The foolishness of running an opensource home brew server.

CadeX · Post by **CadeX** » Thu Oct 12, 2006 12:41 pm

My entire network has been under a massive DDOS attack for the last couple of days, i got sick of hoping the guy would just stop or legal forces to take action, but he isn't stopping until he gets what he wants.. Which is my entire networks database.

Funnily enough, i took this matter into my own hands since legal action said they could not do anything. Since my server's were logging the IP address, i did website searchs, and port scans on his ip.

I found a website of his, he runs 3 servers, all open-source, the style the person has been writting the servers in was quite identical... So, I noticed a flaw, in all of them... The same flaw in all 3 was somewhere in there... So, i reversed the attack by using my backup channel on my network. I sent him a reply to the email he left me... He has made corrections in his code, but he still hasn't found the flaw. I seised the reverse-attack after 1 hour. Since then no attacks, but i did get a reply saying it wont end here.

Funny, huh?

Comments, Idea's, Feedback accepted.

thamarok · Post by **thamarok** » Thu Oct 12, 2006 12:56 pm

You did what that loser deserves.
But, I would recommend you if your server isn't that important, take it down for a couple of days. (The same happened to me, I took my server down for a week and after it was hosted no attacks so far and it is 5 months then the last attack)

One thing that I don't understand is, that even I couldn't do any legal actions..

dracflamloc · Post by **dracflamloc** » Thu Oct 12, 2006 1:15 pm

I believe the true foolishness is in believing that non-open source homebrew servers are any better...

CadeX · Post by **CadeX** » Thu Oct 12, 2006 1:29 pm

Since the person had a sourcecode of his servers on his website, i didn't even have to bother investigating how his servers worked.. Though you do raise a valid point, it just saved me ALOT of time by looking at his source(s) instead.

Killswitch · Post by **Killswitch** » Thu Oct 12, 2006 2:52 pm

It's this sort of thing which worries me about open-source sotware - all of a programs faults and weaknesses are there for people to find and exploit. At least with proprierty software you have to work your arse off to find some chink in the softwares armour. Then again, there is the argument that open-source programs can get patched quicker. I don't know, I'm ranting

Anyway, nice one on giving this guy a taste of his own medicine!

dracflamloc · Post by **dracflamloc** » Thu Oct 12, 2006 3:00 pm

The second the attack occurred if this guy was smart he'd take down the server, fix the bug with a quick hack, then put the server back up. If he was running a closed server he would either have to just let the attack happen or he would have to take the server down completely.

CadeX · Post by **CadeX** » Thu Oct 12, 2006 3:30 pm

But he hasnt... So, i'm waiting for the next attack if this isn't the end of it. I've firewalled his IP range, not sure if thats whats stopping him.

dracflamloc · Post by **dracflamloc** » Thu Oct 12, 2006 3:33 pm

Could be, though most likely he'll figure that out and get a new IP.

Good job though =)

Joakim Christiansen · Post by **Joakim Christiansen** » Thu Oct 12, 2006 6:42 pm

Haha, funnny

Shannara · Post by **Shannara** » Thu Oct 12, 2006 8:26 pm

If you were in the usa, or he is in the usa, and you can convince the fbi that he has caused 5,000 or more worth of damage to your network, they will definately do something about it.

If you can prove that much damange, good luck!

CadeX · Post by **CadeX** » Fri Oct 13, 2006 1:23 am

He did absolutely no damage money wise, but he did a little reputation wise... a few people were upset when they couldn't use the services i offered. I think the reputation has been restored though. Still waiting for the next attack.