|
2005-05-31, 06:38 AM | #1 |
That which does not kill us, will try, try again.
|
CCBill was under DDOS attack yesterday
If you noticed signups were down yesterday, it might not have just been a holiday slump. From a message on the CCBill site:
IMPORTANT INFORMATION REGARDING CCBILL PROCESSING Posted May 30th, 2005 12:21:34, by CCBill Management This morning, Monday, May 30, 2005 at approximately 6:45 am (Arizona Time) the CCBill network went under a DDOS attack, which directly affected most of our processing systems including our CCBill Sign up pages, our transactional processing, and our System5: Web Admin client reporting and account management. Our Networks, Security and Product Teams were able to combat this issue, and eventually mitigate this attack. As of 11:10 am (Arizona Time) we returned to processing at a 100% level, and our networks are currently running at normal performance levels. Please rest assured that we will continue to aggressively monitor this situation, and will notify you immediately of any changes in processing. If you notice any fluctuations in your CCBill processing over the course of the next day, or if you have any questions or concerns regarding this issue, our Client Support Team is available 24 hours a day, 7 days a week at clientsupport@ccbill.com or Toll-free at 800.510.2859. Please know that as your billing provider, we truly appreciate your patience during this unfortunate occurrence, and value your business. Many thanks! CCBill Management
__________________
"If you're happy and you know it, think again." -- Guru Pitka |
2005-05-31, 06:41 AM | #2 |
You can now put whatever you want in this space :)
|
I was wondering what was going on. Looks like sales went back to normal by the end of the day though.
|
2005-05-31, 09:05 AM | #3 |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
ok, can someone elaborate exactly on what a DDOS attack is? thanks
.. |
2005-05-31, 09:10 AM | #4 |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
That explains what was going on with my sales. Their admin is still down for for me this morning.
DamnQ It stands for Denial Of Service and basically it means that their server was flooded with bogus requests from many different computers to the point that their network was brought down. |
2005-05-31, 09:30 AM | #5 |
I'm a jaded evil bastard, I wouldn't piss on myself if I was on fire...
|
The first D stands for Distributed
|viking|
__________________
I sale Internet My sites have no traffic and no PR - let's trade - PM me |
2005-05-31, 10:36 AM | #6 |
Well you know boys, a nuclear reactor is a lot like women. You just have to read the manual and press the right button
|
still having problems right here, it's going up and down
|
2005-05-31, 02:29 PM | #7 |
I'm going to the backseat of my car with the woman I love, and I won't be back for TEN MINUTES
Join Date: Aug 2003
Posts: 82
|
We can't get them today.
|
2005-05-31, 02:47 PM | #8 |
Someone Turn Off The Damn Heat!
|
damn, i was wondering why i had only 1 damn sale and almost no clicks, still the same when i just logged in was on richards with new gallery last night and was about to change it before subbmiting elsewhere since the clicks were so unbelievably low, now i know it wasnt me PHEW!
__________________
Get ElevatedX W/Hosting 99MO! |
2005-05-31, 02:51 PM | #9 |
Internet! Is that thing still around?
Join Date: May 2005
Posts: 1
|
DDOS sucks
|
2005-05-31, 08:55 PM | #10 |
I like to blog :)
Join Date: Sep 2003
Posts: 1,050
|
Looks like its still going on. I cant login
|
2005-05-31, 09:13 PM | #11 |
Life is good
|
Same, no login here.
|
2005-05-31, 11:43 PM | #12 | |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
Quote:
thanks... that clarifies a LOT .. |
|
2005-06-01, 02:42 AM | #13 | |
No offence Apu, but when they were handing out religions you must have been out taking a whizz
|
Quote:
Basically, some script kiddie with an attitude grabs a piece of malicious code that has the ability to infect *lots* of innocent computers via unprotected IRC channels, newsgroups, emails and open ports. These infected computers become "war bots" under the control of one or more master computers and collectively launch millions of httpd/tcp requests on the target server literally dragging the web server to it's knees - or even cause it to crash completely. Here's a couple of articles if you want to learn even more about these malicious biatches... http://www.grc.com/dos/grcdos.htm http://www.grc.com/dos/drdos.htm
__________________
Please Re-Read The Rules For Sig Files |
|
2005-06-01, 08:17 AM | #14 |
That which does not kill us, will try, try again.
|
Things are still slow there it seems. Sometimes we just get a blank page and nothing ever loads. And yes, signups are down.
Three things we've noticed in the last couple of days since we've had time to notice things: 1. Use a bookmark or your own link to go directly to one of these pages instead of entering through any other main page, since those are loading a lot slower (maybe more requests still being sent to those). For sponsors -- https://webadmin.ccbill.com/ For affiliates -- https://affiliateadmin.ccbill.com/ 2. Once inside the sponsor section, the "Quicklinks" seem to work faster, and without hanging, more often than the other links. 3. On the Mac platform, the Firefox browser seems to work fastest at logging in and navigating once inside either section.
__________________
"If you're happy and you know it, think again." -- Guru Pitka |
2005-06-01, 08:27 AM | #15 | |
Subversive filth of the hedonistic decadent West
Join Date: Mar 2003
Location: Southeast Florida
Posts: 27,936
|
Quote:
|
|
2005-06-01, 09:55 AM | #16 |
The only guys who wear Hawaiian shirts are gay guys and big fat party animals
|
y exactly does someone do this? i mean, they just choose a mark & BAM!??
.. |
2005-06-01, 10:01 AM | #17 | |
A little nonsense, now and then, is relished by the wisest men
|
Quote:
Safari doesn't remember much for me. Plus I just bookmark the webadmin.ccbill.com page. I hate that if you go to the main page, on your way to the log in page every page opens in a new window. I really like CCBill and I'm glad I went for the $750 to sign up and be Visa approved, but this has never happened with Verotel - lol! Bill :o)
__________________
TrafficHolder.com - Buy/Sell Adult Traffic |
|
2005-06-01, 03:05 PM | #18 | |
You tried your best and you failed miserably. The lesson is 'never try'
Join Date: Oct 2004
Posts: 166
|
Quote:
Yep, thats about the size of it, choose a mark and BAM!! As for why, most of them do it because they think its funny. The only way to stop it is to outlaw IRC networks. But, try to get that past a First Admendment Attorney _ |
|
2005-06-01, 03:08 PM | #19 |
Certified Nice Person
|
They're claiming that it's a DDOS attack, but really it's just my sales rolling in and placing heavy burden on their servers. I'm a marketing genius, ya know.
__________________
Click here to purchase a bridge I'm selling. |
2005-06-01, 03:28 PM | #20 |
A little nonsense, now and then, is relished by the wisest men
|
Well it's certainly not my sales, at least not today - lol!
__________________
TrafficHolder.com - Buy/Sell Adult Traffic |
2005-06-01, 03:33 PM | #21 |
a.k.a. Sparky
Join Date: Sep 2004
Location: West Palm Beach, FL, USA
Posts: 2,396
|
Actually, I would bet that these are copycats or the same guys that were taking down the offshore gambling and bookmaker sites.
The concept behind it is: Pay us $40000 or we will crash your server. Obviously, $40k isn't much money to the bookmaker/gambling site/processor, but, the loss in revenue is much greater. They keep the payout small enough so that the transaction can be handled quickly. So, someone pays, they are financed again to run their attack on someone else. The person that pays is supposedly 'whitelisted' and won't get attacked again. I firmly believe that they just wait 3 months and attack again under the guise of some other group. Once a payer, always a payer. I think Barclays bank was hit a few months back as well as another financial institution. Their zombies do use IRC to do most of the communications and it is quite a subculture. As for getting the FBI involved, the FBI shows up in their suits, takes the info, you give them everything including address, cell phone numbers, locations, logs, city/state/zip/country on a few CDs and 26 months later they say, are the attacks still going on? Uhh, no, he was captured 11 months after I gave the attacker's info to another FBI task group. It would be so easy for the FBI to fix things if they wanted to, but, they really have very little clue as to how to mitigate and identify the attacker. There is no quick way to deal with the FBI since they don't/can't use email. FBI charter states that all email must be printed by a dedicated workstation, sealed and delivered via departmental mail. You can send them CDs worth of data, mysql dumps of IPs, raw logs, etc, but, it goes to a group that has a handful of people that are able to do the analysis. If you're not directly impacted with substantial financial burden, and aren't someone that they can champion in the papers by helping, you are really put at the bottom of the stack. And by being a civilian, we're quite limited in our ability to track things. These attacks come from hijacked machines that run a little bot that checks in with an irc network. The last attack I dealt with had machines from Cisco, government offices, foreign governments and thousands of other machines from around the world. Cisco did help immensely by logging the packets from the machine inside their network and handing me some of the logs. The government offices shut down the identified machine for a few days and bam, when they turned it back on, hey, its baaaack. The FBI has a lot to learn, which regrettably makes it very easy for extortion on the net to work. Witness the little $200 extortions for documents that have been encrypted by virus/trojan horses.
__________________
SnapReplay.com a different way to share photos - iPhone & Android |
2005-06-01, 03:50 PM | #22 |
You tried your best and you failed miserably. The lesson is 'never try'
Join Date: Oct 2004
Posts: 166
|
Oops... I forgot about the extortion angle and all the new ways to acquire remote machines.
- |
2005-06-02, 10:47 AM | #23 |
I'm normally not a praying man, but if you're up there, please save me Superman!
|
CCBill stats were working as of last night, but they appear to be unreachable again this morning.
|
2005-06-02, 02:23 PM | #24 |
A little nonsense, now and then, is relished by the wisest men
|
I can get to my stats fine, unfortunately.
__________________
TrafficHolder.com - Buy/Sell Adult Traffic |
2005-06-02, 02:25 PM | #25 |
Lonewolf Internet Sales
|
I can't get to the stats page, and refer links are timing out. Join page links on the sites themselves seem to be working, but none of my traffic can get there.
|
|
|