Latest Update..

Search

New member
Joined
Jul 20, 2002
Messages
75,154
Tokens
TheRX continues to be attacked by a large and sophisticated DOS. We are making every effort to fight off the attack, but it is a very difficult task.

Our team has worked around the clock to put together a solution, but it is going to take a few days to get it in place. We appreciate everybody's patience and understanding during this difficult time.

Please stay tuned as we truly are doing everything possible to have this attack defeated in no more than a few days (hopefully by Saturday's football).


Thank you all for your patience and loyalty, wilheim...
 
Last edited:

New member
Joined
Jul 20, 2002
Messages
75,154
Tokens
Many thanks to the posters who have sent me so many encouraging emails. You guys make even this worth it..


I am very humbled by the outpouring of support behind the scenes.


Thanks, wil...
 

street life
Joined
Oct 14, 2007
Messages
513
Tokens
Hope that you can find and bring to prosecution the bastards behind all of this. This is the first post that I've been able to read the last few days. Has there there any attempt to extort yet? I know that you said there were none earlier.
 

New member
Joined
Jul 20, 2002
Messages
75,154
Tokens
roxy music

This DOS is not about financial extortion so I doubt if we will get a demand for cash.



wilheim
 

New member
Joined
Aug 27, 2007
Messages
4,994
Tokens
More likely than not it is financial, they just aren't extorting you.

It's not cheap to rent a botnet running sophisticated db attacks on a forum. The russians charge good money for a thousand or so infected machines. A similar attack was used against a company I worked for.

It clearly is a sophisticated attack, as those run from a single-group range of IPs is easily defeated. So it's likely a combination of machines from diverse IPs running custom scripts designed to attack a flaw in the forum software.

So we probably have to wait for Vbulletin to issue a patch.
 

Member
Joined
Mar 6, 2005
Messages
2,337
Tokens
There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.
 

Handicapping Machine
Joined
Aug 31, 2006
Messages
17,214
Tokens
wow this is getting nuts.

not sure whether to post picks or not...my week 2 picks were erased.

good luck figuring it out guys
 

New member
Joined
Nov 29, 2005
Messages
4,391
Tokens
There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.

Running a large IT department myself, I agree with this post.
 
Joined
Sep 4, 2006
Messages
2,595
Tokens
Running a large IT department myself, I agree with this post.
Anyway you could help them out on this issue? Or too much? I would think any help would be better then none at this point! Can this be done over the internet (the help) or done in person, physically being there?
 

Oh boy!
Joined
Mar 21, 2004
Messages
38,362
Tokens
There is obviously some sort of mis-configuration here. A firewall/NIDS is not in the right spot, not set up to do the right filtering, has no IP null route rules, etc, etc. The bottom line is that this should have been stamped out inside of a few hours. This attack isn't showing how sophisticated the attackers are, it's showing how bad the IT management is.

I agree. If you think of how many web sites there are that *aren't* vulnerable to a DOS attack it would lead me to believe that there are safeguards against such things, even sophisticated attacks. I'm sure Microsoft or financial company web sites would have people who would want them to be down but aren't.
 

New member
Joined
Jul 20, 2002
Messages
75,154
Tokens
For the record..

I would like to call on you to all to kindly rest assured that we do have a plan in place and will defeat these attacks soon. The IT outfit that is doing the attacking is extremely well versed in these matters (possibly as good as any worldwide when it coms to DOS issues) and know all of the tricks from both sides of the fence.

They are like bedbugs, once you get them in your house it is hard to get rid of them but we most certainly will.



Thanks for your understanding, loyalty and patience, wil..
 

Home of the Cincinnati Criminals.
Joined
Sep 20, 2004
Messages
19,492
Tokens
Give'em hell Willy
Many thanks to the posters who have sent me so many encouraging emails. You guys make even this worth it..


I am very humbled by the outpouring of support behind the scenes.


Thanks, wil...
 
Joined
Sep 21, 2004
Messages
8,541
Tokens
Personally I think it is funny that they think this shit can work. I have no idea who it is, but I say fuck them and hopefully, it will come to light and we will go ahead and get them back in the only way we can and no longer use them.
 

New member
Joined
Sep 20, 2004
Messages
6,066
Tokens
Since everyone thinks its so 'easy' to counterattack a DoS attack I will just add my 2 cents on the issue.

There is no such thing as 'a site that is NOT vulnerable to a DoS attack' just as there is NO site that is 'not vulnerable to a hacking attempt', if something its exposed to the internet.....its vulnerable whether its because of lack of filtering/small pipe/vulnerabilities in the daemons that are running etc

You have sites that have been hacked, sites that have not been hacked yet and sites that don't know they been hacked

Depending on the resources you have available in both analyzing/filtering the attack with your upstream providers (and if the upstream providers are competent in this area....which is not guarranteed at all) it can be very hard to defeat an attack, specially if the attack is well designed so that a silly/simple null route......packet filtering etc doesn't do trick


CNN, Yahoo, Ebay etc have all been subject to crippling DDoS attacks...as well as very large sportsbooks that are also based in the UK (and those are the ones that were succesful at prosecuting the crooks....because the local autorities stepped in)

Bottom line, if it would be THAT simple there would not be companies specializing in preventing/defeating these attacks for BIG bucks
 

New member
Joined
Nov 29, 2005
Messages
4,391
Tokens
Never said it was THAT easy but a site THIS big should have people that CAN help them stop the LARGE attack they are facing.

While I'm sure it's a bitch to figure out, we are going on almost a week now?
 

New member
Joined
Sep 20, 2004
Messages
6,066
Tokens
While I'm sure it's a bitch to figure out, we are going on almost a week now?

I might be wrong but I thought the initial issue was a meltdown of the database NOT a DDoS attack, totally separate things, now regarding THAT I could say that the backup strategy should have been much tighter to prevent losing days of posts but its a totally different issue
 

Member
Joined
Sep 20, 2006
Messages
12,469
Tokens
Wil .........your ex military ......you need to counter attack these Commies .........I got your back !
 

Forum statistics

Threads
1,106,808
Messages
13,439,054
Members
99,339
Latest member
billcunninghamhomeloans
The RX is the sports betting industry's leading information portal for bonuses, picks, and sportsbook reviews. Find the best deals offered by a sportsbook in your state and browse our free picks section.FacebookTwitterInstagramContact Usforum@therx.com