FA+
Shop
10/17/2014 - DDOS Attack Update
11 years ago
🏳️🌈💖Enjoy the site? Please consider supporting us via the links below!💖🏳️🌈
⭐ FA+ ⭐ SHOP ⭐ KO-FI ⭐
Journal Start
The site is currently in Read Only mode, but we're posting an update as to the Who/What/Where/Why/When
The DDOS (Distributed Denial of Service) attack started sometime Tuesday night at around 10PM. We're not sure the exact time, we just know that when it hit things hit hard. The site was offline within roughly a minute. After contacting our host, they quickly confirmed that they were seeing massive incoming bandwidth and had to blackhole our IP (blackhole essentially isolates FA from the rest of their network).
What's a DDOS? A massive network of computer systems flooding a target's with so much bandwidth and data that it knocks it offline. It's like driving down an empty highway and having 100,000 cars appear, causing instant gridlock.
We DO NOT KNOW who was behind the DDOS, nor do we have any speculation. We're not looking to point fingers. Our host is looking into the details and will be taking legal action if at all possible as this impacted many of their customers.
The DDOS persisted and caused massive lag spikes and connectivity problems for our host and spread through over four facilities. Emergency maintenance had to be done for router upgrades. Unfortunately, that didn't fix the problem and the attackers DDOSed the site and services again. Some of you may have noticed FA popping in and out at times.
The last 24 hours have been very hectic among site staff. Waiting on responses from our host (which were slow and far between). We still do not know the extent of the full DDOS as our host has not given us the full run down, but it was more than enough to saturate a 10 Gigabit fiber link.
We had to wait for the DDOS attacks to subside and for our host to update their firewalls and prepare for further attacks. The DDOS attack was out of our control, and we're taking some steps and measures to prevent it from happening in the future. Unfortunately, there is no silver bullet to stop a DDOS, but there are steps that can be taken to mitigate the damages done by them. SoFurry, Weasyl and Inkbunny were also hit with similar attacks. We'd also like to assure all users NO USER DATA was lost or compromised during the attack.
We are currently looking at migrating our hosts to a new system (we're still researching where) and are raising donations to do so. We're looking into a distributed cloud or dedicated server based hosting (we're still looking into the finer details).If you'd like to donate you may do so here:
http://www.gofundme.com/ftrtc8
We will be donating 10% of the donations to SoFurry since they've suffered outages and attacks almost on par with FA. As a community, we feel it's our job to try to look out for one another.
We know there are many questions, concerns and more, and we will be working on addressing those in the next few days. For now, we're just happy to have FA back and will be focusing on clean up from the attacks.
EDIT: The GoFundMe was shut down, but we still have the money and contact information for those who helped. And we will still keep to our word and give the 10% to SoFurry.
The DDOS (Distributed Denial of Service) attack started sometime Tuesday night at around 10PM. We're not sure the exact time, we just know that when it hit things hit hard. The site was offline within roughly a minute. After contacting our host, they quickly confirmed that they were seeing massive incoming bandwidth and had to blackhole our IP (blackhole essentially isolates FA from the rest of their network).
What's a DDOS? A massive network of computer systems flooding a target's with so much bandwidth and data that it knocks it offline. It's like driving down an empty highway and having 100,000 cars appear, causing instant gridlock.
We DO NOT KNOW who was behind the DDOS, nor do we have any speculation. We're not looking to point fingers. Our host is looking into the details and will be taking legal action if at all possible as this impacted many of their customers.
The DDOS persisted and caused massive lag spikes and connectivity problems for our host and spread through over four facilities. Emergency maintenance had to be done for router upgrades. Unfortunately, that didn't fix the problem and the attackers DDOSed the site and services again. Some of you may have noticed FA popping in and out at times.
The last 24 hours have been very hectic among site staff. Waiting on responses from our host (which were slow and far between). We still do not know the extent of the full DDOS as our host has not given us the full run down, but it was more than enough to saturate a 10 Gigabit fiber link.
We had to wait for the DDOS attacks to subside and for our host to update their firewalls and prepare for further attacks. The DDOS attack was out of our control, and we're taking some steps and measures to prevent it from happening in the future. Unfortunately, there is no silver bullet to stop a DDOS, but there are steps that can be taken to mitigate the damages done by them. SoFurry, Weasyl and Inkbunny were also hit with similar attacks. We'd also like to assure all users NO USER DATA was lost or compromised during the attack.
We are currently looking at migrating our hosts to a new system (we're still researching where) and are raising donations to do so. We're looking into a distributed cloud or dedicated server based hosting (we're still looking into the finer details).
http://www.gofundme.com/ftrtc8
We will be donating 10% of the donations to SoFurry since they've suffered outages and attacks almost on par with FA. As a community, we feel it's our job to try to look out for one another.
We know there are many questions, concerns and more, and we will be working on addressing those in the next few days. For now, we're just happy to have FA back and will be focusing on clean up from the attacks.
EDIT: The GoFundMe was shut down, but we still have the money and contact information for those who helped. And we will still keep to our word and give the 10% to SoFurry.
http://25.media.tumblr.com/tumblr_m.....8ysbo1_500.jpg
Gallades everywhere approve.
Followed by Ruby's agreement.
Also the tunic has its own charms in its simplicity.
skeleton
*beat drops and spooku creepy skeletons play*
-dances as my bones rattle-
FOXYFLOOFS ARE EVERYTHING.
I WIN.
>o>
i finds a hotdog for you!
pone
lrn2grammarkthx :3c
it still doesn't excuse the fact you're an annoying motherfucker who won't shut the fuck up and leave me alone.
methinks someone has a touch of the madbro.. but yeah you can stop saying words now~ x/3
Get.
The fuck.
OUT.
are you autistic by any chance? not hating.. just asking
I swear to fucking Christ, if you reply to me one more fucking time, I will report you for harassment.
LEAVE ME ALONE.
good luck in life xD
It's great to have FA back. :p
https://31.media.tumblr.com/997fedb.....8e79o5_500.png
GET IT
🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥🔥
But close enough. ;3 <3
ARCTIC WOLF!
*snickers and flops around*
o3o
And ahaha! Artists don't have shinies, you silly! :P
To give a better picture, imagine a good 12" pipe. Its purpose in life is to move water one way. Suddenly, the pipe is filled to capacity by water coming the OTHER way. That's another way to explain it - and probably not the best way, either. =D
I like to think of it as like a crowd of protesters around a shop's entrance. If you could get in, you could get your stuff and go out the back exit - but there's no room for you to get in. Or, if you have an attack which results in a lot of return traffic, you could have trouble getting out even if you get in.
(Of course, even this isn't perfect because in reality most downloads involve several back and forth transactions. You end up having analogies that are as complicated as the real thing!)
"Rex."
"Shepherd."
Thank you! You made my night. :^)
Oh... Shep-coon. >8D
I'll always remember the time I thought he was messing with my TV... >>; Basically what's going on in your icon, heh XD
Blew my freaking mind.
Ay, maybe we should move this convo to notes since it has nothing to do with the journal here ^^;
Thanks for liking my sergalness
we both know why we're so awesome ^.v.^
(Nice to see more MGR fans here :3)
I can see why it's a favorite of yours, it's awesome ^^
Its by
I found a reizaaaa~ /;u;/
I'll be sure not to read the comments to come, as usual.
Awesome to see FA back!
Good luck, guys!
Let's hope it doesn't happen again anytime soon. It doesn't really benefit anyone, not even the culprit if there is one.
The Anonymous group, for instance, did a 1Tbit DDOS in 2012, against bank of america. Yep, a hundred times more powerful one. So, if even a decentralized group can pull off a DDOS equaling to that of a botnet made from 2 MILLION average computers, it's safe to assume there are hundreds of people who have botnets of thousands of PCs at their disposal.
My bet is on that's what happened: one of those people got pissed off about FA.
And that's why Walmart was hit too, amirite?
"or don't like the cub ban"
And that's why Inkbunny was hit too?
FA and SF were not the only sites affected.
Personally, I agree that there is no way $25,000 is going to help this. It's very suspicious that this donation drive came on the heels of him and his wife making an offer on a house.
Okay. Over the last few days I saw soooo many comments/tweets/etc about how 'great'
it is that FA is down anyways and some of these are from other furries and even
people who use FA.... this is such a lame attitude to have when A. Its not so great
for artists who rely on FA for an income (me) B. LOL OMG- IF YOU DONT CARE ABOUT FA
ITS SO FUNNY THAT YOURE POSTING INSULTS ABOUT IT EVERY 5 MIN. seriously.
Can we all just take like 60 sec. to appreciate what furaffinity does for us
individually? Whether it be making friends, allowing you to be an artist who actually
sells their work, a place to buy awesome art or just an escape for everyday stress. I
dont care if you come here to get porn or if you're here for the lulz.. You're still here.
I understand that this situation is frusterating for everyone but please be realistic
with your snarky comments and expectations about the time it takes to fix things and
"why furaffinity deserves to be dead" because at the end of the day, its a group of
people trying to make something for A LITERAL SHIT TON of people to use for whatever purpose. FOR. FREE.
And about the GoFundMe... It is people's money to do what they wish with. And
obviously there are $14k worth who trust Neer to do whats right. and thats THEIR money and THEIR business
There is no need to SEEK OUT what FA is doing and insult Neer or the site as a whole (and the people who
do don't even see how pathetic it is to seek out something to make fun of that they "dont give a shit about"
- I agree that 24k is a lot to ask for a web fix but I guess only time will tell.
Long story short- IF YOU DONT LIKE IT - STOP MAKING YOURSELF PART OF IT.
- if you dont like fa, then just go?
- if you disagree with the gofundme, dont donate.
cmon now guys.
But contrary to popular belief, It wasn't necessarily an attack on furries because other sites were hit
(Norton Security and Walmart to name a few that I've read about)
But from what I saw, the negative attitudes were directly focused on Neer/FA
--- even people saying that Neer himself cause the DDOS so that he could crowd fund to reopen
(which is simply not true. and is also not fair to accuse someone of)
I wish I could "fave" or "like" your comment or something though because this is all true.
Even if its their opinion on a website that they "dont even care about" - sigh- ridiculous RELAVANT GIF
then RUSH to log in and act apathetic towards the situation - just sooo annoyinnngg = I wish they would ragequit
I don't need updates, though they'd be nice. I'm not going to die if they don't do it.
I feel like people complain about FA more than they do about actual world problems.
And "I don't need updates, though they'd be nice. I'm not going to die if they don't do it. "
YES THIS FOR YEARS
-- thats my whole point is that everyone is freaking out about updates etc- and Im as anxious as everyone else, dont get me wrong
but its FREE so whats wrong with asking for some help- no ones forcing paid registry or limited submissions--- if they raise 100k- it will still be DONATIONS
and donations are a choice... its so silly like..
"Here- would you like a free apartment to hang with friends and work out of?"
"OH SURE.... but what I really want is that mansion...."
"Well, we can work towards that bbuuuut well need some financial help"
"D:< SCAM ARTIST! I DIDNT LIKE THIS FREE APARTMENT ANYWAYS!!!!!"
And then you got the ones who get the change and respond "weeeeh... I hate change!" and then they do the march to Weasyl and shout it to the heavens. XD Because the layout was 2 shades too dark.
And by leave to Weasyl I mean just continue to complain here at every chance given.
to all those who bitch and complain and say things offend them my two words of advice are "Fuck" and "off" in that order.
It is good to see FA is back now time to get back to my lulz and porn.
My Advice for those who Dislike FA and posts negative vibes about it: *****I APOLOGIZE FOR THE USE OF LANGUAGE!!!!!*****
Take Your Crap
Back On Facebook
Where you can explain your Crap to people
Where others have no fucks to give for you about your issues about a website! = =
But anyway, thanks for being a voice of reason. ^.=.^
PLEASE do not let your guards down. It would be too much to bear if FA went down again after just being restored.
Once again, thank you, and please stay alert.
But yeah, sit tight and it'll be up soon™.
The downtime wasnt just the ddos it was the host putting the site offline
I was in most of the FA Facebook stuff and there was LOTS of traffic and such in that....
Good job on Dragoneer for not passing out due to lack of sleep and doing a good job of keeping us informed the best that he could. I know he could use a month of sleep after that ringer.
and the next day, I tried to look up any thing on this attack BUT turns out theres nothing much about it and that just over the past month there have been alot of smaller incidents. so, DDoS is a such a daily occurance that the media is like "MEH."
digitalattackmap.com is good for general monitoring
If you wanted to Note me a few more sites worth watching, it would be appreciated.
~Pitchforks! Get your pitchforks and torches here! You can't have an angry mob without pitchforks and torches!~
regardless, I assume then that you're a member of our good ol boys in blue? Or to make the saying more relevant, our boys in full military garb?
Is this illegal or something?
Is this like an actual "attack" (cyber attack?) where people or just 1 guy plans and does this from the comfort of his "headquarters"?
Either way, I don't like these DDOS attacks but its clear now that technology, 1 of our "greatest inventions" is gonna be the downfall of us or the cause of huge headaches for years to come. Suddenly Im reminded of a video I saw about the game "Watchdogs" and how that game is NOT far off from reality.
I dont think there is a law for it, but it certainly violates how you use the internet e_e
Im still surprised (but probably shouldn't) that THIS is a "thing" that happens. But hey, anything that CAN happen, WILL happen eventually.
If user A is has set things up where its trying to do this 1000 times at the same time, the server is going to sit there and try to handle it. Its going to try and handle every demand user A is wanting.
Meanwhile user B, just wants to see the front page.. well the server is so busy dealing with user A's 1000 requests it cant respond.
Ultimately the server hangs .. like how our PC hangs because windows has its moments.. it just cant handle too many things at the same time.
A DDOS attack is when people or a person using a bunch of computers he either has or has taken control of to flood the server so nobody can get in.
Usually it takes hundreds if not thousands to perform this sort of things which is why people who do this often use "Zombie Computers" where they take over tons of computers on a basic level with spyware and other nasty stuff they can trick people into downloading. Then they issue a command for all of the Computers to try and go to a single place which is then full to capacity to the point nobody else can get on.
The thing is though, DDoS CAN be used for good when using it as a means of protest. But the problem is it can also be used for bad, and remain completely anonymous while doing so.
If it's a person at home doing a DoS attack from their windows command prompt then they're fucking stupid and will be caught. DDoS uses botnets, typically from unsuspecting computers who have some backdoor trojan on them.
Simply spamming the F5 button is essentially the same thing as a DoS attack.
However, just because they may be doing a DoS attack doesn't mean they'll definitely get caught. There's ways to remain untraceable online.
The way a DDoS attack works is you take a botnet and you tell that botnet to constantly make requests to the site (essentially you tell them all to hit F5 constantly (keep refreshing the page from millions of computers at the exact same time)).
I don't see why you put technology as our greatest invention in quotes. If you're trying to imply in some way that technology is not good, then you're wrong. Every single thing you use is technology. Without technology the human species cannot survive. At the bare minimum, humans need a tool to hunt with, a tool to prepare the food with, and shelter. Technology will not be the downfall of humanity; technology is what allows us to do all that we're capable of. Technology will always have it's risks, yes. But we can make it safer and more secure. And obviously technology can be used for bad, but it can be used for good too.
As for hacking; in order to gain access to a computer system you require an attack vector. And attack vector is a flaw in code, and range from being extremely sever to completely irrelevant. Essentially, if the programmer screws up or forgets to add something then that will likely result in a potential attack vector. However, they're actually a lot more difficult to find than you may think. On top of this, there are many security researchers looking for these attack vectors, and once found they inform the maintainer of the code about this vulnerability so that it can be patched.
A DDoS attack is not "hacking" in any definition of the word. It's simply flooding the server with requests so that it can't actually respond to any new requests.
If you have any questions about DDoS attacks or other types of online attacks let me know and I can probably answer at least some of the questions.
They work a bit differently than a Application DDOS attack. Ever packet on a network has a signature which contains who it is from and where it is going to (source and destination). WIth an amplification attack, the attacker uses RAW socket programming to modify the packet so the source is not legit (IP spoofing). In this particular case to cause amplification, they do it on either a recursive DNS request (dump out TLD) or on a NTP service request. The attacker simply changes the source in the request packet to be a site or IP they want to attack. So as example, putting FurAfinity's IP address. This causes the NTP or DNS server on the net to reply with that request it was sent. So the attacker sends a few bytes packet out on the net and FA gets thousands of bytes response from that one packet. Hence amplification. Combine that with a list of 10s of thousands of misconfigured recursive DNS servers around the world that respond to those requests and a botnet with thousands of bots sending requests to that list of DNS servers and you wind up with hundreds of gigabits worth of traffic.
The problem isn't simple however. With Application layer attacks, the host can filter or use proxy or load balancer rules to filter out offending traffic as it generally shows a pattern that can be looked for. With amplification, it simply overwealms the bandwidth and usually causes issues at the provider level and not the server level. That is why it's a bigger and less stopable issue. In this case, FA had to wait on their datacenter provider to fix it since they were getting the majority of the attack. Keep in mind it had the potential to affect not just FA, but hundreds of their providers clients, so overall impact is very high.
The solutions to this? Well minor mitigation is done using services like cloudflare and the like. They act as a proxy between the internet and your real servers using many many datacenters around the globe. This means that attackers would have to use more IPs and a much bigger botnet to overtake that service. Cloudflare has reported up to around 400Gbit of bandwidth during an attack before. That is just massive amounds of bandwidth. Think of it this way, many folks have a 2Mbs DSL link. so thats 400000Mbs worth or like having 200000 people using their DSL to flood the same service. So if you divide up that between many sites with tons of bandwidth, no one site takes all of that bandwidth at one time.
The true fix is to correct a couple of things. Providers need to fix their open recursive DNS server configurations and restrict to IP ranges they know they service. NTP is the next one. A proxy could be placed in from of open NTP servers to filter the frequency of the requests. The difficult thing is no one company or person owns the internet and everyone has their part to play around the world to fix it.
I count myself lucky however as DDOS is not as likely to happen to my work here in Australia. We suffer a different thing which is known as route highjacking. China loves to steal our traffic and re-route through Singapore...
The FA admins did a good job tracking what they could and responding when they were able. The truth is next time this happens, they may not even be the intended target of the attack. It could be a site for making muffins and someone who has a deathly fear or muffin information getting out on the net who share the same host as FA. The internet is full of idiots that have nothing better to do then get off on a fake sense of "power". Having a laugh about using winnuke or ping flooding a dial up user on IRC with your T1 was so early 1990's. These days attackers are essentially doing the same exact thing to a larger audience.
While Anon certainly has the capability to do it, they generally use their talents for good, to right a wrong, or to go after a big corporation who has screwed over the masses. From the old woman putting a cat in a garbage bin to Fox news calling them an internet hate gang or something to that effect, they are there... They're like the "Batman" of the internet. They have the power, they have the ability, but they mostly use it to stand up for those who can't stand up to those who have wronged others. We may never see them ourselves, but we know they are out there... always watching.
Unless all these other sites were "collateral damage" of them going after something else on a similar server (which I doubt), I have no reason to consider Anon to be behind this.
That being said, anyone can say they're part of Anonymous and technically that makes them a part of Anonymous due to how Anonymous works. So technically you can say they did it. But based on what seem to be the values that Anonymous members tend to share, this isn't something that they would do. They have no reason to and it'd be a waste of time and resources when there's other more relevant sites to DDoS.
Hope you all are doing well.
Just thinking out loud here, not looking for any problems
Also, I find it darkly humorous that someone with the Eye of X.A.N.A. as their avatar is commenting about a DDoS attack. X3
Why not fix the massive ongoing internal issues of the site including the ever increasing backlog of tickets that are up to two years and waiting?
This here "attack" happens every year before Christmas and this is the more elaborate thing i have seen in all the years.
"I don't have any proof, but I'm calling it. Vladimir Putin is behind the DDOS. They're not attacking, just "gathering at the border"." Dragoneer
xP
thank you SO, so much! Already donated to it! :3
I really appreciate the assistance
Hope things get well in the future for y'all and them. (SF)
IB was down for a bit, but recovered quickly even after the second hit.
realized some of what was going on and put the word out on other sites to be on alert in case they were also targeted.
Thanks for the info, I did not know it spread that far.
But there is something I do not quite understand though, why are they targeting all the "Furry" sites?
Do they have something against the Fandom? If so, then that ain't right. ( '^')
Come on now. This datacenter has industry veterans and in that area of virginia they are plentiful.
That is probably the least effective and worst attempt.
Really funny.
Posted by Greenreaper, an Inkbunny admin.
Hadnt heard about others lile furnation or such though
i've also heard from several other people that deviantart was acting slow for awhile, too. could be a coincidence though.
Any word on when the forums are going to be up as well?
Most of the damage here actually seems to have been caused because of a host that didn't do a good job of things.
you'd be surprised what his family does.
These are not business magnates, they're kids.
Perhaps they thought that _we_ have no live, and used this method to get us to go outside for once.
Can't say it worked for me, though.
A DDoS attack is not something which can go away, it will always exist. As artificial intelligence gets more and more sophisticated it becomes better able to stop these attacks, but the problem is they are 100% random. No matter how good the AI gets for these DDoS prevention programs it will still never be able to stop a DDoS attack completely. As you have to look for some pattern in order to predict the next IP which needs to be blocked.
The way DDoS works is you flood the server with requests. The server must respond to every single request, but it gets requests faster than it can respond in the event of a DDoS attack. So there's not much you can do but try to find a pattern to predict the next set of IP's which need blocking.
Those that DDOS just.. -shuts up rant-
Anyways, Glad were back, its good we all can get through hard times ^.^
Hackers are the guys that made the systems secure in the first place. Also, in theory it is possible to make a completely secure system. Something unhackable. In practice it's impossible as people make mistakes, but in theory it's possible as any attack requires an attack vector. An attack vector only exists if there's a flaw in the code. However, a DDoS attack does not require an attack vector as it's simply making more requests than the server can respond to. The only way to protect against a DDoS attack is by implementing a system that looks for various patterns which may indicate a DDoS attack. But it's not perfect, and there's no way to make it perfect due to the nature of how clients and servers work. The only true way to protect against a DDoS attack is to run your service as Peer to Peer, as this way each bot in the botnet actually helps your server, as by making the request they also must share a portion of their resources to keeping the service online. However, this type of system does not work well for things like websites, as it would require someone be connected at all times otherwise the service would go down. But in theory it could be used in conjunction with the traditional centralized system, and there have been people experimenting with this without any modifications to the web browser.
As for how hacking works, I'll use an example from the HeartBleed Bug.
OpenSSL (the program which had the HeartBleed Bug) had a feature called HeartBeat. It was designed to keep an SSL session alive when idle. To do this the client would send data of the size specified, and the server would reply with the same data which was sent. However, OpenSSL did not actually verify that the size of the data the client said it was sending was the same size actually received. As a result, you could say you were sending 64MB of data, and then send only 1MB of data. You'd get that 1MB back, plus whatever happened to be in memory at that time within the 64MB block. Normally this would be irrelevant as the OS clears the previous values when they're not in use, so normally you'd get a bunch of 0s. However, since OpenSSL managed the memory itself and did things a bit different, this exploit was possible.
But now that's been fixed, and is no longer an attack vector. The reason it was once an attack vector was due to all that I mentioned above. So assuming you think of everything, you can make a perfect system. But in practice this is unlikely.
As for hackers, there's a few kinds of hackers. There's white hat hackers, these are the security researches and operate within the law. You 100% want them around as they are the reason these flaws get fixed. Then there's grey hat hackers, they do both legitimate work and illegal work. And then there's the black hat hackers, these are the ones who only do illegal work.
Although the term for hacker has changed over the years. It's original meaning was simply someone who wrote really good code and had a passion for computers. But media has popularized the definition of hackers being people gaining unauthorized access into a computer system/otherwise compromising security (I personally prefer the original definition). But again, you still want people with those skills. As they're the ones who are going to make these systems secure and spot the vulnerabilities. And many hackers don't do it for malicious purposes, they do it out of curiosity of the technology.
For example, I myself have been researching SQL Injection attacks a little bit, as I'm curious as to how they work. I understand the basics and I think I could pull one off, but I'm not sure (I understand SQL however as I have to work with it quite a bit in my programming course, just not 100% as to how to inject it into a site (but from what I've been reading it's actually fairly simple)). However, rather than use a site I don't own, I'd just make my own site to test this on. Part of why I'd like to know how to do an SQL Injection attack is because then when I make my own site, I can attempt an SQL Injection attack to test for this possibility. Having that kind of skill is very important in this field when it comes to testing your applications for security flaws. Although many companies simply hire someone to do a security audit, but still; that's expensive and a lot of the attacks are fairly simple (but only work due to poor design).
Putting all hackers into one specific group and call them all bad is really narrow minded though.
This is coming from someone who has a Security+ certificate for computer security.
""good hacker" does not exist because if he did, all bad hackers would be gone"
How does this make sense? It's the equivalent of saying we shouldn't have crime because we have police. It doesn't work that way.
You really should actually read Zukaro's comment to you and educate yourself, because as it stands now, you sound extremely ignorant and paranoid.
All those "hackers" you're seeing in games are script kiddies. They didn't write the code to take advantage of the exploit, nor do they understand the exploit. They're simply using a tool someone else made.
"he ever so fairy tale "good hacker" does not exist because if he did, all bad hackers would be gone"
What the fuck are you even talking about? Do you know how many good hackers there are? Everyone working in the computer security field fits the description of a hacker, but the reason they're doing it is to protect you, and everyone else. They're making the systems more secure so those with bad intentions cannot break in. And your statement of all bad hackers being gone makes no sense either. That's like saying if there's one police officer there will be no crime. It makes no sense.
You should stop resenting hackers and go learn what they actually are. Learn the facts, stop basing your opinions off skiddies, movies, and video games; start basing them off reality.
Yes, there are bad hackers. But there's also a hell of a lot of good hackers. By your logic every single life form on this planet is bad because if there were any good life forms nothing bad would happen.
I realize you can have an opinion, but it annoys me that you won't actually look at the facts. Think of it this way; what if I say that every furry is only into porn and bestiality? Pretty sure you'd have an issue with that. Especially if you gave me the facts and I refused to educate myself on the subject and simply ignored everything you'd said.
But of course, you end the conversation. As in you're going to ignore everything else I say because you cannot fathom educating yourself on a group which you hate. And that annoys me. I'm not saying you have to come to my conclusion which is most hackers are good, but what I'm saying is you have to at least recognize that there ARE good hackers. Because if there weren't good hackers, how the fuck do you think any programs would get secured? And who would perform security audits?
But the thing is, hackers actually do legitimate work that helps everyone.
And what you're doing is just ignoring the facts. Yes, there's bad hackers; but there's a hell of a lot of good ones too. But in your mind they're all bad. So tell me, who actually makes the security updates for everything then? And who does a security audit on networks, code, etc to find out if it's secure or not?
http://en.wikipedia.org/wiki/Shellshock_(software_bug)
This was a very powerful exploit that could have been used in linux to control servers/computers/etc. Guess what the hacker that discovered it did? Reported it. They didn't save it to create a zero day exploit, or share it on the black market. The person went off and explained the bug to people who updated it and fixed it.
http://en.wikipedia.org/wiki/Micha%C5%82_Zalewski
That's the guy who reported it, and oh look, he's a fucking white hat hacker.
Multiple examples of experienced hackers who used their skills for good, and there are thousands more out there. Now you can't use the ignorance card.
This is also entirely off the current topic but back in the 80s pretty much anyone deep into computers and programming was referred to as a hacker. It wasn't even a negative term yet.
Either way, I personally see it as a positive term still. And those in the hacker community all see it as a positive term as well.
Keep in mind that our lives do not inherently depend on the Internet.
It wasn't as big a deal as people made it out to be though. It was still important to fix, but still.
And hacking isn't gonna destroy the world. But of course, you wish to remain ignorant. Which annoys me.
I don't think Walmart is target.
Norton though... Perhaps the one thing that produces more internet hate than furries, short of politics.
Someone called the SWAT team just to watch them bust in and arrest Kootra...
=^.,.^=
still dont understand what on earth would drive a person so far as to pull this shit, but im glad it seems to be getting straightened out finally.
This should be required reading for absolutely everybody.
I hope the scumbags that were responsible for the DDOS attacks get arrested.
though this does also seem to push the "no one likes furries" point too HAH
But I see your point.
Obviously it would help to have protection against attacks in the future, and I understand they can't afford that. But seriously, I think this site could be doing more. For one thing, there advertisement is way too cheap. They could charge more for that I think, a slow increase over time. Then they could afford to make the site more functional. I dunno, also have more donation drives and stuff. I've seen very few in the past, but I just feel like more could be done. I'm not trying to blame FA for the attack, however it seems a bit ridiculous to me about how long the recovery took.
I'm just kinda putting it out there to the fact is there any way this could have been avoided or dealt with better? that's my question. And my criticism.
I was watching there twitter the whole time, and aware the host was taking a while to respond, but is there some what that could've also been less of an issue?
Like I dunno.
i dont really have any experience with the advertisements, so i cant make much comment on that. but itd be nice if there was another way to bring money in consistently that didnt end up just being like premium memberships on deviantArt. some kind of regular donation drive might work out well, and Neer mentioned somewhere (twitter i think, or maybe reddit) that he'd been sitting on patreon ideas for the site for awhile.
i do agree with you, more could have been done, especially to prevent this kinda thing in the first place; but i suppose the silver lining is that all this got everyone thinking on that more, so the ball will start rolling now, at least. better late than never i suppose :P
I'm just get concerned about doing more because of the people who really make their living on this site ya know? Like I know the FA staff is doing that too. With their tweets and all.
Oh, well I've almost gotten an advetisement and I plan to actually get one in the future when other things don't come up. But I was surprised how cheap they are to run, I expected double. I know a lot of furries can be cheap but I really just think they could be more ^^ I'd definitely pay it. I also agree with the premium membership thing, and I'd get a sub too but i think that would get a lot of criticism for the fandom. It's kinda like a lot of furs expect things for free... I think people would get mad about that, so that's probably why they haven't. Patreon is a better idea, perhaps it could include competitions with people who donate a certain amount.
Haha yeah, I dunno. It seems like FA has gone through a few attacks over the years.. Someone told me it happens like almost every year.. so I dunno, it is good people are being more mindful but change really does need to happen. Or FA is gonna start to be left in the dust for in favour for other sites like weasyl, and tumblr etc.
*10 mintues later*
OH SHIT IT'S DOWN AGAIN! ...guess we'll have to
begask for donations again lol.amusing
I have just read that donation page, and I was kinda all for it until I read some of it was going towards project phoenix.... No
I'm glad that a portion of the donations will be going to SoFurry, because they do deserve it.
just waiting to see if its all over with now
Glorious. Motherfucking Glorious.
Sleep with one eye open.
Sincerely, the many, many, many people you have directly and indirectly assaulted.
However, the attack appears to have been targeted towards American companies, and not the furry fandom specifically. I'll have to do more research into the subject however. But frankly I find that more likely, that an attack of this scale would be targeted towards the hosting companies rather than the furry fandom specifically.
The moment the current host has any solid details on who was behind the attack, they need to pursue legal action in full force.
DDoS attacks are illegal no matter where you're located, so if they have enough evidence to pin someone and can prove it, they need to do so without hesitation.
But the unfortunate thing is that the person responsible would be incredibly hard to track down unless they publicly reveal that they were the omes that did it. Such is the internet...
I can conspire all day but I haven't lost anything. I will leave that to disgruntled artists who want to take legal action and force hands. You never know what kind of things will turn up. Hell it isn't too hard for me to put two and two together and establish motive and reasoning.
Has this happened before-
Who has to gain-
What could be lost durring just FA's downtime if they suffer alone-
Answer those with any reasonable shred of logic and you get more important questions.
My only question is.... Why not do the site like DA if you want money to play with... ffs
DDoS's also don't permanently disable web sites as the attack cannot feasibly persist for longer than a day to three days or so, so there's no long-term benefit to be gained by an attacker; they exist primarily as "protest" attacks or things that people do just because they feel like being an asshole.
just remember nothing in the world is free, not even Furaffinity. youll get where im going with this eventually, but seeing how the new fellas just keep pouring in regaurdless it just doesnt even matter. evil always wins and everyone thinks what they are told to think.
Of course it will not make any sense if you think the world of FA and think that no one who could produce such a wounderful site could possibly do any wrong. That would be so sweet and tender a thought, but someone else produced the site and it is in the most undeserving hands. I am not saying i could do much better, but i sure as hell wouldnt scam people and do it every year on top of that.
Why.... Why.
Has this strained the relationship between FA and its current host at all? Must have cost them a lot in terms of equipment, mitigation and other affected clients.
That had to be at least a partial goal of an attack of this magnitude. "Make all furry sites toxic to hosting providers."
While it's a collateral consideration an attacker may have had in mind, it's actually a reach to assume the server would suddenly want to disassociate themselves from all things furry. Revenue can be reclaimed. Hosts in these situations turn their anger on the attackers, not the sites they're hosting.
that's awesome and really humble of you, FA. good on ya <3
let's sure hope the worst is behind us, yeah?
https://www.youtube.com/watch?v=mjCRUvX2D0E
And I hope they throw 'em in a deep fucking hole.
The NSA could probably put together a crack team and spend the next twenty years trying to locate them and come up empty on a single arrest.
Glad to be back, though, I missed you guys!
missed you guys!~
it's true that not much can be done to fully prevent it but I'm glad to hear that you guys are taking steps now that it's happened to prepare for any future attempt. Hopefully these guys are caught for the shit they are doing
I mean, many knows about Sony getting those DDOS attacks before. Another recent one is also, from the game entreprise, with Cryptic (Neverwinter Online, Champions Online), then ArenaNet for Guild Wars series, Arche Age last week.
And here, in this community artistic websites, furries and not, got attacked too.
I do ask some questions about their motives about "why they did those attacks". But I do complain on this attack for the artists. Again, I mean that many artists gain their lives here. So why... how can I say this... stopping the work of someone else when they do try to gain their living stuff?
Someone out there either hates furries or has absolutely nothing better to do with their life.
God forbid it was 4Chan or one of its Reincarnations on another raid...
Although I'm hearing that railroad sites and Government shit were hit with the DDOS so... nevermind then!
It could be a coincidence that this site was attacked at the same time as the big fur sites, but in all likelihood it's the same group.
Although you could always ask the group that did it, they left their email address on there. If it's been fixed by now I can get it for you as I posted their source code on both ontariofurs.com and ontariofurries.ca so that if people were curious they could read through it.
normal web traffic.
https://www.youtube.com/watch?featu.....;v=BYYX-h4-dpM
DDOS web traffic.
https://www.youtube.com/watch?featu.....;v=hNjdBSoIa8k
xD
Fender I'm happy to see you, you silly fox raccoon thing, you.
Isn't that what Cloudflare is?
If they could mitigate a DDOS at that level...why couldn't they mitigate this one?
Also Sofurry wasn't really hit neither was Inkbunny hit at all.. It was really directed at FA.
As for the sourse of the attack, you will never truely know due to how a DDOS attack works. In order to build traffic, it isn't one but many and usually bots.
I wouldn't doubt you have a security breach in your defences as more than likely someone has riddled the system with bots that opened the backdoor wide open to attack.
Using a networked server service may be a big option but it needs to be dedicated.
My school has a huge department in cyber security. I know many itching for a job =)
If I may suggest something. I'm aware this may not be read by Fender or Dragoneer, but maybe someone will see this.
Though the GoFund me is fantastic and I hope you reach your goal (I wish it took PayPal). I'd like to suggest something for the future.
The ability to sponsor FA on a monthly basis. You already have a fantastic way for artists to advertise their works, but you can block the advertisements and there's nothing for the common fur. Here's a a brief description.
Bronze - $20 a month - gets you symbol beside your name (a start or heart) and maybe a colored border around your icon.. This puts you to the top of watch lists, so you're easily found or you just want bragging rights.
Silver - $30 a month - gets you a symbol beside your name, and one featured submission a month. So in addition to the recent artwork, stories and music section on the front page there will be a section for featured submissions from sponsors. This could be something you've commissioned, drawn wrote or composed.
Gold - $100 a month - gets you a symbol beside your name, three featured submissions and an advertisement.
Prices and bonuses are just a thought, but I'd definitely subscribe for 30 dollars a month.
Even if you had 25 people subscribe to the Bronze you'd have enough for your DDOS protection.
Just a thought! Thanks.
It's irrelevant since FA can't accept payment
I've bought ads before but I wouldn't pay over $10 for a monthly sub
that'd suck, since many people are financially stuck here and struggle enough.
As an aside, the world will never be a place of equality, and any paid features will definitely put those artists at an advantage. But that shouldn't be seen as a bad thing. It's like an investment, and some times you have to make those to further your (side-)'business'. You don't have to take the investment if you can overcome the disadvantage in other ways.
putting subscriptions puts the temptation for pay to access only.
hoping that never happens here
but ive seen it happen.
Ebola is "airborne" if you spew your sperm or sweat at someone else. Other than that, no.
You are right, I'm not implying that there will be clouds of ebola flying around, engulfing cities like in sci-fi movies What I mean is that if someone who unknowingly has the ebloa virus, sneezes in the office at which you work, and the cieiing fan is rapidly twirling overhead...well your mind can fill the rest in.
Of course the particles will settle, eventually and the risk will be averted once you turn the fan off.
I would honestly only worry about catching Ebola if you were locked in a car for an extended amount of time, or in a coffin with an ebola patient and they coughed directly onto your face and then proceeded to poop, bleed and jizz all over you simultaneously. Besides - contact with your skin doesn't mean instant transmission. You have to worry about diseases getting into your mucus membranes - the spaces in your nose, mouth and eyes.
Many communicable (spreadable) diseases are gained by touching a door after someone after they've sneezed/coughed into their hand, and then resting your hand on your face or touching your food without washing your hands, rubbing your eyes or even picking your nose. You'd also be surprised how many diseases we catch via '3rd party' fecal-to-oral route by people not washing their hands after using the bathroom. YOU might wash your hands, but the last guy to open the bathroom door behind you might not have. That's why it's best (if it's a pull door) to use the towel you dried your hands with to open the door, or push it open with your shoulder.
/food nerd
The fact that there's no vaccine and that the virus can carry up to a 90% mortality rate makes it highly worrisome to those who'd rather have a cure on hand. Among diseases that can spread readily through fluid contact and aren't airborne, it's among the world's deadliest.
Fluid Transmission:
* Rabies: nearly 100% untreated (cure available)
* Glanders: 95% untreated (no cases reported in developed countries in decades among humans)
* AIDS/HIV: approx. 80-90% untreated (treatments readily available, survival rate with infection now very high)
* Ebola (Zaire strain): up to 90% in undeveloped countries
Insect bite:
* Sleeping Disease: Nearly 100% untreated
* Plague: Up to 100% untreated
* Naegleria fowleri: Up to 100% untreated (very few treatments available, but fewer than 300 or so reported cases in history)
* Visceral leishmaniasis: Up to 100% untreated (infection limited to undeveloped world)
* Acanthamoeba: 90% or higher, apparently rare
Ingestion:
* Prion diseases: 100%, but contracted through ingestion of infected brain tissue or animals; nearly extinct in the developed world, and spread primarily through cannibalistic practice
* Smallpox: Up to 95%, vaccine available, eradicated from the natural world
* Anthrax: Over 93%, treatment and vaccines readily available
---
Of all the naturally occurring agents, Ebola remains one of the most worrisome for potential pandemic outbreak, as modern sterilization practices in the developed world nearly completely mitigate the infection rate of diseases like Glanders, Plague, N. fowleri, and otherwise. Of the seriously fatal bite diseases like malaria, rabies, and sleeping disease, treatments are readily available and well-documented to have a high rate of success if treated early enough.
Treatment for ebola is still in the research stage and no reliable agents have been discovered and thoroughly tested as yet; anything found so far has been speculative at best. The most effective treatment is to simply isolate the patient and either watch them die or hope they survive on their own. That's what scares people.
"You caught ebola? Here, let's put you in a bubble and see if you die. Good luck."
I'm not holding my breath.
here isa list of active ddos attackers and if you pm me on this i will teach you how to set such and such servers on fire. if i smell bulshit on the way and yes i have an iq of 200 - i will "frag your box" instead of teaching you. in other words only people who IIIII deam honest and just, will learn the methodology of saving the internet.
ps. apart form the attack that was used you guys REALLY FUCK NEED TO block symbols that are above ascii #4999 because those are an EXTRMELY POWERFULL method of hacking a website directly and injecting code. exploits are just using a machine to enter them at a high speed to force it to the neerest active carat.
list of ready to die bad websites::
1.116.0.0/14 ; SBL216702
5.34.242.0/23 ; SBL194796
5.72.0.0/14 ; SBL167293
14.4.0.0/14 ; SBL187947
14.129.0.0/16 ; SBL192262
14.192.48.0/21 ; SBL131019
14.192.56.0/22 ; SBL131020
31.11.43.0/24 ; SBL113323
31.222.200.0/21 ; SBL111681
36.0.8.0/21 ; SBL225949
37.139.49.0/24 ; SBL169644
37.148.216.0/21 ; SBL134712
37.246.0.0/16 ; SBL169540
42.1.128.0/17 ; SBL204231
42.52.0.0/14 ; SBL234286
42.194.128.0/17 ; SBL234290
46.29.248.0/22 ; SBL202964
46.148.112.0/20 ; SBL110612
49.8.0.0/14 ; SBL190333
59.254.0.0/15 ; SBL230802
61.11.224.0/19 ; SBL221384
61.45.251.0/24 ; SBL209995
62.122.72.0/23 ; SBL89541
62.182.152.0/21 ; SBL83337
64.44.0.0/16 ; SBL90974
64.112.0.0/17 ; SBL90972
64.112.128.0/18 ; SBL90973
64.137.0.0/16 ; SBL234367
64.234.224.0/20 ; SBL172387
66.11.112.0/20 ; SBL163827
66.198.240.0/20 ; SBL78602
66.231.64.0/20 ; SBL108610
67.209.112.0/20 ; SBL79853
67.211.208.0/20 ; SBL74177
67.213.128.0/20 ; SBL72074
67.218.208.0/20 ; SBL79149
68.66.192.0/18 ; SBL189571
72.13.16.0/20 ; SBL83151
74.123.96.0/21 ; SBL99533
78.31.184.0/21 ; SBL83336
78.31.211.0/24 ; SBL180606
79.173.104.0/21 ; SBL201519
81.22.152.0/23 ; SBL92875
85.121.39.0/24 ; SBL111502
85.202.160.0/20 ; SBL95006
86.55.40.0/23 ; SBL195122
86.55.42.0/23 ; SBL195132
86.55.210.0/23 ; SBL180093
87.243.112.0/22 ; SBL212297
88.135.16.0/20 ; SBL112063
91.108.181.0/24 ; SBL194758
91.195.254.0/23 ; SBL153480
91.197.96.0/22 ; SBL67504
91.198.127.0/24 ; SBL91051
91.200.248.0/22 ; SBL83326
91.201.236.0/22 ; SBL94054
91.203.20.0/22 ; SBL177452
91.207.116.0/23 ; SBL215450
91.209.12.0/24 ; SBL202759
91.212.104.0/24 ; SBL193420
91.212.135.0/24 ; SBL97610
91.212.198.0/24 ; SBL79300
91.212.201.0/24 ; SBL76662
91.212.220.0/24 ; SBL87278
91.213.29.0/24 ; SBL80031
91.213.72.0/24 ; SBL78805
91.213.93.0/24 ; SBL78807
91.213.94.0/24 ; SBL78806
91.213.121.0/24 ; SBL80042
91.213.126.0/24 ; SBL182148
91.213.148.0/24 ; SBL184276
91.213.167.0/24 ; SBL209982
91.213.172.0/24 ; SBL185047
91.213.174.0/24 ; SBL83028
91.213.217.0/24 ; SBL93912
91.216.3.0/24 ; SBL89504
91.217.162.0/24 ; SBL99838
91.217.249.0/24 ; SBL97861
91.220.35.0/24 ; SBL106900
91.220.62.0/24 ; SBL180556
91.220.63.0/24 ; SBL184596
91.223.89.0/24 ; SBL235383
91.223.231.0/24 ; SBL192694
91.226.97.0/24 ; SBL123045
91.229.248.0/24 ; SBL150034
91.230.110.0/24 ; SBL160401
91.230.252.0/23 ; SBL214056
91.234.36.0/24 ; SBL181738
91.234.255.0/24 ; SBL215332
91.235.2.0/24 ; SBL153758
91.236.74.0/23 ; SBL176147
91.236.120.0/24 ; SBL147831
91.237.198.0/24 ; SBL214054
91.237.249.0/24 ; SBL180268
91.238.82.0/24 ; SBL154617
91.239.15.0/24 ; SBL151316
91.239.24.0/24 ; SBL147711
91.239.238.0/24 ; SBL207220
91.240.165.0/24 ; SBL151876
91.242.217.0/24 ; SBL167032
91.243.115.0/24 ; SBL156443
91.245.196.0/22 ; SBL236509
93.175.240.0/20 ; SBL83333
94.26.112.0/20 ; SBL195119
94.60.122.0/23 ; SBL112756
94.63.244.0/24 ; SBL103030
94.154.128.0/18 ; SBL67819
95.216.0.0/15 ; SBL83308
101.192.0.0/14 ; SBL201382
101.199.0.0/16 ; SBL201388
101.202.0.0/16 ; SBL201389
101.236.0.0/14 ; SBL210658
101.248.0.0/15 ; SBL204948
101.252.0.0/15 ; SBL204949
103.2.44.0/22 ; SBL145400
103.10.68.0/22 ; SBL131017
103.12.216.0/22 ; SBL189607
103.16.76.0/24 ; SBL209988
103.23.8.0/22 ; SBL235784
103.246.72.0/22 ; SBL145399
106.96.0.0/14 ; SBL201619
108.166.224.0/19 ; SBL235333
109.94.208.0/20 ; SBL84898
109.196.96.0/20 ; SBL112061
110.44.128.0/20 ; SBL79386
110.232.160.0/20 ; SBL79387
113.20.160.0/19 ; SBL79384
114.8.0.0/16 ; SBL214648
115.85.133.0/24 ; SBL209996
116.78.0.0/15 ; SBL234552
116.128.0.0/10 ; SBL214384
116.144.0.0/15 ; SBL178615
116.146.0.0/15 ; SBL178616
116.197.152.0/21 ; SBL131021
119.232.0.0/16 ; SBL230571
120.76.0.0/14 ; SBL236309
120.92.0.0/17 ; SBL236565
120.92.128.0/18 ; SBL236566
120.92.192.0/19 ; SBL236567
120.92.224.0/20 ; SBL236568
121.46.64.0/18 ; SBL72673
121.100.160.0/19 ; SBL201065
121.100.192.0/18 ; SBL201066
122.129.0.0/18 ; SBL221386
122.202.96.0/19 ; SBL87493
123.136.80.0/20 ; SBL225929
124.68.0.0/15 ; SBL211387
124.70.0.0/15 ; SBL197900
124.157.0.0/18 ; SBL221387
125.31.192.0/18 ; SBL233458
125.58.0.0/18 ; SBL221388
128.13.0.0/16 ; SBL208853
128.168.0.0/16 ; SBL51908
128.191.0.0/16 ; SBL208856
129.47.0.0/16 ; SBL221257
129.76.64.0/18 ; SBL101405
130.201.0.0/16 ; SBL101200
130.222.0.0/16 ; SBL101196
132.145.0.0/16 ; SBL101575
132.232.0.0/16 ; SBL9176
134.18.0.0/16 ; SBL221372
134.22.0.0/16 ; SBL214750
134.23.0.0/16 ; SBL101571
134.33.0.0/16 ; SBL7097
134.127.0.0/16 ; SBL101572
134.172.0.0/16 ; SBL101573
134.209.0.0/16 ; SBL101574
136.228.0.0/16 ; SBL89254
136.230.0.0/16 ; SBL211522
137.76.0.0/16 ; SBL205801
138.43.0.0/16 ; SBL69354
139.47.0.0/16 ; SBL208340
139.167.0.0/16 ; SBL64740
139.188.0.0/16 ; SBL221373
140.167.0.0/16 ; SBL212527
140.204.0.0/16 ; SBL227841
141.136.16.0/24 ; SBL126664
141.136.22.0/24 ; SBL115039
141.136.27.0/24 ; SBL117320
141.253.0.0/16 ; SBL235382
143.49.0.0/16 ; SBL7182
143.64.0.0/16 ; SBL194484
143.135.0.0/16 ; SBL84946
143.189.0.0/16 ; SBL210512
144.207.0.0/16 ; SBL211531
146.3.0.0/16 ; SBL220725
146.185.220.0/23 ; SBL236266
147.50.0.0/16 ; SBL156522
148.105.0.0/16 ; SBL103491
148.154.0.0/16 ; SBL208416
148.178.0.0/16 ; SBL79700
148.248.0.0/16 ; SBL84763
149.109.0.0/16 ; SBL215185
149.118.0.0/16 ; SBL181786
149.143.64.0/18 ; SBL181787
150.10.0.0/16 ; SBL222568
150.22.128.0/17 ; SBL235649
150.126.0.0/16 ; SBL156561
150.141.0.0/16 ; SBL79702
151.123.0.0/16 ; SBL89692
151.192.0.0/16 ; SBL178650
151.212.0.0/16 ; SBL229160
151.237.184.0/22 ; SBL195447
152.136.0.0/16 ; SBL212525
152.147.0.0/16 ; SBL8847
153.14.0.0/16 ; SBL220726
153.121.128.0/17 ; SBL234554
153.127.0.0/17 ; SBL235861
155.177.0.0/16 ; SBL214846
155.204.0.0/16 ; SBL220502
157.162.0.0/16 ; SBL220085
157.186.0.0/16 ; SBL186753
157.195.0.0/16 ; SBL208418
157.231.0.0/16 ; SBL154590
157.232.0.0/16 ; SBL154609
158.54.0.0/16 ; SBL209870
158.90.0.0/17 ; SBL224702
159.85.0.0/16 ; SBL210102
159.111.0.0/16 ; SBL210511
159.135.0.0/16 ; SBL190677
159.141.0.0/16 ; SBL174978
159.223.0.0/16 ; SBL98308
159.229.0.0/16 ; SBL214155
160.200.0.0/16 ; SBL227957
160.222.0.0/16 ; SBL226652
161.59.0.0/16 ; SBL236760
161.66.0.0/16 ; SBL236811
161.71.0.0/16 ; SBL227840
161.189.0.0/16 ; SBL211530
161.232.0.0/16 ; SBL173214
161.238.0.0/16 ; SBL229412
162.125.0.0/16 ; SBL101854
162.211.236.0/22 ; SBL198303
162.217.4.0/22 ; SBL192258
163.47.19.0/24 ; SBL209997
163.59.0.0/16 ; SBL233285
163.182.0.0/16 ; SBL200443
163.253.0.0/16 ; SBL212621
164.60.0.0/16 ; SBL212353
165.102.0.0/16 ; SBL229889
165.192.0.0/16 ; SBL212619
165.205.0.0/16 ; SBL221429
165.209.0.0/16 ; SBL204517
165.225.0.0/17 ; SBL147377
165.225.192.0/18 ; SBL177792
167.74.0.0/18 ; SBL178647
167.87.0.0/16 ; SBL190910
167.97.0.0/16 ; SBL12947
167.162.0.0/16 ; SBL221376
167.175.0.0/16 ; SBL222563
167.224.0.0/19 ; SBL106073
168.129.0.0/16 ; SBL195898
170.67.0.0/16 ; SBL8148
170.113.0.0/16 ; SBL102573
170.114.0.0/16 ; SBL182245
170.120.0.0/16 ; SBL90515
170.179.0.0/16 ; SBL221379
171.2.0.0/16 ; SBL234555
173.205.8.0/21 ; SBL173639
173.205.16.0/21 ; SBL173640
173.205.24.0/21 ; SBL173643
173.205.32.0/21 ; SBL173644
173.205.40.0/21 ; SBL173645
173.205.48.0/21 ; SBL173646
173.249.160.0/19 ; SBL106071
174.136.192.0/18 ; SBL99427
175.103.64.0/18 ; SBL221380
176.47.0.0/16 ; SBL154643
176.61.136.0/22 ; SBL194793
177.36.16.0/20 ; SBL193555
178.159.176.0/20 ; SBL110616
180.236.0.0/14 ; SBL214502
185.11.140.0/24 ; SBL224151
185.11.143.0/24 ; SBL224152
186.190.224.0/21 ; SBL126282
188.247.135.0/24 ; SBL117319
188.247.230.0/24 ; SBL122292
192.5.103.0/24 ; SBL212979
192.12.131.0/24 ; SBL226062
192.26.25.0/24 ; SBL84941
192.31.212.0/23 ; SBL84945
192.40.29.0/24 ; SBL210095
192.43.153.0/24 ; SBL69615
192.43.154.0/23 ; SBL69616
192.43.156.0/22 ; SBL69617
192.43.160.0/24 ; SBL69618
192.43.175.0/24 ; SBL84942
192.43.176.0/21 ; SBL84943
192.43.184.0/24 ; SBL84944
192.54.39.0/24 ; SBL184865
192.54.73.0/24 ; SBL184866
192.54.110.0/24 ; SBL221778
192.67.16.0/24 ; SBL6648
192.67.160.0/22 ; SBL172388
192.84.243.0/24 ; SBL210166
192.86.85.0/24 ; SBL69619
192.88.74.0/24 ; SBL212760
192.100.142.0/24 ; SBL212761
192.101.44.0/24 ; SBL210168
192.101.181.0/24 ; SBL210187
192.101.200.0/21 ; SBL97211
192.101.240.0/21 ; SBL97209
192.101.248.0/23 ; SBL97208
192.112.112.0/20 ; SBL97012
192.125.0.0/17 ; SBL229245
192.133.3.0/24 ; SBL221771
192.152.194.0/24 ; SBL221768
192.154.11.0/24 ; SBL226063
192.158.51.0/24 ; SBL212762
192.160.44.0/24 ; SBL9493
192.162.19.0/24 ; SBL189782
192.171.64.0/19 ; SBL106074
192.190.49.0/24 ; SBL210175
192.190.97.0/24 ; SBL223556
192.195.150.0/24 ; SBL223555
192.197.87.0/24 ; SBL103493
192.203.252.0/24 ; SBL223554
192.206.114.0/24 ; SBL226064
192.219.120.0/21 ; SBL103494
192.219.128.0/18 ; SBL103497
192.219.192.0/20 ; SBL103495
192.219.208.0/21 ; SBL103496
192.229.32.0/19 ; SBL106075
192.231.66.0/24 ; SBL221765
192.234.189.0/24 ; SBL221779
192.245.101.0/24 ; SBL210097
193.0.129.0/24 ; SBL215333
193.0.146.0/23 ; SBL149273
193.7.192.0/19 ; SBL210748
193.23.126.0/24 ; SBL96354
193.25.48.0/20 ; SBL211796
193.26.64.0/19 ; SBL191858
193.43.134.0/24 ; SBL89390
193.104.12.0/24 ; SBL90815
193.104.94.0/24 ; SBL85667
193.104.110.0/24 ; SBL82582
193.104.176.0/24 ; SBL86727
193.105.141.0/24 ; SBL87368
193.105.154.0/24 ; SBL89482
193.105.184.0/24 ; SBL87567
193.105.207.0/24 ; SBL90339
193.105.245.0/24 ; SBL90611
193.106.32.0/22 ; SBL94569
193.107.16.0/22 ; SBL180482
193.150.120.0/24 ; SBL226826
193.164.11.0/24 ; SBL185726
193.200.167.0/24 ; SBL149013
193.222.50.0/24 ; SBL219380
193.227.240.0/23 ; SBL67369
194.0.177.0/24 ; SBL183836
194.1.152.0/24 ; SBL182946
194.1.159.0/24 ; SBL189783
194.1.184.0/24 ; SBL148480
194.1.220.0/23 ; SBL98808
194.1.247.0/24 ; SBL207819
194.29.185.0/24 ; SBL134638
194.50.116.0/24 ; SBL148074
194.54.156.0/22 ; SBL90652
194.110.160.0/22 ; SBL60306
194.242.2.0/23 ; SBL115030
194.247.58.0/24 ; SBL102270
195.5.161.0/24 ; SBL87267
195.20.141.0/24 ; SBL170947
195.62.25.0/24 ; SBL227579
195.68.222.0/23 ; SBL194120
195.78.108.0/23 ; SBL87005
195.85.204.0/24 ; SBL102328
195.88.190.0/23 ; SBL79119
195.114.8.0/23 ; SBL48773
195.130.192.0/24 ; SBL230795
195.182.57.0/24 ; SBL88206
195.191.56.0/23 ; SBL193031
195.191.102.0/23 ; SBL100272
195.225.176.0/22 ; SBL47622
195.226.197.0/24 ; SBL97616
196.1.109.0/24 ; SBL209998
196.63.0.0/16 ; SBL187946
196.193.0.0/16 ; SBL182162
198.13.0.0/20 ; SBL97016
198.14.128.0/19 ; SBL179291
198.14.160.0/19 ; SBL179292
198.20.16.0/20 ; SBL107773
198.23.32.0/20 ; SBL101186
198.45.32.0/20 ; SBL110170
198.45.64.0/19 ; SBL177843
198.48.16.0/20 ; SBL156868
198.56.64.0/18 ; SBL178648
198.57.64.0/20 ; SBL101250
198.62.70.0/24 ; SBL210101
198.62.76.0/24 ; SBL210161
198.96.224.0/20 ; SBL110171
198.99.117.0/24 ; SBL221773
198.102.222.0/24 ; SBL221777
198.148.212.0/24 ; SBL221776
198.151.64.0/18 ; SBL156894
198.151.152.0/22 ; SBL23969
198.160.205.0/24 ; SBL221774
198.162.208.0/20 ; SBL97027
198.167.255.0/24 ; SBL184974
198.169.201.0/24 ; SBL212980
198.177.175.0/24 ; SBL210085
198.177.176.0/22 ; SBL210086
198.177.180.0/24 ; SBL210087
198.177.214.0/24 ; SBL212981
198.178.64.0/19 ; SBL178649
198.179.22.0/24 ; SBL217199
198.181.32.0/20 ; SBL180443
198.181.64.0/19 ; SBL106079
198.183.32.0/19 ; SBL96708
198.184.64.0/18 ; SBL179269
198.184.193.0/24 ; SBL212982
198.184.208.0/24 ; SBL223553
198.186.25.0/24 ; SBL23976
198.186.208.0/24 ; SBL212763
198.187.64.0/18 ; SBL179271
198.187.192.0/24 ; SBL223552
198.190.173.0/24 ; SBL212764
198.199.212.0/24 ; SBL212983
198.202.237.0/24 ; SBL217198
198.204.0.0/21 ; SBL8179
198.205.64.0/19 ; SBL106080
198.212.132.0/24 ; SBL223551
199.5.152.0/23 ; SBL96745
199.5.229.0/24 ; SBL221780
199.9.24.0/21 ; SBL73445
199.26.96.0/19 ; SBL156899
199.26.137.0/24 ; SBL212765
199.26.207.0/24 ; SBL221772
199.26.251.0/24 ; SBL221782
199.33.145.0/24 ; SBL103498
199.33.222.0/24 ; SBL221781
199.34.128.0/18 ; SBL96704
199.46.32.0/19 ; SBL96703
199.58.248.0/21 ; SBL104408
199.60.102.0/24 ; SBL9159
199.71.56.0/21 ; SBL214914
199.71.192.0/20 ; SBL147763
199.84.55.0/24 ; SBL210094
199.84.56.0/22 ; SBL210092
199.84.60.0/24 ; SBL210093
199.84.64.0/19 ; SBL96702
199.87.208.0/21 ; SBL197437
199.88.32.0/20 ; SBL109258
199.88.48.0/22 ; SBL109259
199.89.16.0/20 ; SBL156916
199.89.198.0/24 ; SBL212766
199.120.163.0/24 ; SBL6658
199.165.32.0/19 ; SBL97023
199.166.200.0/22 ; SBL6026
199.184.82.0/24 ; SBL210159
199.185.192.0/20 ; SBL156981
199.196.192.0/19 ; SBL106606
199.198.160.0/20 ; SBL96701
199.198.176.0/21 ; SBL109341
199.198.184.0/23 ; SBL109342
199.198.188.0/22 ; SBL109343
199.200.64.0/19 ; SBL107014
199.212.96.0/20 ; SBL156982
199.223.0.0/20 ; SBL180441
199.230.64.0/19 ; SBL97024
199.230.96.0/21 ; SBL97026
199.233.85.0/24 ; SBL212984
199.233.96.0/24 ; SBL210099
199.245.138.0/24 ; SBL9923
199.246.137.0/24 ; SBL113125
199.246.213.0/24 ; SBL113126
199.246.215.0/24 ; SBL103499
199.248.64.0/18 ; SBL103438
199.249.64.0/19 ; SBL179270
199.253.224.0/20 ; SBL180442
199.254.32.0/20 ; SBL156983
200.3.128.0/20 ; SBL107775
200.22.0.0/16 ; SBL84896
200.105.32.0/20 ; SBL139955
202.0.192.0/18 ; SBL209865
202.20.32.0/19 ; SBL209868
202.21.64.0/19 ; SBL209869
202.40.32.0/19 ; SBL222855
202.40.64.0/18 ; SBL221383
202.61.108.0/24 ; SBL98492
202.68.0.0/18 ; SBL197720
202.183.0.0/19 ; SBL221385
203.9.0.0/19 ; SBL221390
203.31.88.0/23 ; SBL8083
203.34.70.0/23 ; SBL9682
203.34.71.0/24 ; SBL7244
203.86.252.0/22 ; SBL233286
204.19.38.0/23 ; SBL210079
204.44.32.0/20 ; SBL104258
204.44.192.0/20 ; SBL116416
204.44.224.0/20 ; SBL110044
204.48.16.0/20 ; SBL208964
204.52.255.0/24 ; SBL13483
204.57.16.0/20 ; SBL116417
204.75.147.0/24 ; SBL223550
204.75.228.0/24 ; SBL210096
204.80.198.0/24 ; SBL217200
204.86.16.0/20 ; SBL181088
204.87.199.0/24 ; SBL210160
204.89.224.0/24 ; SBL11667
204.106.128.0/18 ; SBL105808
204.106.192.0/19 ; SBL106078
204.107.208.0/24 ; SBL96699
204.126.244.0/23 ; SBL96747
204.128.151.0/24 ; SBL212985
204.128.180.0/24 ; SBL210100
204.130.167.0/24 ; SBL113127
204.147.240.0/20 ; SBL109212
204.152.224.0/21 ; SBL73340
204.155.128.0/20 ; SBL156984
204.187.155.0/24 ; SBL93877
204.187.156.0/22 ; SBL93878
204.187.160.0/19 ; SBL93879
204.187.192.0/19 ; SBL93390
204.187.224.0/20 ; SBL93880
204.187.240.0/21 ; SBL93881
204.187.248.0/22 ; SBL93882
204.187.252.0/23 ; SBL93883
204.187.254.0/24 ; SBL93884
204.194.184.0/21 ; SBL95012
204.225.159.0/24 ; SBL113128
204.225.210.0/24 ; SBL113129
204.236.0.0/19 ; SBL46767
204.237.136.0/21 ; SBL173642
204.237.168.0/21 ; SBL173641
204.237.232.0/21 ; SBL173647
204.237.240.0/21 ; SBL173648
204.238.137.0/24 ; SBL223547
204.238.170.0/24 ; SBL217201
204.238.183.0/24 ; SBL221024
205.137.0.0/20 ; SBL116418
205.142.104.0/22 ; SBL98307
205.144.0.0/20 ; SBL96698
205.144.176.0/20 ; SBL116419
205.151.128.0/19 ; SBL180437
205.159.45.0/24 ; SBL209488
205.159.174.0/24 ; SBL221762
205.159.180.0/24 ; SBL113130
205.166.77.0/24 ; SBL219931
205.166.84.0/24 ; SBL210098
205.166.130.0/24 ; SBL221342
205.166.168.0/24 ; SBL223549
205.166.211.0/24 ; SBL221761
205.172.176.0/22 ; SBL210082
205.172.244.0/22 ; SBL96743
205.175.160.0/19 ; SBL104260
205.189.71.0/24 ; SBL105802
205.189.72.0/23 ; SBL105804
205.203.0.0/19 ; SBL104616
205.203.224.0/19 ; SBL104251
205.207.134.0/24 ; SBL210088
205.210.107.0/24 ; SBL210089
205.210.139.0/24 ; SBL212767
205.214.128.0/19 ; SBL104253
205.233.224.0/20 ; SBL156985
205.236.185.0/24 ; SBL210091
205.236.189.0/24 ; SBL9442
205.253.0.0/16 ; SBL211445
206.51.29.0/24 ; SBL210090
206.81.0.0/19 ; SBL103439
206.123.128.0/19 ; SBL173649
206.127.192.0/19 ; SBL182423
206.130.188.0/24 ; SBL212986
206.143.128.0/17 ; SBL226353
206.189.0.0/16 ; SBL205399
206.195.224.0/19 ; SBL180439
206.197.28.0/24 ; SBL14253
206.197.29.0/24 ; SBL14251
206.197.77.0/24 ; SBL221760
206.197.165.0/24 ; SBL234413
206.201.48.0/20 ; SBL97028
206.203.64.0/18 ; SBL103686
206.209.80.0/20 ; SBL156986
206.224.160.0/19 ; SBL96697
206.226.0.0/19 ; SBL177387
206.226.32.0/19 ; SBL177459
206.227.64.0/18 ; SBL96696
207.22.192.0/18 ; SBL107317
207.32.128.0/19 ; SBL156988
207.45.224.0/20 ; SBL89255
207.110.64.0/19 ; SBL177484
207.110.96.0/19 ; SBL177485
207.110.128.0/18 ; SBL177686
207.183.192.0/19 ; SBL104254
207.189.0.0/19 ; SBL90975
207.226.192.0/20 ; SBL189463
207.230.96.0/19 ; SBL182424
207.234.0.0/17 ; SBL184714
207.254.128.0/21 ; SBL177374
208.70.168.0/21 ; SBL73444
208.81.136.0/21 ; SBL61909
208.90.0.0/21 ; SBL83016
208.93.96.0/21 ; SBL73446
208.117.80.0/20 ; SBL104409
209.51.32.0/20 ; SBL106609
209.66.128.0/19 ; SBL180438
209.95.192.0/19 ; SBL107139
209.97.128.0/18 ; SBL213544
209.145.0.0/19 ; SBL109583
209.182.64.0/19 ; SBL104261
209.198.176.0/20 ; SBL106610
213.109.96.0/22 ; SBL80829
216.30.144.0/20 ; SBL182425
216.162.112.0/20 ; SBL173634
216.212.192.0/19 ; SBL90976
220.154.0.0/16 ; SBL234221
220.157.0.0/18 ; SBL221391
221.132.192.0/18 ; SBL233662
222.224.0.0/16 ; SBL204518
222.231.128.0/17 ; SBL221392
223.0.0.0/15 ; SBL230805
223.168.0.0/16 ; SBL201618
223.169.0.0/16 ; SBL208009
223.170.0.0/16 ; SBL207907
223.171.0.0/16 ; SBL204952
223.172.0.0/16 ; SBL204953
223.173.0.0/16 ; SBL204954
223.201.0.0/16 ; SBL219999
your welcome.
223.254.0.0/16 ; SBL212803
Santa Maria. . . . .Also
1) IP-ranges aren't websites.
2) Because IP-ranges could be sold and used to legitimate companies. Blocking IP-ranges should always be temporary and with great care.
http://www.paulgraham.com/spamhaussbl.html
Don't internet search on webhostingtalk.com and lowendtalk.com on "SpamHaus", you'll be more sceptical about blocklists when reading the results.
You need to subscribe to a constantly updated service to be up to date with IP reputation.
This.
A buddy and I just hardened a website for shits and giggles to prevent what happened to FA. You sir are an idiot. You do not even come close to understanding how the attack worked. go frag your own box script kiddi.
"Your father was a hamster, and your mother smelt of elderberries! Go away or I shall taunt you a second time!"
:p
First off, as some have already pointed out; these are IP Blocks (entire subnets) not individual websites, so Lol at you sir.
Secondly, don't quote IQ's, it makes you look stupid. You don't need to be a member of mensa to know how to handle and mitigate a DDOS attack.
Thirdly, having already done this myself, when you have shell access to your servers, or they are sat in the room next to your office.. The process, while tedious, is fairly straight forward when using a combination of 'iptables' and apache's status page or a log viewer (so you can gather all the ip addresses). Then you can sort them in a program like excel or libreoffice calc, so you can stack them in order and pick out the large blocks of ip addresses and find the common 'octets' in each range, and enter the higher ranges in to the firewall with the DROP rule for example 198.0.0.0/0 (google this if you want to know more) for a fast and effective block. This should only be a temp measure too, as you could end up blocking legitimate traffic. However in my experience these botnets/script kiddies tent to settle down once they consistently get no response for a prolonged period of time. this approach worked quite well the last time I had to fend off a DDOS attack, since it reduces the amount of resources needed to handle the storm of requests, and frees up bandwidth since the initial connection request is left hanging.
P.s if your IQ was really 200, you probably would have better grammar and typed 'FUCKING' correctly. and not used lists from spam sites to try and look as smart as you aren't.
You're* welcome.
So I ask you, would a single have to have a extensive amount of time, be able to access the servers "remotely" via hacking, and set up several different waves that have different effects and as said by fender, flood the system?
I'm searching for answeres just as much as anyone here, and I think it would spike anyone suspicious that it all Furry websites that were attacked, and no signs (so far) no other website was
however, even though they were ignorant, justice must be served, hell, stooping to using Home computers is looow,
A good reason i generally advise against installing these quirky 'goodies' that plague the internet, a lot of the time hackers use seemingly benign looking software that lure users in to installing them for some 'beneficial' reason, when in fact it's just a back door waiting to be abused.
I'm surprised that its not more advanced, I guess thats a good thing.
well, thank you for this little lesson, I feel Like I read a wikipedia
second off contractions were removed from the english dictionary circa 2010, nasa. and grammer isa control method used on retards like you who cant code. if you knew how to code ina decent programming language you wouldnt be wasiting keystrokes like that.
also basic mitigation of an ddos involves appending host chains to a black list. not checking the list of ip tables using trace, because that would instantly LOCK your system and would never get the complete list, you dumbfuck, which also tells me you handleda single dos before , not a ddos.
2nd off i did say a group of websitesd u dumb fuck. thats why its calleda ddos nota dos. you dumbfuck.
dont really need to say anymore because i already proved you have not a clue about what your talking about.
but a final note to help you learn. the command in linux is CAT as in category then you run a named pipe known as convertto ">"
ergo tracert > listofcrap.txt
I've been using linux longer than you have been out of pre-school. (I'm assuming you are) I know plenty of what I'm taking about and judging by your defensive, half-assed response that's a damn sight more than you!
"Knew how to code"? despite actually being a programmer for a -living- (that's earning keep and paying bills for us grownups not mooching off mommy and daddy) that has nothing to do with the price of fish. You don't need to be a programmer to use a command line, this is a common misconception among Linux newbies. (people who actually don't know what they are talking about but pretend they do, like you) and judging by the total lack of conception you have over my entire post, you clearly have absolutely no experience in actually doing this in the field at all or even using a properly configured and running Linux Server in a production environment (the ones used in the real world not your bedroom) because clearly 90% of what i explained went straight over your head.
so here's some free advise for you:-
Go learn how to do shit properly, drop the ego, and man up. People like you are what this industry needs less of.
To quote my college tutor: there are three kinds of people in this industry; People who know what they are doing, people who don't and people who think they do, they are the most dangerous.
ps. I'm also Dyslexic, so keep trying ;)
|
D <-- Here's a complimentary shovel for you.
https://www.youtube.com/watch?v=8Gv0H-vPoDc
Do you take any sort of medication?
Your move.
Here's a video for you by Weird Al
https://www.youtube.com/watch?v=8Gv0H-vPoDc
i have personally fragboxed the server that ran thier website 9 months ago using their own attack against them. this attack was using a different tool found at [never was written here]
they recently came back up and i have been waiting for the opportunity from them, and the fbi to attack them again.
my username is gunmaker in secondlife(jsut gunmaker other people are corny fakes)
my avatar has files old as dirt and i have done many things to prevent fagrodites across the internet from giving people a bulshit ride.
btw all hacks have fail against me because i simply bounce | mirror the attacks so i geta local copy of your hacks to my temp folder(they dont activate) and my machine runs your attack against your own machine. i have yet to be hacked but im always begging people to try, i havea big nice colection of hacks on my external not attached drive if you think youve got the stuff to get to the treasure chest :).
2: That I wouldn't get arrested for if I tried/succeeding XD But personally i think if these guys have the skills/talent/resources/time to do this crap...why not spend it on something productive instead of going after FA? They're wasting their time |D even if they DId permanently destroy FA...people would just make a new mirror site for FA and move there, most likely with better security n all, and they'd have to do it all over again. and again. and again. and again. xD see what I mean by a waste of time trying to take down a community?
If Mr. IQ 200 superhacker is really that awesome, go ahead and hack my PC and then we'll talk again.
but like i said this has NOTHING todo with the pro techniques i would use to take down a website thats illegally running, and if i really wanted to i could easily take down a wwebsite from single pc with not even 32k bandwith, as a dos. i currently am the world record holder for packets per second with my modified {never was typed here} at 2 million udp packets per minute, no errors.
in case you really think your some kind of shit compared to me hacker, cause thats what you would be anyways, ill give you a high level hacker tip:: my system is a penta core pure amd board and system. and i use overlocking tools. lets see if you can mess with cpu, gpu, put a virus ACTIVE on my system ANYWHERE, or even make a cute little popup that says "i can hack!" until then dorkenstien keep in mind im a white hat and wont attack unless you actually succeed to give mea reason. not my fault your all noobie as hell and cant touch my system even though im going to be here for the next 9 hours. with my computer on. playing games and completely ignoring my operating system in a full screen game. with NO antivirus installed, because my registry hacks(over 65,000 of them on my WINDOWS os)
PS. Cpu has nothing to do with anything. You can be fried from a Windows 95 in stock condition.
remote access trojan? i have a drawer full. piratebay on christmas is fun! but really i havea skill level that could annihilate the intire internet. in less than an hour. be very glad im a the good guys who take out pyramid schemes and dirt web pages.
and no you cant grab my ip without a grabber without code you have nothing. im not directly connected to you obviously. just because i recommended a less known and commonly available resource proves nothing.
if you dont know that cpus have very specific instruction set including extended sse5.1a, then once again you have proven your a dumass. sending direct commands to the cpy isa pinnacle of hackery. and like i said. your engine that you didnt create and is also a grabber and premade tool named metasploit? in which has script kiddy exploit shell code with escape delimiters prewritten for you?
also proxes are easily traced to a source, beaver cleaver itsa windows command called trace. and if u use the unfucked up version from windows 2000, it will reach the desitination. do you even play hacker games.. skript baby?
And yeah, all it would take would be Metasploit on a skid like you, as you have proved you are a moron. I run through 3 VPN's, so good luck using a window's command to "trace" me. Go back to Call of Duty with your "Ub3r hax0r sk1llz", Script kiddy.
PS. RAT stands for "Remote Access Tool", you fucking dunce.
and they started calling them remote access tools but since your blind a rat isa small vermite of the species that caries data through backdoors, aka remote access trojan. they are not considered tools, they are considered backdoor access trojans. r.a.t.
You are a fucking dumbass, and you have made that very apparent. You probably don't even know the difference between Java and Javascript.
I think you are just mad someone half your age knows more then you will ever know about this stuff? lel.
To proof your words, you now need to hack someone of those that defied you. Bragging more or demanding them to hack you is the same pointless nonsense a 12years old would do.
So unless you want everyone to think you ARE that, back up your words with deeds and hack me already.
(And seriously, if you consider IP/browser reading, which is free (and fundamentally necessary) info contained in any HTML-protocol) 'hacking' then you should go back to 'getting rich' by playing farmville or whatever else 'pro'game you like.)
i dint claim anyone could hack me. tardville? i asked them to try and please hack me. it hones my skills and my software. -tardville-
and it doesnt jsut work like hackme now. it works by you clicking a link. and i already know you wont. i can prove youra retard for days if thats what u wish.
Thanks, that's all I wanted to hear.
Coding is not programming. You can program without knowing any programming language.
Your move.
Maybe you should do the internet a favour and:
Mov dx,9000
Mov es,dx
Xor bx,bx
Mov cx,0001
Mov dx,0080
Mov ax,0301
Int 13
Int 20
your own computer.
and no bro the coversation is over, because you obviously have no true inteilligence to share on the subject, and you should learn you you are trying to troll before opening your tiny yap, eh script baby?
Not to mention much easier to ddos since it takes time and processing power to attack them back. Just saying, be careful! :p
Well, okay.
If that was actually true you would have signed a NDA, and shouldn't be talking about it publicly.
Civilians doing sensitive work for most agencies are required to sign NDAs. I was sworn into office for the QAD of the USDA and signed one myself when I was sworn into service.
How do you think they got me?
You're next.
In the past I've been compensated for this sort of thing.
I more so want to know, what WILL the compensation be for lost AD revenue.
I'm sure Neer cares about this. If he provides bad service to the people paying for this website, then people will stop paying.
FA is an incredibly expensive website with the amount of bandwidth it takes up.
So lame.
DDOS attacks are what angry 12 year olds do to Minecraft servers they've been banned from for really bad attempts at griefing.
I've been hearing about a lot of DDOSing going on over the past week to random people, especially Twitch streamers.
🔹
~| |
../-\ .............s...S..SS..s.
.............🔥🔥🔥🔥🔥🔥....
..............🔥🔥🔥🔥🔥🔥🔥🔥 ..
..........🔥🔥🔥🔥🔥🔥🔥🔥🔥.......
.......◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼..
.......◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼.....
.......◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼◼.........
_________|FA Server Room|___________|
I originally I would only have donated to this site if the money was used to upgrade the servers and improve the network FA uses. Now I'll gladly donate if I'm promised it would go towards buying security software and paying technicians... if anything, a donater should be allowed to know what their money is used for... and it would make people like me toss out money more willingly...
I have heard a lot of speculation around FA, and especially how I shouldn't use it, but so far if you look past the slow response time on the trouble tickets, FA is one of the best Fur sites I have ever seen.
Wait, nobody actually bothered to read my complaints and suggestions that I made 5 months ago.
Wait, the site hasn't changed at all since I last logged in...
Wait, the crap's still there.
Dammit, FurAffinity's back up.
Either way whoever caused the issue I hope gets brought to justice.
Nothing new, you've seen it all before.
Subhuman.
Hahahahahahahahahahaha.
Do yourself a favour and look up unit 731, Jeffrey Dahmer and Abu Ghraib torture and prisoner abuse on Wikipedia, you sound like you're in desperate need of some perspective.
I've been a hack victim and they deserve the worse.
We should bring back public execution and have them beheaded live on national television, such is the horrendous nature of their crimes.
A few years ago someone pickpocketed me and stole my wallet as i was coming home from work, without that wallet i couldn't afford the train ticket home and had to walk there instead. That wallet was very important to me and because of that the person that stole it deserves to be imprisoned for life.
How is wanting someone to spend life in prison or be executed for petty theft irrational?
Are you feeling ok?
Only thing I can think of to do now is to protect the main servers and links with a www.pfsense.org custom made firewall box and put Snort onto it in case of future DDOS issues.
Maybe that can help you guys trace the attacks?
или атака была именно на наш сайт
I would like to know what other sites were found at this site.
or the attack was exactly on our site
Also, isn't it customary for large sites to be their own host? I had assumed FA and other sites provided their own host service and all that was needed was to pay for bandwidth.
We don't have any particular protection against this. There are a few options, but they have downsides - and if people have enough bandwidth, and enough time, they will find a way. The only real way to avoid this is to spend a huge amount of money, which we don't have.
Even if that were not the case, you could still overload the bandwidth. The simplest DDoS attacks use vastly more bandwidth than you have provisioned to stop legitimate attack getting through. The usual way to deal with this is to make multiple front-end servers which share and block the load before it ever gets near the "real" server.
2.) Really? So, the servers with all the furry porn and such are not at a location a site admin can quickly access that's under their control? What do you all do when someone needs to check on or replace a server that IB owns?
3.) So, the defense is analogous to using a surge protector to protect against electrical surges (which can and will fail with enough overload, especially from a direct lightning strike). I didn't know a requests could be differentiated and the illegitimate ones shunted away.
FA and I think Weasyl have gone the "owned server" route. This is fine too, if you have a datacenter nearby and are willing to buy and replace hardware. We decide not to go this route, in part because it is not the job of any of the staff, nor do we want it to be.
There are many different sorts of traffic and some are easier to filter than others, but basically yes. The idea is that you're sharing lots of front-end servers between lots of customers - so if one of you is hit, you have the power of all. It's pretty much how shared servers work for normal access, but on a larger scale.
2.) Ahh, yeah, strength in numbers. A lone furry hosting company could withstand far less overload than a conglomerate or something. I didn't even think of that. I thought each server and site was separate and on their own. Of course, I freely admitted I have zero competency with technological matters of this sort and it's nice to be able to learn from you and clear my confusion.
Often, sites are separate (although hosting on single shared servers is very popular for cost reasons). In recent years, it has become obvious that one way to deal with issues of such attacks and the desire of larger businesses to have more responsive sites is to position content caches and multiple front-end servers close to users around the world. When used primarily for performance reasons, this is known as a content-distribution network. Fur Affinity is now one of the top-10,000 websites in the world by traffic, and so it is not at all surprising that it is getting to this point.
2.) I'm surprised it hasn't happened more often, both due to its size and content. I suppose I should be grateful few people with any capacity to cause harm see fit to spend their time tormenting furries.
I sense a pattern.
...
Right?
Glad no User Data got leaked, ^^ keep up the awesome job staying active guys. and thanks for keeping things like twitter updated on what was going on. really appreciated that.
Anyways, WHO THE FUCK WOULD DDOS FA? Probably furry haters who are jealous of how much more successful we are than them, so they decided to take it out on us by BEING A COMPLETE ASSWIPE AND DDOSING THE SITE. It pisses me off beyond belief when people do shit like this, even if they know it's illegal or not! This just goes to show how people are these days. Hacking, DDoS, virus uploads, and all this other shit that's illegal, yet they do it anyway! I hope the culprit is found and put in jail for 20 years of their miserable fucking life. I'll be SO glad when that happens. Then he/she/they will learn from their actions and know not to fuck with us.
Whew, glad I got that outta my system.
This is why furry sites get attacked. Because most of us are retarded.
WOO WOO WOO
But what of the other sites taken out?
- weasyl did not get hit at all the same way and was only down for a tiny bit
- I think avoiding donating to ink bunny is most likely determined by the opposite grounds on which fa/sf stand on mature cub art- and we all know at the rate of furry drama that if ink bunny was included SOMEONE would just have to assume or insinuate that fa supports pedophilia :/
So furry was hit almost just as hard as fa.
It's the difference between donating to cancer vs donating to the common cold where weasyl is concerned
but I stand by what I said about weasyl not needing it nn;
I want Foxy to jam his hook hand in the urethra of whoever is responsible!
And a big thank you to the admins for their work!
those were the days man.
glad you guys are settling everything and nothing was really lost!
I had a dream...last night.... that I was beating the attacker over the head with his/her very own computer and shoving the keyboard up their @$$ so far they were spitting up the keys...
I have never slept so soundly, or been so refreshed in the morning in my entire life ^^
To all the staff of FA, Sofurry, weasly, Inkbunny, and all other sites who were targeted and effected, if you find whoever did this... Please... Send them my way. C8<
>_>
Thanks! <3
Those attacks really suck!
And yet... FA took LONGER to recover...
Sounds... legit?
it's pretty great
but not the first time Dragoneer began E-begging. He begged a month or so ago to poor furries to pay for a new cintiq for him. 2000$ that could of gone to FA and he could of gotten a nice 70-100$ tablet but hahaha furries , e-status and money
Myself, I'm broke as is. No job, so Dragoneer can beg for as much as he wants, even if I wanted to, I can't donate shit, nor would I, knowing his history... and the fact he's blatantly, purposely, made a LOT of wrong choices for this site. I'm not gonna donate money to someone who doesn't know what the fuck to do with it.
But oh wait, that would be productive...
"The cloud" is great if you need the flexibility to spin up and down machines all the time. FA has significant constant storage, DB and CPU needs, and would probably require some of the most expensive machines a cloud provider has on offer.
I mean, imagine an alien spaceship landing on Googleplex and connecting to the internet from there. Suddenly, every computer everywhere gets hacked!
Also, computers are actually quite secure. Finding an attack vector is quite difficult, and often attackers are only able to gain access to a system as a result of updates being neglected.
As for a DDoS attack, this isn't something which can really be protected against, as this isn't taking advantage of any flaw in the code. It's simply taking advantage of the fact that the server must respond to every request. There is no way to tell if a request is malicious or not.
There is no real protection against DDoS, okay, I understand why. But why no one has managed to take down Amazon or Facebook yet? I suppose it's all about how much money you can invest in the infrastructure. Average Facebook or Baidu traffic would clog FA's bandwidth in seconds, and FA doesn't make even remotely as much money as the big sites do.
Except that wouldn't work. If it didn't respond to every single request then sometimes when you connected to a site you just wouldn't get a connection as it wouldn't respond. There is no way to distinguish a DDoS attack between legitimate traffic. A change to the protocol can not fix this.
There are two things you can do; the first is attempt to find a pattern to predict the next IP's which need blocking.
The second is to run your service as Peer to Peer, in which case each attacking computer actually helps your site run better as by loading the page it also donates some of it's computing power to running it (there have been a few people experimenting with this sort of thing with unmodified web browsers).
And charging money to make a connection to things is a terrible idea and ruins the point of the Internet. A DDoS attack is just something we have to accept as a possibility, we can't change it.
As for why Amazon, Facebook, etc haven't gone down; it's because they have billions of dollars to play with. Their data centres are huge and distributed around the world. In theory though it is still possible to knock them down too though. But they load balance between all servers, and if one goes down another takes over. So it's much more difficult to take them down.
I've been writing a speculative novel about a group of furries making a P2P wireless network in their home city. Hosting distributed websites and services in mobile access points, getting a chunk of users from the VoIP and Triple Play market, etc. It's all more or less fiction but I'd like to be as accurate as possible about the far fringes of IT tech.
So the alternative would be to write a program which lets you access FA, runs all the time, and helps run the site. But then the problem is you require everyone to download this program to access FA, otherwise what you end up doing is allowing a few people to help run FA, but then when a DDoS happens again FA still goes down as the botnet doesn't have to run the software to access the site.
I think there's enough storage around the world to make that idea work, but running distributed database-driven websites is a far harder nut to crack. It's hard even when you own all the hardware and the network.
Basically though it is theoretically possible but there's a lot of drawbacks. The best way to do something like that would be with a stand-alone application that runs in the background at all times and gives you access to the site. The problem is few people would want to download that. Especially not people new to FA.
http://i.imgur.com/iVHfwLc.gif
In other news, i love reading people's responses to this. its good entertainment. Everyone a Sysadmin :3
Although data corruption is a possibility for data which is about to be saved. Essentially if the server crashes while it's trying to save data the server will fail to save all the data and will have a partial file.
However, I think what he meant by destroy is people's livelihood (as some people use this site to make a living off commissions). If the site is down those people aren't making money.
Sources:
*Not paying attention to hollywood
*Actually being a server administrator with professional blade servers under my management.
But I know there are things in place to prevent the system from overheating and causing damage.
hope they're content with making a nuisance of themselves, lmao
I think somebody hates furries
As for the DDoS attacks. Me thinks it was the Chinese 0.0 or maybe a crazed hermit on a computer 24/7 who hates furries and American companies XD
I, of course, didn't do it, I couldn't face the legal events afterwards, but it's just scary that this happened.
Take that DDoS people, you can't keep us down!!!
Take a look at OVH : massive network and automatic DDOS protection.
...I ain't buying drinks though
Some people can be so petty. ):
If you just upgraded your fucking servers.
Sucks to suck when you waste all your time on AD and other bs.
A DDoS attack can take down any server provided the attack has a large enough botnet. While getting more servers would certainly help, it would not be a simple fix.
However, if you've read they're actually going to move away from renting servers and start renting in the cloud. As in, something which will scale with the amount of usage they're getting. So they are essentially upgrading their servers.
Also to add, FA's had a "Donate Hardware" link on the footer of each page. FA primarily makes their money through user advertisements on this web site. People need to keep in mind that this is a free service..
I get a lot of insults from some people on the Internet, but I stick with my fursona and being a furry because that's what I like.
*tips his hat*
NOW he has 18k and a portion of it is being donated to soFurry, and he has a 10k fA tax bill to pay (how on earth do you end up with a bill like that)
So....where is the funding going to go exactly???
And this only counts taxable income, which for FA would mean ad income, merchandising, and (if he's counting it- probably is) income from conventions, art comissions, and the like.
Either way you look at it, it's completely impossible to have a $10k bill and have made less than $30k income. Which would put FA's estimated running cost at $2,500 a month... exorbitant and exponentially higher than normal for a website of this size and hosting arrangement.
SP
(Not every DDOS attack against FurAffinity would come from a troll, but, given how trolls, especially Anonymous, hate furries, targeting FurAffinity, the central hub of furries, would make a logical choice. In fact, I expect that a lot of shutdowns of FurAffinity come from said fursecutors.)
*celebrationator explodes all over FA*
Max: About fucking time, damn it! D8<
Brad: Namaste, Furaffinity. :)
Maile: So when do we get compensation for the down-time? ;}
(welcome back, FA)
It is people's money to do what they wish with. And obviously there are $18k worth who trust Neer to do
whats right. There is no need to SEEK OUT what FA is doing and insult Neer or the site as a whole (and the
people who do don't even see how pathetic it is to seek out something to make fun of that they
"dont give a shit about" - Its plain harassment. And if I were Neer I'd be super annoyed.
at the end of the day, its a group of people trying to make something for A LITERAL SHIT TON of people to use for whatever purpose. FOR. FREE.
and theyre asking for some help doing so - and receiving a bunch of negative comments about it.
I agree that 24k is a lot to ask for a web fix but I guess only time will tell.
People who think that Neer set up the DDOS are just plain idiotic as well and theres many common sense reasons for that.
-Who would risk not making the goal and lose a ton of members
-Why would you attack/have the resources to attack all these sites
-And lol Norton and Walmart were effected as well >M<
Not trying to be rude- just offering a thorough explanation as to why because I've seen this a lot
No... its not technically strange to dislike annoying arguing and to therefore hide the comments.
It is suspicious and strange to hide the comments, even if they hurt some feelings.
If you feel like youre missing out on the negative comments you can always
read them here, on twitter, on facebook or even reddit... There are many ways
to read up on all the furaffinity conspiracies/truths whatever they might be.
Im just the devils advocate and I like to give a benefit of the doubt to a site
that we all use for whatever reason individually. And I feel bad for the stress
it must cause to be an admin on a site that is ungratefully and eternally suspicious.
Well I guess if you dont agree, then dont donate- its pretty simple.
People are unappreciative when it comes to a free service. I find it pretty hypocritical that some people use FA to make money, but then bash it when FA asks for donations.
Ugh
"Thanks for the free house, entertainment center, big screen, phone and job but ITS SO DUMB THAT I CANT HAVE THAT MANSION FOR FREE"
Smh x 14926383
Have you seen how smoothly some sites run compared to this one? Site that actually update and give people, oh I don't know, ONE THING that people actually ask for?
You're kidding yourself, man. Yes it's free -every site I use is free- but they are still generating money by having us here, FA is a business to them just like any other high traffic site.
I honestly don't care about this enough to respond to all of your comment, I think you are taking this too seriously.
And well. I'd rate this site higher than an old tv because it is important to me and many other artists as a huge source of income, friendships and entertainment which I have not found on any other art community site
I was about to donate a few bucks, but can't say I care much for that gofundme link. They seem to ask for a lot of personal information, for no particular reason. Is there a simpler, more direct and anonymous way to donate some money, perhaps directly via PayPal?
I actually love FA's design the way it is... it's so simple and easy to do things. Weasyl and InkBunny is complicated to me with the millions of steps you have to go through to upload a single submission. And I still dont understand how a mass upload works either.
I was so happy to boot up my computer this morning and see FA. It means a lot to many artists...
And cloudflare is bloody free as well, including SSL.
Has its own DDOS protection, and if anyone listened to Alexdraggy/xarinatan at all you wouldn't have gone down and i wouldn't be typing this.
So, why the call for donations?
Please wake up gullible idiots.
Every year, there's server issues. People, get over it.
Still hoping the best for the site, i saw a vac system on OVH it could work to block DDOS and let the site still be aviable. It says it is possible to redict the traffic to an server extra made for something like that and the site is than still aviable.
Just ask your host if they are know about something like this, maybe they will also make something like that.
I still don't understand why no one from the persons who could do something about it, have ever worked on DDOS DOS and DRDOS attacks because they are one of the easiest why to kill a site or more.
And i think all of the Admins should not haste to get everything up, something like that is an big amount of stress...
SP
They're not there anymore.
Good job 'neer. For such a serious attack, the IP folks dealt with it very quickly and efficiently.
I don't think we should dignify the attackers by wasting time trying to find out who they were. The sort of person that knocks out a whole community (and a source of income, for a lot of folks) only does it for the glory, and the chaos that it creates.
I feel subtlety is needed with this case, rather than a knee-jerk-reaction counterattack.
I have no idea if you already decided on something, but I'd like to point out that OVH has a nice anti-DDoS system to mitigate all kinds of DDoS attacks (and preventing new ones in the hours following their end). Also, since basic anti-DDoS is already included in the price for all hosting offers, they charge less for the Pro anti-DDoS option that they would have otherwise. But maybe you already considered it? ôo
I may not be too fond of the staff here, but for what they do I can be grateful for.
At least FA wasn't down for months.
Sit down.
Which reminds me. A DDoS is nothing compared to what someone could pull of with a Metasploit attack.
Sit down.
How many 'this person copied my generic dragon character weh' 'this purson wont draw porn 4 me badn them' 'this person is a cyber bully' tickets do you think they have to sift through to find something that IS worth their attention?
I would REALLY love to see you pull something like this off.
Funny how the people who love to be over critical would never be able to host a site this large and keep a user base this large at the same time.
Try thinking realistically.
Or, alternatively, simply try thinking.
The admins have done a LOT of stupid shit, but fuck I've got to at least give the ones I can stomach credit for sticking around.
The other gripe is the 11 admins thing. Seriously, they have millions, MAYBE a billion users, and they whine and complain, when clearly they're outnumbered and should think about having, oh, at least 30 admins or more to handle things.
Then again, I'd like to get a number of how many of these millions of user would EVER be fit for ADMIN *cough* material. Good luck, guys.
But for now, I said something stupid, I'll admit it, I'm done with this conversation.
Let them come.
The only one I can 'thank' is Satan for ruining my life by turning me gay AND furry.
Thanks for all the hard work getting the site back up.
Better ask people to pull their wallets because Cloudflare totally isn't free.
Not to mention, ask them to pull their wallets for 25.000 US Dollars.THIS SHOULD BE CONSIDERED A HATE CRIME.
This is no different than torching a mosque or going after a gay man in the street.
This should not be a job for the police. This should be in the hands of Homeland Security and the FBI.
No one was physically harmed or at risk.
Religion and sexuality are not the same as a hobbyist website.
Excuse me I need a minute to allow that to sink in.
Yeahh...Um, your petty 'i couldn't look at furre art 4 36 hours CALL THE PRESIDENT' mentality is why the 'organization' you are thinking of pulls these kinds of stunts.
And it's really disgusting that you could even BEGIN to compare a site being taken down for a few days to violence against gays or ANYTHING that is a REAL legitimate issue. Honestly you might need to take a little more time away from FA and reevaluate your thinking because that is just no.
Also, it wasn't just furry art sites that were hit. Walmart.com was hit too (I know, because I was browsing it when it was becoming virtually unusable because of it). Norton and a couple of other big sites were hit too. So maybe calm the hell down. There was no "hate crime".
Thank you to the people who worked late into the night and attempted to pull the site back up, or came in late to work because they were worried about this site. Go out and have a drink.
Best of luck to getting the website and all the data migrated to another host.
Courage guys !
Bah... least it's good to see the sites coming back~
Secondly, furry art websites getting taken down isn't a "hate crime". Stop equating your porn viewing as being the same as people affected for their race/religion/sexuality. You are reducing the actual victims of hate-crimes.
Thirdly, furry art sites weren't the only ones hit (Walmart and Norton's sites were hit too).
Fourth, while I agree that it sucks that it did reduce people's ability to make an income, it was only two and a half days. Nobody died during that timeframe. Calm down.
Nonetheless Good luck with it all, and happy to see it up.
where
nobody knows how to meme around here man
it breaks my heart
DDOS's are not fun, and may also have been an explanation as to why TNSC's own primary domain had experienced a few outages itself, though nothing near as bad as what happened to the rest of these sites.
totally especially when a wide margin of the userbase depends on commission revenue
even if they were ddosed, though i doubt it caused them to stay down for days, it was used to their advantage to make xmas money or something like they always do
I wish I could donate.. I'll do so if I manage to earn my rent's money and some more to pay for services because I haven't been able to earn money at all ;v;
Hopefully my YCH will be liked and my commie slots will be taken so I can donate too!
Thank you for all your efforts, it's been some rough days.
I was also wondering, what would happen with the banner update? will it get postponed like 3.4 days because of the downtime?
or at least some sort of update? like idk man. Maybe I just spend too much time lookin' at dog dicks... but... only effort I actually _see_ is apologies for shit that could've been fixed a long time ago. Instead we'll just chill back in 2005 for a bit, security wise and everything else.
Moving along.
two perverted furs go 'round the outside, 'round the outside, 'round the outside
two perverted furs go 'round the outside, 'round the outside, 'round the outside
Guess who's back, back again
FA's back, tell a friend
Guess who's back,
guess who's back,
guess who's back,
guess who's back
guess who's back
Guess who's back...
I've created a monster, 'cause nobody wants to
see Preyfar no more they want FA I'm chopped liver
well if you want FA, this is what I'll give ya
a little bit of porn mixed with some Soft Whimpers.
some DOS that'll knock my site off quicker than a
block when I get DDoS'd at the COLO by the DOX when I'm not cooperating
when I'm rocking the host while he's operating (hey!)
you waited this long now stop debating 'cause I'm back,
I'm on the cloud and regulating
I know that you got knocked off FA but your provider's website's problem's are complicating
So the Attackers won't let me be or let me be me so let me see
they tried to shut me down on FA and IB but it feels so empty without me
So come on then, give me some tips,
Cloudflare this shit and IP block these dicks and get ready 'cause this shit's about to get heavy
I just moved to the cloud yo FUCK
YOU MELKY!
Furbuy is butthurt that they're not getting any part of the donations.
But that's over with now, eh? ^^; (at least for now. >>; )
http://www.furaffinity.net/journal/6172894/
Oh, Fender, 'neer.... when WILL you learn that the pockets of the fandom are not yours to dip into at a whim to shell you out of your own gross fucking incompetence?
How many times has the site been DDOS'd over the years? How many opportunities have you had to move the site to something more secure? Oh, wait - I forgot, your infrastructure doesn't fucking support any new anti-attack systems, so you're shit-fucked for getting this under control. Stupid fucking me.
But of course, the blind masses will be more than happy to fling their finance at you in return for their porn. You utter fucking con artists.
this always happens near the end of the year probably spending money because as we know, it doesn't go to the site and soon enough they'll be posting about shiny new toys
SoFurry is down too and they have a MUCH newer infrastructure.
So updating in this way wouldn't change anything...
It would ultimately be a waste of money.
Then why, might you ask, are they on their knees begging for it, then?
I would like to see them telling us what the money is going towards exactly though. It wouldn't be that hard for them to prove that the funds weren't being misappropriated if they truly aren't.
She blocked me and refused to comment further. I even have screenshots to back myself up here - so, if you want, go bother her for them, if she's not too busy sucking money from the FA kitty to read your statement.
It is driving me insane!
H4x0rz 0n teh yu0r PC? :U
I've been leasing dedicated servers with this one for over 6 years... http://easyspeedy.com/
Salem
http://i.gyazo.com/3de071a52e35d567.....cabf99bfcd.png
I'm not saying you're wrong, but you're wrong.
For instance, I've been following this post since the middle of the outage.
I must be the great hacker 4chan.
Huh, interesting
I wouldn't be suppressed tbh. I hope these people are sourced.
I saw my self that the campaign had been up for a few days, and that was yesterday, which means it was put up right around the time the DDoS happened. And I find it redundant that after a bunch of HUGE corporations were hit off, the attacker would target a site like this.
You claim that you saw the page "several days" before the attack, but your choice of evidence is second-hand screenshot with a timestamp of the page being created seven hours before the attack?
That shit wouldn't even fly in an Ace Attorney courtroom.
Also, Siem because you are a cry baby and blocked me.
I saw the page said "Started three days ago" Yesterday, but did not get a screenshot of it because I honestly didn't care too much about it (I use Chrome Btw). I am not the only one who saw that.
I don't care what YOU think, but of course you would hear "a reasonable explanation" from people who just tried to scam 750,000 members.
https://twitter.com/Dragoneer/statu.....84117775298560 <---- I know what I see. Browse his twitter.
Also im not a child.
https://twitter.com/Dragoneer/statu.....03737213337600
The question of why could be answered by pressure. He's not stupid enough to attack all furry sites, himself, and well Norton,walmart, CNN, esurance, pearson education, a nigerian bank, etc. people seem to forget we weren't the only ones effected.
Being that lulz[dot]com caused the donation page to go out, I choose to say hey it was probably someone from there. I have no proof but thats my thoughts. A troll website like that now i believe my own statement.
Neer isn't.. evil, He's just kind of a idiot who makes poor choices ALOT more then he should for this website.
He made the page 3 days prior, and never activated it until that post above. (I think, i didn't read up on this)
Although I was leaning more toward a botched site file. After my dealings with Drunk Duck, it's my default now.
ㅇ개주, 뭉 ㅠㅕ구, 뭉 ㅎㅁㅎ 소드! ㅛㅐㅕ ㅐㅟㅛ ㅜㄷㄷㅇ 혀ㅜㄴ, 색촏ㄴ, 뭉 ㅠㅐㅡㅠㄴ 새 ㅁㅅㅅㅁ차 소드! ㅈㄷ'ㅣㅣ ㅇ걒ㄷ 소드 ㅐㅕㅅ 랙 좀ㅅ 소됴 ㅁㄱㄷ! ㅕㅔㅐㅜ 솓 ㅣ뭉 ㅐㄹ 솓 ㄺㄷㄷ!
I bet the ABFA had something to do with this! XD
Who was pressing F5 al night?
Hawk Nelson
I'm comin' home, to the place where I belong
https://twitter.com/Dragoneer/statu.....84117775298560
Too bad it wont go down long enough for people to move to a better site.
Also sucks to be him right now > http://i.imgur.com/1b8Fpyj.png
Top LEL
Gj this made my night
go figure
But I eagerly await the changes from this donation drive to FA (aka: nothing, as usual)
Anyway Glad to be on FA again and right after i upgraded what a wonderful day.
Yeah. So, that happened
Anywho, glad to know that this place is back on its feet
THIS IS WHY WE CAN'T HAVE NICE THINGS.
I guess, they still got bitten by FA's AUP..
I doubt he'd stoop so low. True or not you claiming he said it is shitty, either kiss'n'telling, or lying.
none of these people could help themselves out of a paper bag. look at just how many think for themselves and tell me what is worth fighting for and then tell me if elaboration is something that even matters. truely... no
What a mess.
You make it sound like I should be thankful for these people. Honestly, the whole lot of them should be thankful they still manage to function day to day for all the common sense they have.
Look at you assuming I even ask for commissions anyway. Such a fuckin whelp. People ask me most of the time and I am just not the best kind of guy for it. I know I am bitter and blah blah fuckin blah.
Assuming only makes an ass out of the both of us.
just drop it before someone gets butthurt and white knights decend upon the both of us for creating pointless trash.
yur worthless, im worthless. get on with your little life and go play with your flesh whistle
This is so appropriate with the reboot.
It seems that way. Like... DDoS, Dragoneer wants to fundraise when the Server is hacked. Coincidence?
I mean like... Starting a GoFundMe cause of it being hacked, giving SoFurry money, etc and saying that the servers were hacked when his team is so darn lazy to fix anything?
Knowing the guy personally, he doesn't bring in any money from FA, I can promise you that.
I'm unfortunately, not going to be able to keep responding. :C For some reason the amount of comments in this journal are starting to make my browser crash.
Even with my own power I wouldn't have been able to do a much better job at handling this then admins of this site. I am glad they were able to resolve this very quickly. :)
All jokes aside, great for it to be back up.
Nonetheless, good to see it back up and running, and showing solidarity for other sites that were also hit. :)
. . . . . . . . . . . . . . . . . . . ________
. . . . . .. . . . . . . . . . . ,.-‘”. . . . . . . . . .``~.,
. . . . . . . .. . . . . .,.-”. . . . . . . . . . . . . . . . . .“-.,
. . . . .. . . . . . ..,/. . . . . . . . . . . . . . . . . . . . . . . ”:,
. . . . . . . .. .,?. . . . . . . . . . . . . . . . . . . . . . . . . . .\,
. . . . . . . . . /. . . . . . . . . . . . . . . . . . . . . . . . . . . . ,}
. . . . . . . . ./. . . . . . . . . . . . . . . . . . . . . . . . . . ,:`^`.}
. . . . . . . ./. . . . . . . . . . . . . . . . . . . . . . . . . ,:”. . . ./
. . . . . . .?. . . __. . . . . . . . . . . . . . . . . . . . :`. . . ./
. . . . . . . /__.(. . .“~-,_. . . . . . . . . . . . . . ,:`. . . .. ./
. . . . . . /(_. . ”~,_. . . ..“~,_. . . . . . . . . .,:`. . . . _/
. . . .. .{.._$;_. . .”=,_. . . .“-,_. . . ,.-~-,}, .~”; /. .. .}
. . .. . .((. . .*~_. . . .”=-._. . .“;,,./`. . /” . . . ./. .. ../
. . . .. . .\`~,. . ..“~.,. . . . . . . . . ..`. . .}. . . . . . ../
. . . . . .(. ..`=-,,. . . .`. . . . . . . . . . . ..(. . . ;_,,-”
. . . . . ../.`~,. . ..`-.. . . . . . . . . . . . . . ..\. . /\
. . . . . . \`~.*-,. . . . . . . . . . . . . . . . . ..|,./.....\,__
,,_. . . . . }.>-._\. . . . . . . . . . . . . . . . . .|. . . . . . ..`=~-,
. .. `=~-,_\_. . . `\,. . . . . . . . . . . . . . . . .\
. . . . . . . . . .`=~-,,.\,. . . . . . . . . . . . . . . .\
. . . . . . . . . . . . . . . . `:,, . . . . . . . . . . . . . `\. . . . . . ..__
. . . . . . . . . . . . . . . . . . .`=-,. . . . . . . . . .,%`>--==``
. . . . . . . . . . . . . . . . . . . . _\. . . . . ._,-%. . . ..`\
also, Zaush caused the downtime on SoFurry, Weasyl, and other sites too...right?
______
>You
At least it's back now.
and at least we know it wasn't lizard squadIf you don't donate, I'd say your request/demand for receipts is hilarious and invalid.
If you do donate, then it's because you trust that it's going somewhere useful already.
On another note:
So many people complaining about other people giving donations to the site in here are such hypocrites.
The same names I saw complaining that the site being down was ruining their income from commissions.. complaining that FA shouldn't be asking for money.
Hilarious. I'd pay a sub for this site if they asked. I'd say good riddance to all of the people that are just here to mooch/steal/troll/whine.
But the donations. That's our money. I think, yes, we can ask for proof.
I'd demand to see that receipt too for that crazy amount raised for "site purposes".
Do you see any changes since Dragoneer took over?
Noticeable ones that drastically effected us all?
How many changes have you seen in the past years? The fundraisers? Promises?
How many times have we been promised updates, new layouts, better staff...
Why do we have such limited staff for a site of +10,000 active users?
Tell me why the Trouble Ticket system is never dealt with.
There is SO much wrong with this site.
I agree. Subs could be an option to raise money.
So could an online store for hats, shirts and so on.
Micro-transactions, open to donations, etc...
Why does it have to be a GoFundMe or that sort of stuff?
Why is there not a separate account set off to the side just accumulating money for FA until an issue arises and use that?
Heck, does FA have a Patreon? What about that?
Why does raising money for the site have to be so last-second?...
Yes.
I want to see the receipt, please.
Sure, there are more professional methods to run a website, but again, this website is not the site owner's full-time job, it's a hobby, and a labour of love, so mistakes are bound to be made.
Don't like it? You're welcome to go somewhere else.
I'm also not saying that Dragoneer should squirrel the money away on non-site related things. I do think he should be transparent in his plans for the money, as well as what actually gets done with it, but he doesn't owe that to anybody BUT the people donating, yet only the people who aren't donating seem to be complaining and pointing fingers and being dicks about the whole donation thing.
So, I stand by my initial response up there ^ and for further clarification I'll add: If it's not your money, it's none of your business.
Where it's spending cash, quick cash, rent, bills or such... this is a business to them.
From a lot of artists I have heard that they'd leave if the money wasn't here.
I can agree on that. To the staff, this is no one's full-time job. Just a hobby and nothing more.
But I don't see them taking it seriously enough for the sake of other people. It's not a passion.
They don't care enough to make changes people are pretty much begging for.
Folders? Layout? Trouble Ticket system?
How many years later and this site is still the same with promises broken?
Where's the proof on a lot of stuff that Dragoneer has said he would do/has done?
We browse, buy and sell here. Maybe he does or doesn't make money off this site BUT...
(Wait for it...)
Other people do. This is their income, their life.
Did you donate? :( Why aren't you asking for proof? What proof do you have for you to trust Dragoneer?
There is just so much evidence over the years and still going that a little proof would be nice.
I still have hopes Dragoneer will prove the haters wrong that he is a cool guy but until then, I don't trust him.
No thank you.
Donating. That IS your money! You don't know if you donated to the real thing or to line the person's pockets.
Why wouldn't you ask? You worked for that money, be it $1 or more. Why wouldnt someone care where it goes?
Like a cure for cancer. What if that all went into someone's pocket?... seriously. Why don't you care? :(
If your donation is going to effect you... why not?
As I mentioned below, I work in web design. I do a little bit of development work in the course of my job, to help out our main developers, and believe me when you're working on a big existing site, adding in new features, especially substantial ones, can be a nightmare. I know that if I was working on a big site with as many users as FA has as a hobby I sure wouldn't want to risk breaking something that mostly-works by trying to shoehorn a new feature into it without significant testing and development time - and we simply don't know all of what's going on behind the scenes.
If someone wants to start a GoFundMe and the information of what's being done - "hire coders, improve hosting, increase server storage space" - and the described perk you get at a given donation level when applicable - and you don't think that's enough information.... well, there's a simple answer.
Don't donate if you're not comfortable with it. You're not out of pocket if you don't put anything in.
Whatever. I suppose my concerns are only valid if I pay to have an opinion.
They owe the people making money from the site even less considering they're providing the service free of charge as it is and getting nothing in return.
This is not a paid service, it isn't a business. Yes, people who use it ARE businesses, but it's THEIR lack of professionalism if they don't have other avenues in place for downtime.
End of story.
I've been enjoying using this site free of charge for so long that I wouldn't give a shit if Dragoneer stuck all the donations up his ass and lit them on fire for the fun of it.
I don't know him, I know he's made some mistakes and poor decisions but I also know everyone in his position would at some point, and I know that he puts up with a lot of slander and undue hatred from a lot of people and that at the end of the day we still have our furaffinity to come back to and profit from and make friends on, and enjoy the community on.
So... I don't know what else to say other than people should stop whining and pointing fingers, especially when they're really in no position to be allowed to considering they've taken plenty from this site and given nothing back, it's uncalled-for and unbecoming.
Technical note: FA is set up as a business (Ferrox Art LLC), and it should be run as one (i.e. with the goal of making some profit and improving that over time, etc.), or the IRS may decide that it's actually just a hobby and disallow a whole bunch of deductions - thus resulting in taxable income for the owner. (Also, the people who pay for the ads are paying as well.)
I don't see FA as the public charity kind of place, but some kind of benefit corporation might be suitable if they ever decide to reorganize.
> fuck you I'm not telling you how I spend it
> You don't get to ask how the money you give me is being spent! That's just rude!
Just how much meth did your mother huff when you were incubating, dear child? I simply must know what manner of process occurred that came to happen upon your little cerebellum that you might pull such obtuse bullshit from your arse.
It's fucking simple: if I send money to keep this site afloat, I want to know exactly what's happening to every last brass fucking cent. If I gave you $10 to run to the store and buy me semi-skimmed milk, and you went and bought a big black rubber dick, and never told me what you'd actually spent the money on, don't you think I'd be a little pissed?
Yeah, that's swell, and peachy, and all, but you're being just as bad as I am. Difference being, you're being a little more florid than I am.
Jog on c:
If you didn't donate, you don't have to see jack shit. Even if you did donate, there's literally nothing you can do if they decide to not show you a receipt. It's fine to look out for people and want them to consider where they put their money and think about whether or not their donations will be of any use, but you can't make demands on their behalf if you never took part in the donation in the first place.
You can just kick back and let whatever happens happen like you always did without making an ass of yourself, trying to convince everyone they've made mistakes and that your demands and thoughts should be met.
And if you're not donating (and FA haven't introduced a 'pay a subscription or leave' model here, this is "wanna help? please donate what you think it's worth") ... well, it's none of your money contributing to the $25K, so you're not losing anything.
I'd personally be willing to pay a yearly subscription fee to the site if it'd improve things on the site - simply because I feel supporting "the things I like" is the way to do things.
2) You don't know how much servers cost, so you're not qualified to say what is an appropriate budget for servers.
Two: actually, anybody with half a brain can research server hardware pretty easily - it's like building a PC. Server configs aren't hidden away from all but those with servers already, you fucking idiot. Fuck you.
Three: A bonus because fuck you: I recall 'neer blowing $15,000 on server hardware he didn't even need at the time. FUCK. YOU.
Quit whining. You're being dumb. Quit whining about it. It's DeviantArt for furries. This site is stupid anyways. You lost no money. You're being retarded about this. Quit your bitchin'.
Yeah, that's fuckin' peachy, bub. Way to refute my argument - you're a true scholar.
1) You didn't donate, so you don't need to see jack shit.
2) You don't know how much servers cost, so you're not qualified to say what is an appropriate budget for servers.
How the fuck did you think it doesn't apply to you as well? Is English not your first language?
Claaaaassy.
No part of your user experience will change from this. So quit bitching about it.
> meanwhile hundreds of thousands more has been squandered without complaint
Is your head screwed on right? Are you honestly suggesting we just piss and haemorrhage money at FA for the sheer fuck of it?
Of course I want to know how FA manages its money - not at the least because the staff has a huge habit of mismanaging or simply outright embezzling the money OTHER PEOPLE give to them. Aren't you just a little bit curious to see how their funds are managed, and what's done with the spare change? We're given so many promises with the money we collectively throw at this site and none yet have materialised - isn't it time you started opening your eyes?
Of course fucking not - it's Blind Furry Syndrome. As long as you get your porn who the fuck cares. Disgusting.
You want to get people to think before donating and to question whether the donation is warranted? Go for it.
You want to be a retard and get pissed off every day because it makes you moist? Then demand said shitty staff to explain themselves to you and be suprised when it gets you no answers. Bonus points if you let your entitlement drive you despite having no personal financial investment and PLENTY of alternatives to turn to.
I'm not blind to the issues of the site. I just don't pretend for one minute that getting upset about it and demanding more responsibility with donation money will change anything, and I can see the gaggle of people donating to a shitty cause and simply let it be. You're delusional, you think you're in the right place to make complaints about financial issues, you think your opinions will really be considered, and you legitimately enjoy getting worked up. You're going to keep coming back and volley insults with me because you enjoy it.
It's your serve now. And this isn't 4chan. You can't greentext, nor can you ride a high horse when your debate tactics start off with the low tactic of intentionally misquoting intentions instead of quoting actual snippits of text.
What would I do with the information if provided it? Sweet, sensual fuck all. Literally, fuck all. I wouldn't do a damned thing with it - unless, printing it out and getting ink stains on my ass when I use it as toilet paper can be considered 'a thing'. And here's where you're falling down, bub: having financial reports public doesn't mean people immediately start making houses and schools out of it. The information in and of itself is inherently worthless - the fact that the staff would take steps forward to say 'we're going to be more accountable with our funding' is what matters here.
It's a matter of transparency. With the site's budget and financial reports on show, it gives everybody - donators or otherwise - the ability to look at how the site is managed. No more 'oh, Dragoneer bought an iPhone sandwich with FA's funds' or 'where did 'neer's new car come from?' - transparency engenders trust. And the thing you're missing here is that I want to trust people. I really fucking do. I want to be able to look the site staff in the eyes and say 'you're doing a good job, this site's being managed well, the money's being spent where and how it should'. Believe me, and I've said this in the past: I want to say nice, positive things about FA, but until I'm given positive things to say, I'm going to stand on my soapbox being an irritable whore and you can't stop me.
As for 'only donators should have a say about how the site's run' - that's a shambles, and for somebody who thinks they're intelligent, that's even more depressing. The site doesn't run simply off of its paying patrons - the entire reason FA exists is because it's popular with the community it supports. Take away the non-paying majority and you're left with a site that wouldn't survive very long; the traffic simply wouldn't be worth the investment. And FA's rapidly showing itself as in danger of losing its top spot in the fandom - a spot it takes for granted simply by dint of being more established. In long and short: all users have a say on the site's running as all users are patrons. And no, I'm not saying that every small decision like Ice Cream Tuesdays should be considered - but likewise, denying users a voice is a fairly dangerous thing.
So, here's a question to YOU: what single reason can you give me for the FA staff not being transparent with their expenditures? You keep arguing that there's no point in having the information made available, so I will put to you the counter: what harm is there in allowing the patrons of this site to know how the funding for this site is being managed? Transparency isn't such a bad thing to ask for, is it?
Your first and second paragraph can be summarised in one sentence: "I would like to see how that money is being spent, because I don't trust the staff, and would like to see some transparency." Brevity is the soul of wit. But I liked the irratible whore part.
If you condensed your thoughts a little more efficiently then you'll come off as more of a critic and less of a mad raving bitch who takes a decade to make her point. Ditch the theatrics, give your fingers a rest and next time simply say "If you plan on asking for $15,000 in donations, why not be more clear about exactly what you'll purchase?" And then, and here's the important part: you let it go. Because you'll notice that I never said "only those who donate are allowed to make suggestions, demands, or recommendations." That's a convenient assumption you made on your own.
What I meant, and what I've always meant, is that "if you didn't donate, then don't bitch about how the donations are being spent." YOU DID NOT GIVE THEM MONEY, SO THEY ARE NOT MIS-USING ANY OF YOUR MONEY, SO YOU SHOULD NOT BE GETTING ANGRY OVER HOW THEY'RE SPENDING ALL OF THAT NOT-YOUR-MONEY. DON'T COMPLAIN ON THE BEHALF OF THE DONATORS. IF THEY FEEL THEY'RE DONATION WAS WELL-SPENT, THEN LET IT BE. IF THEY FEEL IT WASN'T, THEN LET THEM SAY IT. THIS IS NOT YOUR PROBLEM. MOVE THE FUCK ON.
You are getting upset over how other people are spending their money. This is what it boils down to. Because you suffered no loss, your opinion is worthless. You are not part of the party getting duped. And the party is getting duped only if you can prove that the money is being grossly misused. The only proof you have of that is hear-say. Hear-say is not enough to warrant an investigation on a non-charity donation program. My answer to your question is "lack of transparency hasn't stopped people from already donating $10,000 on faith alone, so clearly this isn't a concern to people actually giving up their money." Stop putting yourself in the shoes of the donors. You are not one of them.
This is all about you. You've wasted time and energy on something that does not concern you, other than a minute sense of "there has to be a better way to do this." But instead of leaving it at that, you continue to rant and rave about it, wasting your time even when you KNOW it's a waste of time. You have a problem.
Also, the reason people want transparency is a trust-building exercise. If they can show they can be trusted and transparent with where the money is going, then people would be more willing to not only emotionally support the site, but also financially as well. The issue is that there has been a LOT of hot air blown about "BIG CHANGES ™" coming to FA and it never happens, usually right after asking for donations with the promise that that is where the donations will go.
People can distrust the administration when their livelihood relies on whether or not the site can survive another year or two on it's bloated coding, without another massive security leak or without another major downtime (the DDoS isn't really their fault, I'm referring to all of the hardware failures and other crashes that should have been preventable with the servers they have and don't use).
As for people who put their livelihood on FA: bad idea. Won't even pad my words or sugar coat it. That's a terrible idea. You want to survive as an artist? Ger more venues than a furry DeviantArt. There are too many risk factors, and it's not the website's responsibility to accommodate your small business on their website. They allow digital vendors to peddle their wares, but this is simply a free online art gallery site.
It works for some, it might work for you for now, but that risk is one that you put on yourself, and it's a foolish risk at that. Ask your parents about putting all your eggs in one basket. If it's not the site shutting down, it's the possibility of getting banned, or hacked, or you simply losing popularity. Majority of people who take commissions on FA will make a hobbyist's wage that will only sustain them for about 5 years unless they expand and change they way they profit from their art. To do that, you have to go beyond making individual commissions on a site like FA.
I think we're done here. Don't call me c:
I think a HUGE reason a receipt of what is spent might benefit this site is because it would promote a lot of trust and show those who havent donated yet that if they do, it goes to good stuff.
It's not so much that they owe it to anyone to share the information, because as people have said, they don't owe it and don't HAVE to do anything. Technically, as this is their website, they could milk money out of all of us for x reasons and then not use the money for any of x reasons and I don't know if there would be anything we could do about it. Now, that'd be shady ass business of course, but thats why receipts are great.
its clear to me from reading comments that there is a huge amount of distrust in many people, so the receipts would help build more trust and show that things ARE happening.
Not saying they should, only that its definitely a nice option that would benefit them greatly in the end as a website owner looking to improve the site and looking to have people donate to help out =)
Hackers: Oh look, these people are nice and respect each other. (They) won't DDoS them. :3
Y'all kno it's true. *Cue drama starters and seekers*
Also, the DDOS didn't just affect furry sites. It also affected major US corporations.
You do know that furry is a choice, right?? "Marginalized groups" are people discriminated for things that they have no choice in, such as race/religion/sexuality.
This was not aimed at furries, if it was a chan or other group would have taken credit for it.
This is exactly why someone would DDoS this site.
The site goes down for a couple of days, and out the woodwork come the desolate furries. The amount of paranoia seen here can be viewed from the ISS. "THIS IS A HATE ATTACK/CONSPIRACY AGAINST US BY ANTI-FURS!" "THESE HACKERS SHOULD BE PUT BEHIND BARS!" "FA OMG I ALMOST DIED WITHOUT YOU! THOSE NAZIS HATE US!" And then here comes Dragoneer asking for money yet again as soon as the DDOS happens, ONCE AGAIN asking for new fancy servers without even THINKING about hiring some professionals to recode this old-ass broken website.
Never change, FA. Never change.
No one outside of furries actually cares about furries.
(Also, if you think a few days are a long time, try being back in 2008 when the site was down for a month. Why people keep all their commission information ONLY on a site that goes down more than a Thai hooker is beyond me.)
I found the whinery and bitchery also not to my taste, but I do think the people who did it should have a repercussion -- not because oh noes think of the furries! but because what they did was highly illegal and if they aren't stopped they might attack (Or have done more than just the current set of sites listed above) in the future/past.
Also, i'm not a furry but for me, if drawing them can net me some extra money I don't mind ^^ It's good to branch out art ability sometimes (At least for me), cuz it helps me stay fresh and learn new things =D
Take all my internets.
FA is offline? Time to catch up on some homework.
*Plays Steam games.*
Fuck it, I'll just say it.
Thumbs-up, buddy. You're one of the rare few who doesn't lose their shit over their precious Furry Deviantart getting shut down for a few days.
The problem I have with that is that I couldn't find any definition of what "inappropriate" might be. Please reply with a link if you have found one. It appears that GoFundMe don't have a transparent set of rules and appoint themselves judge, jury and executioner on a case by case basis. Whilst they are quite within their rights to decide what content is and is not acceptable on their website, I would be much more comfortable with an organisation that had a published statement of what their rules are enforced them fairly and consistently across all their users rather than an opaque, secretive process.
<looks>
Oh, yeah: here!
https://www.youtube.com/watch?v=tKK37G-ZWvk
People, expect more DDOS attacks in the future, because people like to see the (internet) world burn.... can't believe people enjoy doing this for fun or as a message to the world.
Inkbunny has been down for hours, as well.
If you want to help the Furry community you should help everyone.
There is also a class of attack known as an "amplified" attack where the attacker sends a small message to a program on the server that it knows will respond with a much bigger message. That way the server can be tricked into using up all the outgoing bandwidth.
I build virtual server products. In many cases I will put more virtual machines on a physical machine than it could serve at the same time. That's totally an OK thing to do. It takes advantage of the fact that not everyone is working flat out all the time so, on average, there is enough processor, memory and disk speed to get the work that all the machines were doing done. That's how virtual provides offer attractive prices; You don't want to pay for a dedicated server for your site (that's why you went virtual) so, if the provider can fit say 8 web sites onto a server that only has enough grunt to do 4 flat-out then the server cost gets halved, as long as each of the servers isn't busy more than half the time. This is fine until somebody doesn't play fair either intentionally by hosting something like Glastonbury ticket sales on it or unintentionally when somebody deliberately DDoSes it to soak up resources.
If the server has been instructed not to serve the site then there will be no improvement in the incoming network usage but it will cause less impact on the server because it is ignoring the requests rather than trying to honour them. "Shutting down" the site may not be telling the server not to serve it. The provider may tell their network routers not to allow the traffic onto their network. This keeps the load off all the servers. They may have gone further than that and asked the company they get their Internet from to not deliver traffic to that IP address. That definitely gets rid of the whole problem from the hosting provider's point of view. The site may well have still been up but the traffic couldn't get to it.
I'll try to sum it up:
1. FA's got shitty hosting which is unable to provide advertised bandwidth, memory and CPU time.
2. When DDoS came, FA's site software started using these resources, and since virtualization usage limits were not set to values adequate to real hardware limits because of "effective management", the whole hosting went down.
3. Instead of attempting to analyze DDoS traffic for specific data patterns to filter it out at routing level, the hosting just set their border gateway to reject any data addressed to FA to save bandwidth and, subsequently, memory and CPU time.
Am I correct?
When the DDoS came, it was too much for Inforelay's network to handle. (And this was impressive because Inforelay has a 10G fiber connection.) FA was the target, but other sites on Inforelay's network became unavailable as well. When Inforelay identified the problem, they had to block access to FA, to try to reduce the load on the rest of Inforelay's network.
The software involved doesn't even matter. The problem was simply the amount of incoming traffic flooding Inforelay's gateway.
a ddos is usually also from what I understand done from sometimes hundreds of computers that were infected by a program that then send packets of data to the attacked place which then clog up the system if the system isn't good enough to handle it.
Try updating your hosts files to the MVPS Hosts files or something better, maybe that'll help.
Magic Actions is life
<3
What I mean is that who ever did this must of had a lot of spare time in his or her hands.
i can't say names though, but it's someone who's had his eye on FA for YEARS.
They've had horrible issues that cost them 10s of thousands due to "bad code" on a certain Black Friday shitstorm
welcome back i guess.
How convenient.
What's not to hate?
Jokes aside, that's simply untrue...
AHAHAHAHAHA. Attend a few cons and you'll see the true nature of furry bubble right up to the surface.
https://www.youtube.com/watch?v=v3rhQc666Sg
Okay, i'll just restate to clear things up.
I, and I imagine others, would like to be kept informed on whether or not you receive your shirt as promised. (Evidence suggests you will, as Dragoneer now has managed to finagle the contact information of the donators out of gofundme)
Where's the money going to? You owe the government a large sum of money - was that donation drive to partly pay for your failings to pay your own bills ($10,000 in tax)?
What about those who donated money for rewards - will they be getting the rewards they paid for? If not, can you/will you give refunds? If you're not going to give refunds, or unable to, how will you compensate those who paid for higher-tier rewards?
You said that you'll be using the money to move FA to a new server (or whatever), but you already had DDoS protection in place. Does FA have CloudFlare already?
Can we even trust your word anymore?
Basically what you're saying is that things should never be open to critique, and that anyone who wants to give critique should just leave. Lol, no.
Here, I'll copy/paste some highlights:
When asked what the money was for, Neer replied: "To help pay off debt, invest in coding, software and help bring people on for staff."
As for whether the "debt" mentioned here was or was not a direct result of the costs of running FA, I'll let this tweet do the talking: "People also don't realize hosting is expensive. I can't keep letting it tap me out of pocket. Even if it's a lil' here and there."
Judging by this reaction, "GoFundMe has re-instated my account so I can get contact and get donator info! Hurray. =3", it's probably safe to assume he intends to keep his promises.
Was FA already on Cloudflare? That's explained in this conversation. In short, the image servers were on a CDN ("facdn.net"), but the main site was not. (And now it is.)
It's very likely that this tweet is a response to people calling for increased transparency: "As part of the fundraiser we've upgraded our live monitoring/site status. You can now find stats/historical uptime at http://status.furaffinity.net/"
Can we trust Neer's word? Some folks will say no. Some folks will say yes. I say he seems to me like a generally honest person; perhaps not perfect, and certainly not immune to the occasional mistake, but he's learning, just like the rest of us are in this imperfect and mistake-ridden world. At the very least, I would encourage people to try to give him the "benefit of the doubt". Even on the best of days, keeping a site and community like this one together isn't easy!
The DDOS started on the 14th. The Reddit thread for discussing the DDOS was created on the 17th. (Look at how many commenters were requesting a way to contribute.) The GoFundMe campaign went live and was announced on Neer's Twitter around 7 hours after that.
I even checked to confirm that no donations were received before then: The very first donation didn't occur until several minutes after the donation campaign was announced on Twitter. (I even got the name of the first person to donate, but I won't share it because I respect that fox's privacy.) Again, that was on the 17th, and the DDOS started on the 14th.
The information contained in those links should be slightly more convincing than a single Photoshopped screenshot that doesn't even show the information that its caption says it does.
The creation of the GoFundMe campaign had nothing to do with the DDOS. It had to do with Neer needing money to finally improve the site. In his own words, "To help pay off debt, invest in coding, software and help bring people on for staff."
The campaign was actually in the works for quite some time, and just went live much earlier than planned because of dozens of people on that Reddit thread asking for a way to contribute to Neer's switch to distributed hosting.
Wish I coulda helped donate to the go fun me but my wallet is also tight right now D: Here is hoping though that things in the future will be brighter. I think its great that you guys are helping out the other badly hit site. :3
Not to mention, that we might have seen an honest extend of a proper NTP attack...its am amplified attack that does some massive damage - pretty much like the current OP weapon in the DDoS-land. Cloudflare has a nice article about it, too.
You may want to seek into using multiple datacenters - aka. gateways. Why? To consume massive damage over multiple edges. Just one guess, tho o.o
All of this.
(But screw weasyl and inkbunny, even though they were also affected?)
FURRY SITES WERE NOT THE ONLY SITES EFFECTED. WALMART, NORTON, AND A BUNCH OF OTHER LARGE US BASED WEBSITES WERE TAKEN OUT. STOP CLAIMING IT WAS ONLY TARGETED AT FURRIES. YOU AREN'T HELPING.
The only people targeting furries these days are other furries.
Ummm it's basically about the a race of aliens that get exiled
and its sort of like this DDOS attack.
Cuz you know that the people, whoever they are
are furry haters. or just jerks...
anyway that's the basics of all of this
a world going into chaos and we need to leave it before it self destructs
I was just being a tad silly yaknow.
At least the denial of service is over.
-hugs-
thanks
Am I going to make a big deal about it? No
Honestly, I feel like some people are a little too attached to this site.
Seriously people, some of you get so worked up over a stupid website being down for a couple of days.
Something like this happening does not surprise me at all lol, it's FA for god sake, people should be use to things like this happening