Jump to content

Welcome to Ain't No God
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

New Automated System Repels Major attack

- - - - -

  • Please log in to reply
1 reply to this topic

#1
Ungodly

Ungodly

    Has Equal Rights

  • Administrators
  • 20,617 posts
  • LocationInland Empire, California
The new security system we installed on this server about a month ago was subjected overnight to the first instance of the type of attack that was previously rendering the system unusuable. The method being used by the particular criminal involves a non-distributed Denial of Service (DoS) attack. She or he is trying to exploit an installation of phpBB (yuck!) on one of the sites we host here pro bono. The felon establishes multiple simultaneous connections to the forum with the intention of making the system so busy that no legitimate user can retrieve a web page before their HTTP session times out.

Although I was asleep during the entire event, which started at about 4:30 AM CST today (November 1), it appears that the server handled it well, our MaxClients setting in the web server configuration was never reached before the criminal was banned, and I have a complete audit trail of who did what when. I will be contacting the world famous pharmaceutical firm that owns the IP address that was apparently used for this attack.

One feature of our new security system is that it monitors the total number of simultaneous connections to any/all of the sites on the server from any single IP address. When that total exceeds a number that I can configure, the IP address is permanently banned from connecting to any site or other resource on the entire server.  Currently there are 71 sites hosted on this server, the majority are my own, a smaller number are domains we host gratis because we agree with the intent of those sites, and some belong to relatives and personal friends.

Because we intentionally and selectively host websites that call into question the leading superstitions used to justify violence and repression, it is reasonable to expect that there will be persons with malicious intentions trying to interfere with our mission. The difficulty they face is that I have an extremely clever husband and an extremely clever son who provide me with advanced technical support in my efforts to confront, challenge, frustrate, and ridicule faith-based stupidity while protecting the resources used for this purpose. It is our intention to continue to maintain an active role in the maintenance of this site, which is certainly my premiere website among my large collection of domains.  We will protect our own sites and our guests' using all ethical means at our disposal, including our technical abilities.

So, in summary, we win, unknown criminal loses.  :Tounge:

#2
Unbeliever

Unbeliever

    Advanced Member

  • Members
  • PipPipPip
  • 1,494 posts
  • LocationCalifornia
[southern belle accent]
Oh, mah hero!
[/southern bell accent]


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users