CKA Forums
http://www.canadaka.net/forums/

A little problem with your forum Trev.
http://www.canadaka.net/forums/canadaka-net-f4/a-little-problem-with-your-forum-trev-t18797-2325.html
Page 156 of 157

Author:  Strutz [ Mon Feb 28, 2022 5:48 pm ]
Post subject:  Re: A little problem with your forum Trev.

DrCaleb DrCaleb:
$1:
Content Encoding Error

The page you are trying to view cannot be shown because it uses an invalid or unsupported form of compression.

Please contact the website owners to inform them of this problem.

I've seen that error message on and off for months now.

Author:  DrCaleb [ Wed May 04, 2022 7:26 am ]
Post subject:  Re: A little problem with your forum Trev.

Looks like we got another DOS attack yesterday. Every front page story for the first 5 pages has 500+ views.

Author:  DrCaleb [ Sun May 15, 2022 9:32 am ]
Post subject:  Re: A little problem with your forum Trev.

Looks like the script kiddie's tantrum is over. 3 days, and nothing of value is lost.

But I bet Trev's advertising revenue is through the roof! All those page impressions really help.

Author:  Strutz [ Sun May 15, 2022 6:05 pm ]
Post subject:  Re: A little problem with your forum Trev.

Hey... we're back online. Only a couple of down days. Wonder what happened this time.

Author:  herbie [ Sun May 15, 2022 6:30 pm ]
Post subject:  Re: A little problem with your forum Trev.

Couldn't login from the front page, had to reply to a post to login and stay logged in...

Author:  DrCaleb [ Mon May 16, 2022 6:02 am ]
Post subject:  Re: A little problem with your forum Trev.

Strutz Strutz:
Wonder what happened this time.


I've been seeing a trend with these incidents. Stories on the front page have over 60,000 views, and going up to 10 pages back. That isn't an accident.

The way CKA is customized, the front page and the forums are loosely tied. I think when you load the front page, you get a list of all the stories on it since the beginning of time.

All some low skilled attacker has to do is load the front page, then perform an operation to open all the story links they receive. Before the server has a chance to open the page, they ask again. And again. Suddenly the server is opening thousands of links, and the requester isn't caring about the reply. This overwhelms the server, and it can't keep up.

This is known as a 'denial of service' attack. Not very complex, and doesn't take much talent. It's easily countered, if you have access to the page logs to see which address is requesting these pages. Which we don't. :(

Another trend I see is that the attacks last a set amount of time. Almost exactly 3 days this time.

Author:  DrCaleb [ Mon May 16, 2022 6:04 am ]
Post subject:  Re: A little problem with your forum Trev.

herbie herbie:
Couldn't login from the front page, had to reply to a post to login and stay logged in...


I do not log on while the server is under attack, because it is not secured by encryption.

I use a randomly generated password anyhow, so there is little chance of it compromising any other, it's just the principal. ;)

Author:  Strutz [ Mon May 16, 2022 5:08 pm ]
Post subject:  Re: A little problem with your forum Trev.

DrCaleb DrCaleb:
Strutz Strutz:
Wonder what happened this time.


I've been seeing a trend with these incidents. Stories on the front page have over 60,000 views, and going up to 10 pages back. That isn't an accident.

The way CKA is customized, the front page and the forums are loosely tied. I think when you load the front page, you get a list of all the stories on it since the beginning of time.

All some low skilled attacker has to do is load the front page, then perform an operation to open all the story links they receive. Before the server has a chance to open the page, they ask again. And again. Suddenly the server is opening thousands of links, and the requester isn't caring about the reply. This overwhelms the server, and it can't keep up.

This is known as a 'denial of service' attack. Not very complex, and doesn't take much talent. It's easily countered, if you have access to the page logs to see which address is requesting these pages. Which we don't. :(

Another trend I see is that the attacks last a set amount of time. Almost exactly 3 days this time.

So... what you seem to be saying is that whoever is doing it is doing it intentionally. Am I correct?

Author:  DrCaleb [ Tue May 17, 2022 5:50 am ]
Post subject:  Re: A little problem with your forum Trev.

Strutz Strutz:
So... what you seem to be saying is that whoever is doing it is doing it intentionally. Am I correct?


I'd need to see the logs to verify, but I've seen things like this many times in my job. Denial of Service attacks are almost never accidental. You can't accidentally load every story on the site 65,000 times a day.

Author:  DrCaleb [ Wed May 25, 2022 6:34 am ]
Post subject:  Re: A little problem with your forum Trev.

https://www.eff.org/https-everywhere/se ... ur-browser


HTTPS:// only mode will soon follow. Since CKA and related sites don't use SSL encryption, they may become unavailable to HTTPS:// only browsers.

Some browsers, like Firefox, will still allow a downgrade to mixed mode, but not forever.

Author:  Tricks [ Wed May 25, 2022 2:04 pm ]
Post subject:  Re: A little problem with your forum Trev.

What's the other forum again?

Author:  bootlegga [ Wed May 25, 2022 2:25 pm ]
Post subject:  Re: A little problem with your forum Trev.

https://greatcanadian.forumotion.com/

Author:  Scape [ Wed May 25, 2022 3:12 pm ]
Post subject:  Re: A little problem with your forum Trev.

Our plan B if Trev forgets to reboot the server.

Author:  Strutz [ Fri Jun 03, 2022 3:56 pm ]
Post subject:  Re: A little problem with your forum Trev.

Is anyone else having issues today with the site? I'm finding threads are slow to load but I'm not finding this on other sites so I know it's not my connection or laptop issues.

Author:  DrCaleb [ Tue Jul 12, 2022 11:43 am ]
Post subject:  Re: A little problem with your forum Trev.

Oh goody! Another DDOs attack.

Ring the cash register some more!

Page 156 of 157 All times are UTC - 8 hours [ DST ]
Powered by phpBB ©