Login 
canadian forums
bottom
 
 
Canadian Forums

Author Topic Options
Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 13896
PostPosted: Mon Feb 28, 2022 5:48 pm
 


DrCaleb DrCaleb:
$1:
Content Encoding Error

The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

Please contact the website owners to inform them of this problem.

I've seen that error message on and off for months now.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Wed May 04, 2022 7:26 am
 


Looks like we got another DOS attack yesterday. Every front page story for the first 5 pages has 500+ views.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Sun May 15, 2022 9:32 am
 


Looks like the script kiddie's tantrum is over. 3 days, and nothing of value is lost.

But I bet Trev's advertising revenue is through the roof! All those page impressions really help.


Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 13896
PostPosted: Sun May 15, 2022 6:05 pm
 


Hey... we're back online. Only a couple of down days. Wonder what happened this time.


Offline
CKA Uber
CKA Uber


GROUP_AVATAR
User avatar
Profile
Posts: 11031
PostPosted: Sun May 15, 2022 6:30 pm
 


Couldn't login from the front page, had to reply to a post to login and stay logged in...


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Mon May 16, 2022 6:02 am
 


Strutz Strutz:
Wonder what happened this time.


I've been seeing a trend with these incidents. Stories on the front page have over 60,000 views, and going up to 10 pages back. That isn't an accident.

The way CKA is customized, the front page and the forums are loosely tied. I think when you load the front page, you get a list of all the stories on it since the beginning of time.

All some low skilled attacker has to do is load the front page, then perform an operation to open all the story links they receive. Before the server has a chance to open the page, they ask again. And again. Suddenly the server is opening thousands of links, and the requester isn't caring about the reply. This overwhelms the server, and it can't keep up.

This is known as a 'denial of service' attack. Not very complex, and doesn't take much talent. It's easily countered, if you have access to the page logs to see which address is requesting these pages. Which we don't. :(

Another trend I see is that the attacks last a set amount of time. Almost exactly 3 days this time.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Mon May 16, 2022 6:04 am
 


herbie herbie:
Couldn't login from the front page, had to reply to a post to login and stay logged in...


I do not log on while the server is under attack, because it is not secured by encryption.

I use a randomly generated password anyhow, so there is little chance of it compromising any other, it's just the principal. ;)


Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 13896
PostPosted: Mon May 16, 2022 5:08 pm
 


DrCaleb DrCaleb:
Strutz Strutz:
Wonder what happened this time.


I've been seeing a trend with these incidents. Stories on the front page have over 60,000 views, and going up to 10 pages back. That isn't an accident.

The way CKA is customized, the front page and the forums are loosely tied. I think when you load the front page, you get a list of all the stories on it since the beginning of time.

All some low skilled attacker has to do is load the front page, then perform an operation to open all the story links they receive. Before the server has a chance to open the page, they ask again. And again. Suddenly the server is opening thousands of links, and the requester isn't caring about the reply. This overwhelms the server, and it can't keep up.

This is known as a 'denial of service' attack. Not very complex, and doesn't take much talent. It's easily countered, if you have access to the page logs to see which address is requesting these pages. Which we don't. :(

Another trend I see is that the attacks last a set amount of time. Almost exactly 3 days this time.

So... what you seem to be saying is that whoever is doing it is doing it intentionally. Am I correct?


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Tue May 17, 2022 5:50 am
 


Strutz Strutz:
So... what you seem to be saying is that whoever is doing it is doing it intentionally. Am I correct?


I'd need to see the logs to verify, but I've seen things like this many times in my job. Denial of Service attacks are almost never accidental. You can't accidentally load every story on the site 65,000 times a day.


Offline
CKA Moderator
CKA Moderator
User avatar
Profile
Posts: 45165
PostPosted: Wed May 25, 2022 6:34 am
 


https://www.eff.org/https-everywhere/se ... ur-browser


HTTPS:// only mode will soon follow. Since CKA and related sites don't use SSL encryption, they may become unavailable to HTTPS:// only browsers.

Some browsers, like Firefox, will still allow a downgrade to mixed mode, but not forever.


Offline
CKA Uber
CKA Uber
 Vancouver Canucks
User avatar
Profile
Posts: 25211
PostPosted: Wed May 25, 2022 2:04 pm
 


What's the other forum again?


Offline
CKA Uber
CKA Uber


GROUP_AVATAR
User avatar
Profile
Posts: 22707
PostPosted: Wed May 25, 2022 2:25 pm
 


https://greatcanadian.forumotion.com/


Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks
User avatar
Profile
Posts: 25822
PostPosted: Wed May 25, 2022 3:12 pm
 


Our plan B if Trev forgets to reboot the server.


Offline
CKA Moderator
CKA Moderator
 Vancouver Canucks


GROUP_AVATAR
User avatar
Profile
Posts: 13896
PostPosted: Fri Jun 03, 2022 3:56 pm
 


Is anyone else having issues today with the site? I'm finding threads are slow to load but I'm not finding this on other sites so I know it's not my connection or laptop issues.


Post new topic  Reply to topic  [ 2339 posts ]  Previous  1 ... 152  153  154  155  156



Who is online

Users browsing this forum: No registered users and 1 guest



cron
 
     
All logos and trademarks in this site are property of their respective owner.
The comments are property of their posters, all the rest © Canadaka.net. Powered by © phpBB.