New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I'm not entirely convinced the new attacks are related. Despite my (very) aggressive investigations and probing after the initial attacks, we haven't had any more real hits. Either he's realized that a 10$ botnet really isn't going to do anything more than give our IRCd indigestion, or he's trying to save up to pay for a decent sized net.
Or, potentially arrested.
There is a 4th thing that could have happened. Murdered/Suicided.
Everything seems back to normal, for now.
We were hit also, but absorbed that like a clean tampon.
It's easy to 'absorb' when the flood is only 120 seconds at a time. :P
Whoever is doing it is just using a dumb booter.
Francisco
@CVPS_Chris - You should get with us and the others with the IPs that hit you. We're working on getting a good section of these nets taken offline.
There's only so many booters, and most booters we've had to deal with have shared 'members'. On hackforums you can buy 'rooted udp shells' for however much and you can 'build your own booter!'. The boxes aren't dedicated though and it's almost always hacked OVH boxes.
How come everyone blames that guy, Const. ? Is he targeting all the hosts in LET, if someone has some time, please explain shortly what is he doing, what he took down (except LEB) and etc.
We also have been hit multiple times (more than usual) the past week, however we managed to handle the attacks with less than an hour of downtime of our main website. However I am pretty sure that it was not Const. (cant spell hsi full name, got no idea how it is spelled), we have been posted months ago on here, so he can't be targeting us though. Anyway, if someoen can share the IPs that he uses to attack, would be great.
No offense mec, but I believe you misspelled your username.
I doubt that the recent attacks are directly from Constantinos. More likely, he has indirectly shown several groups of skiddies that many hosts are not on quality lines, and can be easily be brought offline (or at the very least, eat through bandwidth) by using cheap booters.
No responsible host would publicly share a list of attacking IPs. C&C nets are composed of compromised machines... posting that list would be a veritable buffet of easy-access targets for skids.
With that being said... a handful of folks with professional experience in dealing with these types of issues are handling these attacks through proper channels. If you have any information you'd like to put forward to help get these botnets shut down, kindly email the details to myself ([email protected]) or @Chief. I've already made my actions on this public.. but in the interest of keeping the others out of the spotlight, I'm not going to name them, so kindly refrain from asking.
@LiqiudSolutions
He made a company called HostRail that made close to no profit and it ended up closing down with allot of debts and he didn't refund the customers after just closing it down. ( Threads: http://www.lowendbox.com/blog/hostrail-1-20-256mb-openvz-vps-exclusive-offer/ and http://www.lowendbox.com/blog/hostrail-1-05-256mb-openvz-vps/ and http://www.lowendbox.com/blog/deadpool-june-2011/ and http://www.webhostingtalk.com/showthread.php?t=1060255 ).
Not long ago he started another company with someone else where he always said that he was never involved but the LowEndTalk community ended up finding that was also involved and actively participating on this company ( Threads: http://www.lowendtalk.com/discussion/1365 and http://www.lowendtalk.com/discussion/1570 )
After this the company ended up closing because no one got a VPS from him due to his previous scam, and he blames lowendtalk for it and starts sending DDoS to it and any company related with it he also sent DDoS to webhostingtalk ( threads: http://www.lowendtalk.com/discussion/1714 and http://www.lowendtalk.com/discussion/1718 and http://www.lowendtalk.com/discussion/1713 and http://www.lowendtalk.com/discussion/1715 wht: http://www.webhostingtalk.com/showthread.php?t=1133121 )
i think this is it.
EDIT:
I forgot to say he also started another company in the mean while called sturdyvps that most likely already closed tho.
@DotVPS
Not much it was all about searching HostRail/HostSnowy/SturdyVPS and they all popped up after a quick search.
The story itself was also really easy i was here seeing it all but i guess about 4 minutes.
maybe yourself?
http://www.lowendtalk.com/discussion/1448/attention-jack-dotvps-steven-nozhost-dosing-off-our-servers-similar-relationship/
Constantinos [I presume] attacked me about 2 days back. I kept this mostly quiet after mitigating his attack, but since it was kinda a fail attack... Let's just say putting in place measures for port 80 after bringing it down for a little did the trick
It looks like everyone is blaming constantinos for any downtime they have... it gets funny now...
You remind me of the guy who disappeared off of IRC so we took all his logs, made an IRC bot to randomly say his randomness (he was a drug addict), and nobody noticed for about 2 years.
Anyone up for completing such a task?
I am already a bot.
Really Ppl are crazier than I thought
M
We have KS2 down due to a 2Gbit DDOS, Not sure what IP this was aimed at as of yet just waiting to see the port graphs. But a entire IP Range was nullrouted due to this so I'm just going to go ahead and put the blame on Constantinos.
@Jacob
We wouldn't have it any other way
@liam
Seriously what is your problem with me, you follow me round like a little puppy dog. I didn't know aldryic was the only person allowed to use smiley's. Honestly i would love to know though (What your issue is).
You added the ":P Are you servers up yet?" after i posted that so don't try to make me look like a mug
I wonder if Constantinos is under 7 proxies.
/lame4chanjoke
What are you going on about? Originally your post was just;
Stop copying @aldryic
Then you added the;
:P Are you servers up yet?
After i posted, what's so hard to understand about that. If you would have put that originally i would have known you were joking, but you didn't. Or are you now going to claim im lying? Because im sure we can get somebody to check if your post was edited after you posted it.
Nah its cool man. And your right it did look arsey until you added that haha and if that's how the original post that i saw was i would have known you were joking
Forget about it, just another common internet misunderstanding lol
More like his F5 key is burned out.
Francisco
what's up guys?
@Mon5t3r
Thank you for the LOL
So many notifications -_-;
So little time?