2013-01-23 02:32:45 <-- onlyAgamer (onlyAgamer@Pony-csdb5r.adam.com.au) has quit (Ping timeout: 121 seconds) 2013-01-23 06:51:18 --> onlyAgamer (onlyAgamer@Pony-8dlijk.adam.com.au) has joined # 2013-01-23 07:59:20 <-- onlyAgamer (onlyAgamer@Pony-8dlijk.adam.com.au) has quit (Quit: --Trasmission Closed--) 2013-01-23 08:34:02 [Colgate away: Work] 2013-01-23 09:48:21 <-- WubTheCaptain (WubTheCaptain@derpy.fi) has quit (luna.canternet.org derpy.canternet.org) 2013-01-23 09:52:49 <-- Sellyme (Sellyme@Pony-1gp26o.is.bestpony.tk) has quit (luna.canternet.org celestia.canternet.org) 2013-01-23 09:53:18 --> Sellyme (Sellyme@Pony-1gp26o.is.bestpony.tk) has joined # 2013-01-23 09:55:25 <-- Sellyme (Sellyme@Pony-1gp26o.is.bestpony.tk) has quit (luna.canternet.org celestia.canternet.org) 2013-01-23 09:55:50 --> Sellyme (Sellyme@Pony-1gp26o.is.bestpony.tk) has joined # 2013-01-23 10:00:43 <-- Sellyme (Sellyme@Pony-1gp26o.is.bestpony.tk) has quit (luna.canternet.org celestia.canternet.org) 2013-01-23 10:18:44 -- irc: disconnected from server 2013-01-23 11:00:33 [Colgate away: Work] 2013-01-23 11:01:10 --> Colgate (rabbit@Brushie.Time) has joined # 2013-01-23 11:01:10 -- Nicks #: [@Colgate] 2013-01-23 11:01:10 -- Channel #: 1 nick (1 op, 0 halfops, 0 voices, 0 normals) 2013-01-23 11:03:28 -- Mode # [+nt] 2013-01-23 11:03:28 -- Channel created on Wed, 23 Jan 2013 11:09:55 2013-01-23 14:29:12 -- irc: disconnected from server 2013-01-23 14:32:23 [Colgate away: Work] 2013-01-23 14:32:59 --> Colgate (rabbit@Brushie.Time) has joined # 2013-01-23 14:32:59 -- Nicks #: [@Colgate] 2013-01-23 14:32:59 -- Channel #: 1 nick (1 op, 0 halfops, 0 voices, 0 normals) 2013-01-23 14:35:10 -- Mode # [+nt] 2013-01-23 14:35:10 -- Channel created on Wed, 23 Jan 2013 14:41:45 2013-01-23 17:10:41 [Colgate back: gone 02:38:18] 2013-01-23 19:05:54 --> wollw (~4b6517a1@Pony-ri863k.dynamic.sonic.net) has joined # 2013-01-23 19:06:23 -- wollw is now known as Pony_67895 2013-01-23 19:06:54 -- Pony_67895 is now known as wollw 2013-01-23 19:07:05 <-- wollw (~4b6517a1@rarity) has left # ("") 2013-01-23 20:00:01 --> Cloudcraft (~18d5eb72@Pony-tk6p7r.biz.rr.com) has joined # 2013-01-23 20:00:09 <-- Cloudcraft (~18d5eb72@Pony-tk6p7r.biz.rr.com) has left # ("") 2013-01-23 20:35:51 --> onlyAgamer (onlyAgamer@Pony-mhf651.adam.com.au) has joined # 2013-01-23 20:41:16 onlyAgamer Colgate, just a thought if you get the IP of the peoplpe ddosing we could get everyone the low obit ion cannon and counter ddos 2013-01-23 20:41:37 @Colgate that's very unlikely to happen 2013-01-23 20:42:08 onlyAgamer thats a shame, any idea who might be doing it? 2013-01-23 20:42:19 @Colgate they are almost asuredly using 2 "proxies" 2013-01-23 20:42:32 @Colgate 1 being all the servers they are throwing bogus packets to to bounce back to us 2013-01-23 20:42:46 @Colgate and the machines that are sending those initial packets in the first place 2013-01-23 20:43:03 onlyAgamer well someone doesnt want to be found 2013-01-23 20:43:29 @Colgate would you want the feds on your ass' for DoSing for 10 hours straight? 2013-01-23 20:44:39 * Colgate tends to want to have nothing to do with that side of the federal government 2013-01-23 20:46:31 onlyAgamer well this sucks i have a friend who can get through the proxy but doesnt want to becasue he hates hacking... no matter what... 2013-01-23 20:49:26 @Colgate erm, I don't see how 2013-01-23 20:51:20 onlyAgamer he's smart as hell he has 7 proxy walls on himself 2013-01-23 20:52:58 @Colgate ...right 2013-01-23 20:53:18 @Colgate he can be as smart as he wants, but the information isn't in our hands 2013-01-23 20:53:27 @Colgate it is in the rmote server's hands 2013-01-23 20:53:45 @Colgate and by that, I mean we would have to chain every single hop accross the internet to track the packet path 2013-01-23 20:54:15 onlyAgamer i noticed, so is the server host being ddos or is it targeted at canternet? 2013-01-23 20:56:43 @Colgate target at canternet 2013-01-23 20:57:12 @Colgate they hit 3 different datacenters owned by 2 different companies 2013-01-23 20:59:14 onlyAgamer someone must really hate canternet... 2013-01-23 20:59:51 onlyAgamer oh god i just made deal with the devil 2013-01-23 21:00:03 onlyAgamer my friend will try to get the proxy but 2013-01-23 21:00:10 onlyAgamer i have to play luna game 2013-01-23 21:00:24 onlyAgamer just hearing about it... 2013-01-23 21:05:47 @Colgate erm, how does he plan on doing that? 2013-01-23 21:06:02 @Colgate I would be extremely interested in his methods :P 2013-01-23 21:06:27 onlyAgamer not sure ill ask him 2013-01-23 21:06:32 onlyAgamer how ever that game was 2013-01-23 21:06:36 onlyAgamer scary 2013-01-23 21:11:36 onlyAgamer well he said the ddos is comming from a webhost 2013-01-23 21:12:34 onlyAgamer so if we ddos 1 proxy then all the packets will build up on the other and overload it 2013-01-23 21:14:28 @Colgate a few problems with that 2013-01-23 21:14:45 @Colgate the ddos was coming from 55000+ IPs 2013-01-23 21:14:46 --> Nacho (~74f0b41d@Pony-22hp6q.iprimus.net.au) has joined # 2013-01-23 21:14:48 @Colgate not just 1 2013-01-23 21:14:50 onlyAgamer here he is 2013-01-23 21:14:56 Nacho Sup, names nacho. 2013-01-23 21:15:02 @Colgate 2, that webhost is probably innocent 2013-01-23 21:15:24 @Colgate 3, you don't have any information at all on this, so it could not be remotely possible to even come up with anything bug guesses 2013-01-23 21:15:28 Nacho My favorite pony is twilight fucking sparkle. 2013-01-23 21:16:13 Nacho Colgate. 2013-01-23 21:16:32 Nacho You're saying that he is behind 2 proxys. 2013-01-23 21:17:06 @Colgate at least? 2013-01-23 21:17:16 @Colgate and they aren't really proxies 2013-01-23 21:17:36 @Colgate spoofed packet headers from hacked boxes 2013-01-23 21:18:09 Nacho My opinion is if he was using an applicaition to ddos your website for 10 hours, he would have a proper host to be doing it. 2013-01-23 21:18:27 Nacho If so, you back track ONE of the ips that he is behind. 2013-01-23 21:19:16 Nacho He can't be behind 5000 ips. The website/applicaition he would be using would have to option of >= 5000. 2013-01-23 21:20:03 Nacho He would only be behind one or two, maximoum at 10. That would be when the packets would be too thin to effect you. 2013-01-23 21:20:23 Nacho What you got goin' on right now can be backtracked with the ip connected. 2013-01-23 21:20:30 Nacho The one sending in the most packets. 2013-01-23 21:20:43 Nacho Now you can do 2 things, A: Disconnect it. 2013-01-23 21:20:53 Nacho Or B: Send a teamed Ddos attack. 2013-01-23 21:20:56 @Colgate Nacho: do you even know how this attack was executed? 2013-01-23 21:21:10 Nacho Do you even know how an attack works? 2013-01-23 21:21:29 @Colgate it is pretty simple, they send out packets with spoofed headers that say that OUR server sent it, the server replies to OUR server with the responses 2013-01-23 21:21:34 Nacho I am trying to help, not trying to tell you what you should or shouln't do. 2013-01-23 21:22:18 Nacho Not quite. 2013-01-23 21:22:25 @Colgate now, tell me, how do *I* get those IPs short of contacting the servers who think they are getting packets from us 2013-01-23 21:22:31 @Colgate but well, aren't 2013-01-23 21:23:33 Nacho If you can have a look at the logs to your webhost you can see that there should be a list of connected ips to your server/webhost. 2013-01-23 21:23:48 @Colgate they never connect 2013-01-23 21:24:05 Nacho Never connect directly. 2013-01-23 21:24:34 @Colgate (also yes, I know all about netstat) 2013-01-23 21:24:36 Nacho I should proberbly ask which item on your website is getting ddosed before I look like an idiot 2013-01-23 21:24:50 @Colgate this isn't a website 2013-01-23 21:24:55 @Colgate it is an irc server 2013-01-23 21:25:02 Nacho Looks like a website to me. 2013-01-23 21:25:15 Nacho I mean, it has a HTML element and everything 2013-01-23 21:25:18 onlyAgamer nacho isnt running through a client 2013-01-23 21:25:33 Nacho