For anyone who has noticed the major-league scale of attacks many popular Datacenters on this board have been receiving lately, do you think this is an act of terrorism?

DC's such as Rackshack, Burst and now FDC..........

Is it a larger scale then many think? Is the entire internet going to go down in flames?

What are your views?

:confused: :confused:

DN got hit too.

Originally posted by Rob_AcuNett
For anyone who has noticed the major-league scale of attacks many popular Datacenters on this board have been receiving lately, do you think this is an act of terrorism?

DC's such as Rackshack, Burst and now FDC..........

Is it a larger scale then many think? Is the entire internet going to go down in flames?

What are your views?

:confused: :confused:

I dunno but its pissing me off.... first it was the sql worm and now this. http://www.internettrafficreport.com/namerica.htm traffic report sems good though.

It's a terrorist attack! I'll go get the duct tape and plastic sheeting.

Well, what else could it be? No script kiddie is going to go take down this many Datacenters in this amount of time......

Originally posted by Rob_AcuNett
Well, what else could it be? No script kiddie is going to go take down this many Datacenters in this amount of time......

in the other thread we have some ideas of whats going on.... http://www.webhostingtalk.com/showthread.php?s=&threadid=122882&perpage=15&pagenumber=8

Originally posted by MilkMan
It's a terrorist attack! I'll go get the duct tape and plastic sheeting.

Board your servers, nail down your racks! All hell is breaking loose :)

Nah, I don't think its a terrorist act. If it were terrorists, I think they'd be more clever in their actions. I think its a group of kids who know how to **** up some people's lives. Well researched I might add.

Originally posted by Rob_AcuNett
For anyone who has noticed the major-league scale of attacks many popular Datacenters on this board have been receiving lately, do you think this is an act of terrorism?

DC's such as Rackshack, Burst and now FDC..........

Is it a larger scale then many think? Is the entire internet going to go down in flames?

What are your views?

:confused: :confused:

I think it is naive to not at least consider it. I agree that is likely not "kiddies" but could be an organized anarchist group or something. The "terrorist" tag could be placed on a lot of activities that go on out there. If we can track down the attackers then we can find out there motivations. Right now that matters little for those affected.

Considering hackers destroy stuff you could call them "cyber" terrorists as an appropriate word. Either way it's not doing any good for us that are hosted in that datacentre.

~~~~~~~~~~Headline News~~~~~~~~~~~~


There was a dog killed by a car today, the locals think it may have been terrorists out to show that cats have been living in in fear of the dog for far too long....

News at 11:00;
A hidden video caught a shadowy figure throwing biological flakes into a fishbowl. During an interview of the goldfish, the frightened fish claimed it was a terrorist and urged fish everywhere to swim for the sea.....

Well, it could just be people trying to take advantage of the security holes in some of the network. As to whether they are launched by real time terrorist, children, people with nothing better to do or by those who preach network security but find many do not heed the advise.

I would have expect that with all this issues of virus, trojan horses and the reach slapper virus that people would open their eyes and do something about securing their own system and not just take that stand-offish ideals that they will not be infected or affected. But it is precisely that this people are the ones which are either victims or launchpads for them to launch such attacks. If you do a check on the servers, you will be surprised at how many are just too vulnerable.

Vulnerable to the effect that if you launch an old trojan or an attack, there would be still chunk of servers which would still be hit.

As long as they do not put any real emphasis on network security or just rely on control panels or 'someone' else to do the work, the risk of another attack would not be too remote.

Those violators probably do not need to think of new ways of doing it, just some old ways which would have been shielded and secured by previously released patches would still cause the same or even more deadly attack.

It just take one unsecured server to possibly take down the whole network or to slow it down.

Yes, hacking is wrong and I do not condone it. But on the other side of the coin, not securing your server is equally wrong as it just encourage these attacks.

Originally posted by Watcher_TVI
~~~~~~~~~~Headline News~~~~~~~~~~~~


There was a dog killed by a car today, the locals think it may have been terrorists out to show that cats have been living in in fear of the dog for far too long....

News at 11:00;
A hidden video caught a shadowy figure throwing biological flakes into a fishbowl. During an interview of the goldfish, the frightened fish claimed it was a terrorist and urged fish everywhere to swim for the sea.....
:D :D
People are too senitive now.

Originally posted by PILMAN
Considering hackers destroy stuff you could call them "cyber" terrorists as an appropriate word. Either way it's not doing any good for us that are hosted in that datacentre. I believe you have your terminology mixed up. Hackers, are the white hats... It's "Crackers" that wear the black hats and do destructive things.

Originally posted by Rob_AcuNett
Well, what else could it be? No script kiddie is going to go take down this many Datacenters in this amount of time......

You would be amazed at the amount of bandwidth some kiddies can throw together.

LOL. That's a new one. Your datacenter goes down, and you blame it on terrorists? Please don't give hosts/DCs another excuse for being down. I can hear internap now... "Sorry, but our network was attacked today by terrorists, and we cannot refund any monies based on our 100% SLA. Estimated time to fix is unknown. Ask the terrorists." This might make a good movie though.

OMG!!!! TERRAR!!!!!1

Personally I think this is a far stretch of imagination. It could be... but not the highest ranking possibility for me.

Originally posted by Rob_AcuNett
Well, what else could it be? No script kiddie is going to go take down this many Datacenters in this amount of time......

:eek:

It's only three, and I don't think Burst/DN/FDC/RS are of any importance for the terrorists (I can't even believe you raise this as a possibility!). If it were a terrorists attack, then they will target something much more important, such as the root DNS servers, etc.

True, I would think it would not be any terrorists probably some kids who found the security vulnerability of some of the hosted servers on those datacenters and decided to cause chaos. We all know about the security risk in Windows and Linux for a while now but if the dedicated host lease owner do not intend to do anything about securing their machine, there is little we could do and just hope that those pranksters got sick of their games and move on.

If it was terrorists, you might see the UN, Worldbank, the Whitehouse or international banks or something which would shake the military or economic world big time.

I seriously doubt any of them would be hosted on Burst/DN/FDC/RS . Yes, they are good datacenters but they just cater for a different audiences.

It's just a bunch of script kiddies exploiting openssl, eventually either a) the server admins will patch b) they will run out of money to keep paying to have their boxes fixed and stay offline or c) the script kiddies will get bored and move on.

My money is on C

As long as computers exist, the Internet is not going down.

Yeah, it is probably just kiddies or pirates in China.:o

If it was an organized terrorist attack I think they would be concentrating on major sites like amazon, microsoft, goverment sites, news sites and the more important things like computer control systems for airports, city emergency services and such.

I do think it is a group of true crackers though. Taking down four datacenters can't be done with a simple downloaded crack tool off a "security site" otherwise you'd see it happening every day.

I am still in awe to this proposition. Terrorist targeting datacenters that provider $100-ish dedicated servers? What impact will that give to the US? :eek: Nothing important will ever be hosted on these datacenters, folks ...

Well, I wouldn't go as far as to say that nothing important are hosted on these datacenters.. I count my livelihood important at least to me since I depend on one of this datacenter. But I would agree with you if you say that nothing of importance to the stability of the US or the world would be hosted in there.

True, it is not too big an issue. It was not even reported in the papers. But the slapper virus was something huge and that was something news worthy.

Yes, actually a simple cracking tool might be able to take down a server with a security hole and if I am not wrong some of these tools are probably written by someone but distributed freely in the cracking world so any one interested can launch an attack.

The security hole is probably as huge as leaving your main door wide open or your windows unlock or leaving your keys under the mat. It is safe as long as no one tries to get in.

Originally posted by FHDave
I am still in awe to this proposition. Terrorist targeting datacenters that provider $100-ish dedicated servers? What impact will that give to the US? :eek: Nothing important will ever be hosted on these datacenters, folks ...

You know how it is nowadays... if it starts snowing heavier than usual, someone is going to claim that the terrorist had caused the climatic change....

Originally posted by Watcher_TVI
~~~~~~~~~~Headline News~~~~~~~~~~~~


There was a dog killed by a car today, the locals think it may have been terrorists out to show that cats have been living in in fear of the dog for far too long....

News at 11:00;
A hidden video caught a shadowy figure throwing biological flakes into a fishbowl. During an interview of the goldfish, the frightened fish claimed it was a terrorist and urged fish everywhere to swim for the sea.....

:dunce:

Originally posted by sprintserve
You know how it is nowadays... if it starts snowing heavier than usual, someone is going to claim that the terrorist had caused the climatic change....

That made my morning :laugh:

It's not as uncommon as you think for script kiddies to be able to send out over 1-5gb/s from botnets of infected users. Often, the ones I've seen / dealt with, have thousands upon thousands of infected cable/dsl users.

Greetings:

I don't believe Rackspace.com, Verio.com, and other major (well, at least those players who don't skimp on stuff to be able to compete on price) got hit.

Thank you.

Originally posted by dynamicnet
Greetings:

I don't believe Rackspace.com, Verio.com, and other major (well, at least those players who don't skimp on stuff to be able to compete on price) got hit.

Thank you.

That simply means they haven't been targetted.... yet...

Originally posted by FHDave
If it were a terrorists attack, then they will target something much more important, such as the root DNS servers, etc.
Don't give the terrorists AKA scriptkiddies ideas :fork: :unhappy:

Greetings:

"That simply means they haven't been targetted.... yet..."

Or it could mean they have CISCO engineers, security specialists, etc. on payroll, and use the right equipment that costs $100 of $K vs. http://forums.burst.net/showthread.php?s=&postid=1494#post1494

There is an old saying, "you get what you pay for...."

Thank you.

I don't know what that link from Burst forum proves.... I am not supporting them, and in fact I will never get any servers from them. But it's true that they simply haven't been targetted yet. If even the root servers can be brought down to their knees, no matter how well protected they are, it can be done.... Perhaps they can get back online faster. That's about it. Afterall, Rackshack I don't think is a small fry with their multiple Gig-E lines either.

Greetings:

Rackshack.net is not a small fry hosting 6,000+ servers.

However, almost every data center that was listed competes on price.

The Burst.net post has the CEO himself stating they don't have the staff or the equipment to handle the regular flood of attacks et all.

This is a real Rackshack story that happened in February 2003 of this year:

"Can you recover from a simple disaster at a “value” provider?

Friday late in the day, I took a panicked call from a former managed service customer who was using a value dedicated server provider (you know, one of the $99 per month or so providers).

The client had accidentally moved most of the root file system to the directory where he was currently in.

The end result was that no new SSH (remote access) logins where allowed; and even the data center where the server was located could not access the server. None of the operating system commands would work.

Given the situation there was not much I could do on the phone call since no one who was not already logged in could access the server.

After spending a few moments on the telephone with the client’s techie gauging the situation, I recommended they call the data center to have them boot up on a Linux boot disk, mount the hard drive, and move the necessary files back to their proper location.

The client’s tech was already on the ball, and stated they already made that call.

The data center support desk informed our mutual client that they don’t have Linux boot disks, and don’t touch the servers physically; they only work with them over the network.

It didn’t matter that our mutual client was in the middle of a disaster, – the server was dead for all intended purposes – they just don’t provide that type of service. Money at that time didn’t matter."

If they don't have RedHat Linux boot disks handy, build less than $300 machines when Rackspace.com, Verio.com, and the major players are using brand name equipment or at least spending several thousand per machine, et all... what do you expect?

Rackspace.com was audited to have 100% network up time for several years... not days, weeks or months.

And all of the major players charge what they charge because they don't have just one system administrator.

Yes, maybe they were not targeted yet... and maybe the others were targeted because whoever is involved knew they had a much easier target to mess with.

Thank you.

Thank you for sharing the nice anedocte. Obviously without a doubt, Rackspace will solve the problem, even if they need to break a neck or an arm. However, support incidents is not quite the same as a DDOS.

Originally posted by Groundhog
... but could be an organized anarchist group or something. ...

Isn't that an oxymoron?

"That simply means they haven't been targetted.... yet..."

Or it could mean they have CISCO engineers, security specialists, etc. on payroll, and use the right equipment that costs $100 of $K vs. http://forums.burst.net/showthread....d=1494#post1494

There is an old saying, "you get what you pay for...." Well if all it takes is money then I want to sign up for space on a server at the Pentagon. After all there has never been any down time and never anything hacked and they use Cray hardware. Who cares if it only costs $9,999,999,999,999 a month, after all you get what you pay for right...

:rolleyes:

Correct me if I am wrong but I thought the estimate from those affected by Slammer was over 60% of the networks? Let's see, Code Red killed hundreds of thousands of Corporate networks, they all had a plethora of engineers, system techs and what have you. They were hardly immune eh? Then we have Nimda that was another good one, not many were immune from that....

Oh and let's not forget Melissa, So much e-mail traffic was generated so quickly that companies like Intel and Microsoft had to turn off their e-mail servers. But hey I am sure that Intel and Microsoft don't have the right equipment and decent engineers or system administrators on staff either right?


There isn't anyone out there that is immune to an attack with the possible exception of the Military...

Greetings Watcher_TVI:

If my memory is correct, Rackspace.com was not impacted by the Slammer Worm as where a lot of other data centers that invested money into their operation allowing them to compete on value vs. price.

Thank you.

Like I said, about 40% of the networks were not affected by slammer. NAC wasn't affected by Slammer either ( or at least the servers I can personally vouch for) and they are considerably less expensive then Rackspace...

I noticed you skipped all the rest of my post so I'll repost it just for you..;)

Let's see, Code Red killed hundreds of thousands of Corporate networks, they all had a plethora of engineers, system techs and what have you. They were hardly immune eh? Then we have Nimda that was another good one, not many were immune from that....

Oh and let's not forget Melissa,
quote:
--------------------------------------------------------------------------------
So much e-mail traffic was generated so quickly that companies like Intel and Microsoft had to turn off their e-mail servers.
--------------------------------------------------------------------------------

But hey I am sure that Intel and Microsoft don't have the right equipment and decent engineers or system administrators on staff either right?


There isn't anyone out there that is immune to an attack with the possible exception of the Military...

As others have said, you'd be surprised at how much traffic one p'd off person can throw together, we got hammered with over 800mbit/s at the end of last year, all from one annoyed network admin. On investigation we found a single customer had been scanning various networks, seems that one admin had taken offence and gathered up various bots at Universities in USA, a cracked ISP somewhere in Asia and lots of cable/dsl bots and hit us big time for 50 hours - They chaged the bots they used to attack us every 10 minutes so we couldn't place a block on the IPs as well, so as you can see, if someone is determined then they will take you down, no matter who you are, and they don't have to have an army of people to do so.

Just as a thought, if it was anything terrorist related designed to cause maximum disruption etc. then they wouldn't go after small time data centres, they'd go after the root DNS servers and/or major peering points such as LINX etc.

Well Karl, precisely....

Some people do have misplaced faith ...

You all have interesting arguements. I don't have time now to respond. I will be back later with my input!