AlabamaMan** · 09-02-2003, 07:16 PM

Well somone had to say it, i salute you beaver.

**Will Wood** · 09-02-2003, 07:18 PM

I'm sorry.. but this is bs. Did we not crash someone else's server in some of those AO Chat Partys? Did we not invade forums and post for that purpose?

(If you had their permission.. that is one thing.. but.. Jeez.. calm down.. you act like your innocent)

**Star_Base_CGI** · 09-02-2003, 07:21 PM

**Baron** · 09-02-2003, 07:24 PM

you can see on that list one was a school pc. either it was a trojan or they were using a massive proxy server list. alot of those ip's are not in the US but in the UK. the more proxy's they go threw before attacking the harder it is to back track them.

**FooTemps** · 09-02-2003, 07:31 PM

Originally posted by Beaver
Sorry to be the antagonist, but hasn't AO "attacked" another well known PB Forum? Of course it wasn't a malicious attack, but it had the same net effect. I'm not sure if this was done by one person, but by the looks of things it was probably some group of people attacking AO in the same way AO attacked PBN.

Hate to say it, but what goes around comes around.

No, this is different, AO made a full force organized post flood on pbn. This was just one script kiddie using a bunch of proxied zombie machines to take up bandwidth by viewing the same thread over and over.

**Miscue** · 09-02-2003, 07:32 PM

Originally posted by Baron
you can see on that list one was a school pc. either it was a trojan or they were using a massive proxy server list. alot of those ip's are not in the US but in the UK. the more proxy's they go threw before attacking the harder it is to back track them.

I'm not sure what you mean by a lot from the UK... unless you're seeing something I don't. Also remember that there is going to be non-malicious traffic mixed in.

Another possibility is... we're completely wrong and it was an organized effort by a lot of people from perhaps some other forum... similar to the AO/PBN thing.

**AGD** · 09-02-2003, 07:44 PM

You guys are not getting this, it was not a 20 minute thing like we did to PBN, it has been going on for 4 days, 24 hours a day. Yes we attacked one other forum unannounced and stopped immediately once we learned what effect our masses had. Since then our other attacks have been prearranged and ok'd by the forums.

This is not the same thing.

AGD

**WARPED1** · 09-02-2003, 07:55 PM

What was the attack? So what if loads of people look at the forum. Why is that an "attack"?

**PaintballChannel** · 09-02-2003, 08:00 PM

AO attacked our forums once, but we invited them to.

And, yes, like Tom said, there's a difference between being on a site for a few minutes and continuously hitting a site 24 hours a day.

Chances are these were bots that were controlled by one person. Finding that person, however, will be the hard part.

And, I wouldnt equate them to hackers either. More like script kiddies. Hackers dont do stuff that they would consider trivial.

**-=Squid=-** · 09-02-2003, 08:24 PM

Originally posted by AGD
You guys are not getting this, it was not a 20 minute thing like we did to PBN, it has been going on for 4 days, 24 hours a day. Yes we attacked one other forum unannounced and stopped immediately once we learned what effect our masses had. Since then our other attacks have been prearranged and ok'd by the forums.

This is not the same thing.

AGD

LOL! thats pretty funny...but of course, whoever did this is getting the reaction he/she wants...

**AGD** · 09-02-2003, 08:28 PM

Looks like our kiddies went over to PBN, they are crawling. Suddenly they are breaking attendance records too.

FYI this looks like a trojan attack where one person infects hundreds of unsuspecting innocent peoples computers with a virus. The virus program waits for commands from the script kiddie to do something like attack the forum. The computer owner never knows whats going on.

AGD

**Star_Base_CGI** · 09-02-2003, 09:01 PM

A DOS or Denial Of Service Attack is pretty much what Tom Explained.

A computer requests information from a website over and over again. The server gets bogged down and can process requests.

In addition to DOS there are Smurfs and different kinds of attacks.

Zombies or computers that are "owened" can be programed to do it remotely. SO you can have a network of servers attacking another system.

A computer is pretty dumb and it cant always think its being attacked in this way.

He gave a list of servers that are attacking. Some from universisties and some from AOL accounts. Typically they look for servers with alot of bandwidth like a university to use. The more bandwidth they have the more attacks they can make in a given amount of time.

So thats pretty much whats going on.

Someone that doesnt like AO is trying to shut down the forums because its a marketing tool for AGD and they dont like the fact that they sponsered SPplat II. They dont like the fact that pictures are up and people were enjoying themselves at Toms expense.

**Jack & Coke** · 09-02-2003, 09:37 PM

How can I protect my computer from this "trojan" type take over?

Should I buy a virus protection and firewall program like McAffe? (I almost bought it at Costco today...)

Or is the Windows XP firewall (internet security options) good enough?

thanks Miscue et al for explaining this stuff...

AO Was Attacked this Weekend

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment