bbs.spamgourmet.com

[de552]

Now system seems to be running fine again finally. Round trip time is less than 30 seconds. It's good enough.

Let's just hope that they won't continue attacking service. Because it's clear that attack will bring this system down. If they would have continued that attack. Then users would have lost their emails.

[Odomus]

Never did get a clear Idea on WHY they do this... what is the real reason for the DDoS attacks? What is the real reason?

[de552]

I guess for commercial sites it's black mailing and setting negative aspect because service isn't working.

If you're stock market day trader. It might suck quite lot if you can't access site. You can easily lose tens of thousands. And it's only you. What about others? Losses can be massive if sites are unreachable.

In some cases attacks have lasted for weeks or even months. And then it really starts to suck. If it's internet business based company it might go down completely.

Also getting protected from attacks is very expensive. There is no easy and cheap solution. So sites which cant pay protection money are easy targets.

There was study that one third of all sites and businesses have encountered these attacks and numbers are rising all the time.

These cases have been documented well:
http://www.grc.com/dos/grcdos.htm
http://www.grc.com/dos/drdos.htm

[Odomus]

OK that is understood... but for SG what would be the reason they would do it here? That is what doesnt make sense. Other than slowing down the speed of emails.
I dont see a reason for it... is there a reason for this?

[de552]

Any reason. If I'm spammer and I don't like spam fighting sites like spamgourmet. I might like to bring it down just as my hobby or for fun.

Why people usually take sites down? They got something against it. If they have resources to attack and nothing better to do. They can attack. I think spamgourmet has been attacked because it's spam fighting site. If I have large spam bot network I might use it for attacks.

Actually I wouldn't because sending spam is profitable. Attacking spamgourmet is not. But there are a lot of persons who doesn't think clearly and might get upset from even smallest things.

Like that GRC case. It was 13 yo boy that got upset and blasted site down.

And in Pirate Bay fight Swedish police site was taken down only by including large photos from site to one web page and asking users that don't like swedish police to visit that page. That's it, simple as that. Actually it's starting to be bit unclear if this is even attack. As far as I know linking to images isn't a crime.

[Odomus]

It just seems odd, just needed it clarified as in why... frankly to me, I dont see a point in it. Attacking somone like SG just seems to me like a waste of resources I would have better luck in taking down the Police it seems like than taking down SG. I mean yeh they slow down SG alot but it doesnt stop. I guess they are that dumb to know this.

[de552]

Slow down SG alot but it doesnt stop. I guess they are that dumb to know this.

Ahem... Based on what I saw during that attack. If they would have continued that attack system would have been down. Now attack was stopped before email started to get lost and queue was extracted slowly. So attack lasted something less or near to 24 hours. But if they havent stopped. It would have caused serious loss of email.

[Odomus]

Sorry let me re do myself..
I meant take down as in permanently tkae down SG, it doesnt make sense only to slow down the email but not perm take it down.

I am guessing what I am understanding is that they do it jsut to be an ass and to do it to cause trouble for ao reason bu jsut to do it, and no other reason at all. That is what I am getting it.

[josh]

All I can think of is that they'd be trying for a permanent take-down -- frustrate the admins enough that we give up and take up a new hobby. Even then, it would be a very small victory.

To be fair, most of the service problems we have are caused by what's very obviously an attack of some sort. Some of these issues are caused by abusive users who script the creation of new addresses, probably for self-serving reasons other than denial of service, but with the same effect. We occasionally also have service problems caused by flaky infrastructure and system software (and I believe the late difficulties would fall into that category -- the DNS server, in this case), and more rarely, (ahem) misconfiguration (my bad) -- but this hasn't happened for a while.

[de552]

All I can think of is that they'd be trying for a permanent take-down -- frustrate the admins enough that we give up and take up a new hobby. Even then, it would be a very small victory.

There is also another point. If mail isn't being forwarded. Users might as well gest frustrated and start using another service provider or direct (normail) emails instead.

Actually it's quite a long time from last bad attack. But back then I lost all my contacts which I formed using SG. Because no mail was forwarded during several weeks.

As I said. If they would have continued that attack for month, then all email would have been lost. And users would need to seek another service. Those DDoS attacks are big problem for everyone. And there is no cheap way to get rid of those.

And yeah. I did read that generated address list. If one user using generated addresses will cause that much problem. What would be the situation when some spammer would use it to spam SG users. It would cause double hit

First spam would get trough and a lot of new addresses would be generated. And also because new address generation causes that kind of problems, it would also DDoS this service to halt.

Simple 60 minute task. Harvest newsgroups and web pages for spamgourmet email addresses and domains. Create list of addresses and then send spam to all addresses by adding leading something. Or if you want to make ultimate solution check if prefix is used and insert crap "in" address.

Send 200k emails to spamgourmet advertising spam solution. When all of those emails come at once with new email addresses. How long it would take to handle those?

[pakman]

I haven't had anything forwarded for five and a half hours. I've tried a couple of tests (to xoxy.net and spamgourmet.com).

Is SG under attack again, or just overloaded?

P.

[user7]

I haven't had anything forwarded for five and a half hours. I've tried a couple of tests (to xoxy.net and spamgourmet.com).

A daily email to me at xoxy.net has failed Monday and Wednesday, but a new address @ xoxy.net was forwarded Wednesday 26 Sep 2007 15:56:00 -0400.

Looks like xoxy.net no workie again. Just tried 3 test messages; 2 to xoxy.net and later, one to spamgourmet.com.

Only the last one got thru!

The SG message counter has only incremented by 1.

Wuz up?!

[pakman]

I haven't had anything forwarded for five and a half hours. I've tried a couple of tests (to xoxy.net and spamgourmet.com).

A daily email to me at xoxy.net has failed Monday and Wednesday, but a new address @ xoxy.net was forwarded Wednesday 26 Sep 2007 15:56:00 -0400.

Just got one of my tests to xoxy.net through (took an hour and a half). A test to dfgh.net came through in less than a minute.

P.

[user7]

Just got one of my tests to xoxy.net through (took an hour and a half). A test to dfgh.net came through in less than a minute.
P.

Me too. Received those 2 test emails to xoxy.net after hour + delay, but still no missing newsletters I get @ xoxy.net.

Thanks, Josh & SG crew. We're so used to taking your reliable service for granted. .