It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Was ATS attacked on the morning of September 11th 2008?
page: 3share:
I'm still curious about it being an error rather than a blunt denial of service which in my mind points to something sneakier going on.
Here is a hypothesis:
With recent activity in trolling going through the roof (as confirmed by SO and his google analytics) it is fairly easy to look at a members join date to see if it was recent and then look at the content and rate of posting to correlate some paid for motive.
So if the people organising the trolling have vast resources and want to make their trolling more believable, they would need to use ATS accounts that have been on the forum longer. In fact it would be logical to assume that an ATS account that has been here longer would likely to be viewed with more respect as to their postings.
So logically therefore, the best thing to do would be some sort of sql injection attack or look back over the legacy php code from which this forum originates to find a weakness so as to create accounts with false join up dates or hijack dorment accounts and use them to do more 'credible' trolling.
Thats what I would do, and if I have thought it, it has usually already been done! Thats my general motto anyway and often a good starting point from which to work from.
Glad to see things like this being discussed, looking forward to more info about it all.
Here is a hypothesis:
With recent activity in trolling going through the roof (as confirmed by SO and his google analytics) it is fairly easy to look at a members join date to see if it was recent and then look at the content and rate of posting to correlate some paid for motive.
So if the people organising the trolling have vast resources and want to make their trolling more believable, they would need to use ATS accounts that have been on the forum longer. In fact it would be logical to assume that an ATS account that has been here longer would likely to be viewed with more respect as to their postings.
So logically therefore, the best thing to do would be some sort of sql injection attack or look back over the legacy php code from which this forum originates to find a weakness so as to create accounts with false join up dates or hijack dorment accounts and use them to do more 'credible' trolling.
Thats what I would do, and if I have thought it, it has usually already been done! Thats my general motto anyway and often a good starting point from which to work from.
Glad to see things like this being discussed, looking forward to more info about it all.
I know I was kidding around earlier but what is freaking me out is we still have not heard what the issue was from SO. He said it was not maintenance,
so what was it?
I think I was more calm when I thought it was just routine maintenance.
I think I was more calm when I thought it was just routine maintenance.
Without getting into details that may assist future attempts to disrupt the board, it does indeed appear as though we were a brief target of some type
of attempt to cause havoc.
Three separate IP addresses (that track back to server hardware, not personal computers) we're found to be repeatedly accessing pages that are generally high load... the three computers were averaging 20-30 hits on our servers every second.
(SIDE NOTE: for the purpose of providing forensic data for such events, one of our three web servers logs hits from a specific type of access -- null referrer data, no accepted cookies, and malformed browser signatures -- these are typical of spiders and automated attack attempts, and are not typical of ATS users. The data is retained for 72 hours.)
This type of access ultimately caused a high-load on our database, which resulted in the inability to access the board.
The ISPs of the servers have been notified, and they're now offline. It was three different ISP providers, in three different locations of the country, running what appeared to be nearly identical scripts.
Our tech team is taking measures to install a custom system that automatically detects such disruption attempts, without degrading overall system performance.
It's been a busy day, with this issue and the new announcement for political topics... and even with the near four hour outage, we're still on track for today to be one of our top-ten highest-trafficked days.
Three separate IP addresses (that track back to server hardware, not personal computers) we're found to be repeatedly accessing pages that are generally high load... the three computers were averaging 20-30 hits on our servers every second.
(SIDE NOTE: for the purpose of providing forensic data for such events, one of our three web servers logs hits from a specific type of access -- null referrer data, no accepted cookies, and malformed browser signatures -- these are typical of spiders and automated attack attempts, and are not typical of ATS users. The data is retained for 72 hours.)
This type of access ultimately caused a high-load on our database, which resulted in the inability to access the board.
The ISPs of the servers have been notified, and they're now offline. It was three different ISP providers, in three different locations of the country, running what appeared to be nearly identical scripts.
Our tech team is taking measures to install a custom system that automatically detects such disruption attempts, without degrading overall system performance.
It's been a busy day, with this issue and the new announcement for political topics... and even with the near four hour outage, we're still on track for today to be one of our top-ten highest-trafficked days.
Thank you SO for your hard work to determine the issue. Althogh glad for your efforts it does make me wonder about weather or not some topics on the
board were directly the focus of the attacks or if it was just ATS in general that was the focus of the attack.
Are we that close here at ATS to uncovering the truth?
Are we that close here at ATS to uncovering the truth?
Wow, i just join up and this site got hit.. there must be some good stuff here.
i find it odd how other sites were targeted too. Did the admins on this board contact any other board admins to see if the same thing happened to them (along with the same three isp)? If it turns out to be the same ones there is something more here then meets the eye.
i find it odd how other sites were targeted too. Did the admins on this board contact any other board admins to see if the same thing happened to them (along with the same three isp)? If it turns out to be the same ones there is something more here then meets the eye.
Thanks for the update SO, much appreciated as it is interesting to see if any other online disruption match that methodology. Interesting also to see
if that type of attack was to cause an sql injection attack or some sort of diversion while something else was done. By interesting to compare
database after it happened with a backup copy from before and see if any major changes occurred. Food for thought anyway! Cheers again for the
update!
Actually another interesting point as that some ppl have set up a volunteer network of experts to try and track back some of the cyber attacks that happened during the Russia/Georgia matter. One of the techniques they talked about using was some sort of web spider trawling all blogs and forums trying to do a content analysis with pattern recognition algorythms. I was thinking if they let baby loose it would quite likely find its way to ATS and have a field day trying to pull all the data down, especially on quick moving threads as it would have to keep re-indexing them as new posts are added.
Link: intelfusion.net...
Just speculating here but may be worth looking into?
Actually another interesting point as that some ppl have set up a volunteer network of experts to try and track back some of the cyber attacks that happened during the Russia/Georgia matter. One of the techniques they talked about using was some sort of web spider trawling all blogs and forums trying to do a content analysis with pattern recognition algorythms. I was thinking if they let baby loose it would quite likely find its way to ATS and have a field day trying to pull all the data down, especially on quick moving threads as it would have to keep re-indexing them as new posts are added.
Link: intelfusion.net...
Just speculating here but may be worth looking into?
Can someone explain that like I was an old lady? The whos, whats, wheres and whens?
Is it safe to assume that the attacks on other sites are form the same mob?
What country was it coming from?
ERRR what the heck is going on???
Is it safe to assume that the attacks on other sites are form the same mob?
What country was it coming from?
ERRR what the heck is going on???
reply to post by primamateria
Most if not all the sites these days archive their content daily. This is the main reason the internet is so hard to 'control'. Even if their attacked, they are quickly up and running under a new Domain name/IP address.
Most if not all the sites these days archive their content daily. This is the main reason the internet is so hard to 'control'. Even if their attacked, they are quickly up and running under a new Domain name/IP address.
This happened again all morning from the UK
Server Unavailable error 132 on every ATS page.
What might be interesting too is that a recent putin interview with a german reported was not allowed on any media service outside of Germany! I am trying to source a translation of the iterview in full, one site is posting it but they are a bit anti zionist (rense recently too!) so I want a proper translation.
Here we go guys!
Regards,
Elf.
Server Unavailable error 132 on every ATS page.
What might be interesting too is that a recent putin interview with a german reported was not allowed on any media service outside of Germany! I am trying to source a translation of the iterview in full, one site is posting it but they are a bit anti zionist (rense recently too!) so I want a proper translation.
Here we go guys!
Regards,
Elf.
Originally posted by MischeviousElf
This happened again all morning from the UK
This morning's issue appears unrelated to yesterday's issue. I received an alert on my cellphone (didn't get one yesterday) regarding a connectivity issue on our provider's network that connects our servers together.
Different cause. It was corrected by our provider, and now we're back.
The unsettling part (for our members) is that, on the surface, it looked like the same as yesterday's issue.
Skeptic,
Thanks again for all the hard work and quick response,
Good to see ATS is back, I hope though that as mentioned, other sites, and our experiences yesterday, does not mean this is going to become regular modus operandi for those who do this!
The problem with trying to extinguish a candle of truth is that either it will relight, or someone somewhere else will always light a new candle:-)
Kind Regards,
Elf.
Thanks again for all the hard work and quick response,
Good to see ATS is back, I hope though that as mentioned, other sites, and our experiences yesterday, does not mean this is going to become regular modus operandi for those who do this!
The problem with trying to extinguish a candle of truth is that either it will relight, or someone somewhere else will always light a new candle:-)
Kind Regards,
Elf.
Erm just a Very Odd thought, did "skynet" finally go online?
Seems the net is getting pounded this week from different directions
did it suddenly become self aware?
(boy I need sleep)
Seems the net is getting pounded this week from different directions
did it suddenly become self aware?
(boy I need sleep)
Originally posted by SkepticOverlord
It's been a busy day, with this issue and the new announcement for political topics... and even with the near four hour outage, we're still on track for today to be one of our top-ten highest-trafficked days.
Perhaps the two are related?
Thanks for sorting it out both times, and for keeping us in the loop.
If you find out who the perps are please let os know.
[edit on 9/12/2008 by schrodingers dog]
Did anyone recive any personal attacks. after i heard about this i talked to some of my friends and in the same genereal time frame all this happend
he had some one try to get into his computer from an open port
reply to post by darkmdbeener
It's hard to tell what happened yesterday morning.
ATS went down., then come back, then Comcast went down cable+internet for hours in parts of NW DC, but they didn't know about it till I called them.
Plus if you read some the earlier post, it seems there we minor problems all over the place.
It's hard to tell what happened yesterday morning.
ATS went down., then come back, then Comcast went down cable+internet for hours in parts of NW DC, but they didn't know about it till I called them.
Plus if you read some the earlier post, it seems there we minor problems all over the place.
now that i think about it beside hitting the wired problem with the site later that day the whole net went down thinking it was the router i did my
usual to reset it and nothing. 30 minutes to and hour then its back up. thought it was my stupid wimax antena acting up. but from all ive read it may
not be
OOOOOOOOOa. The day the earth stood still.
Can't wait for december when the movie comes to the theatre so we can see how they did it.
Can you maybe say, thank you darrpa and al gore.
Can't wait for december when the movie comes to the theatre so we can see how they did it.
Can you maybe say, thank you darrpa and al gore.
Probably nothing but.....ATS Post - LHC Hacked
Lets take a big leap and imagine, what if the people at CERN have unlimited access to 'everything'.
Is there a 'button' they could push to stop most if not all Internet traffic in the event of an emergency, as they experienced this morning.
Way out there, but so are many other things
Lets take a big leap and imagine, what if the people at CERN have unlimited access to 'everything'.
Is there a 'button' they could push to stop most if not all Internet traffic in the event of an emergency, as they experienced this morning.
Way out there, but so are many other things
Thank SO for getting to the bottom of it.
BUT
Guys. You don't think that this happened, on the exact anniversary of 9/11 around and about the time of day that the planes hit, is a coincidence do you?
Obviously someone very sick was trying to make a point.
[edit on 9/12/2008 by schrodingers dog]
BUT
Guys. You don't think that this happened, on the exact anniversary of 9/11 around and about the time of day that the planes hit, is a coincidence do you?
Obviously someone very sick was trying to make a point.
[edit on 9/12/2008 by schrodingers dog]
reply to post by schrodingers dog
i dont think this was a coincidence ive talk to people and they have noticed te same things: all sites being unable to browse, black outs (which is new), internet outages.
was anyone hacked or in the process of being hacked. just asking because a few of my friends noticed some one trying to hack them the same day as all this.
EDIT
found this site that was taken down just 2 day before it (doubt it has anything to do with what we are talking about)
nectarine.fr...
[edit on 12-9-2008 by darkmdbeener]
i dont think this was a coincidence ive talk to people and they have noticed te same things: all sites being unable to browse, black outs (which is new), internet outages.
was anyone hacked or in the process of being hacked. just asking because a few of my friends noticed some one trying to hack them the same day as all this.
EDIT
found this site that was taken down just 2 day before it (doubt it has anything to do with what we are talking about)
nectarine.fr...
[edit on 12-9-2008 by darkmdbeener]
new topics
-
Let's talk planes.
General Chit Chat: 1 hours ago -
January 6th report shows disturbing trend (nobody is shocked)
US Political Madness: 2 hours ago -
Inexplicable military simulation - virtual reality showdown in the night..
The Gray Area: 3 hours ago -
The Truth about Migrant Crime in Britain.
Social Issues and Civil Unrest: 4 hours ago -
Trudeau Resigns! Breaking
Other Current Events: 6 hours ago -
Live updates: Congress meets to certify Trump's presidential election victory
US Political Madness: 7 hours ago -
Gravitic Propulsion--What IF the US and China Really Have it?
General Conspiracies: 7 hours ago -
Greatest thing you ever got, or bought?
General Chit Chat: 7 hours ago
top topics
-
Trudeau Resigns! Breaking
Other Current Events: 6 hours ago, 22 flags -
January 6th report shows disturbing trend (nobody is shocked)
US Political Madness: 2 hours ago, 14 flags -
Live updates: Congress meets to certify Trump's presidential election victory
US Political Madness: 7 hours ago, 12 flags -
Gravitic Propulsion--What IF the US and China Really Have it?
General Conspiracies: 7 hours ago, 9 flags -
The Truth about Migrant Crime in Britain.
Social Issues and Civil Unrest: 4 hours ago, 9 flags -
Greatest thing you ever got, or bought?
General Chit Chat: 7 hours ago, 3 flags -
Inexplicable military simulation - virtual reality showdown in the night..
The Gray Area: 3 hours ago, 2 flags -
Let's talk planes.
General Chit Chat: 1 hours ago, 2 flags
active topics
-
Gravitic Propulsion--What IF the US and China Really Have it?
General Conspiracies • 11 • : YouSir -
January 6th report shows disturbing trend (nobody is shocked)
US Political Madness • 9 • : BeyondKnowledge3 -
Let's talk planes.
General Chit Chat • 3 • : Shoshanna -
Trudeau Resigns! Breaking
Other Current Events • 54 • : Flyingclaydisk -
Meta Llama local AI system is scary good
Science & Technology • 41 • : glend -
Sorry to disappoint you but...
US Political Madness • 29 • : Kaiju666 -
The Truth about Migrant Crime in Britain.
Social Issues and Civil Unrest • 11 • : putnam6 -
Greatest thing you ever got, or bought?
General Chit Chat • 20 • : lilzazz -
-@TH3WH17ERABB17- -Q- ---TIME TO SHOW THE WORLD--- -Part- --44--
Dissecting Disinformation • 3952 • : AianawaQ1320 -
Live updates: Congress meets to certify Trump's presidential election victory
US Political Madness • 17 • : Dalamax