ok... all you people out there hosting a site on ur mac... lets talk

[walkingmac]

ok.... we have spent time to develop a site, get the best machine we can with the best operation system to use... only to find that when we look in our server logs and find all this DOS !@#$% in our logs. Stupid windoz hackers with nothing better to do then to surf the web and find the doors that microsoft left open and exploit them. Well my friends, we learned not to go that route, but yet they still try like flys on a window pane. Well I say it is time we strick back (sorry, if this is an inappropriate thing to have on this forum them please notify arn and have it removed (sorry arn))

I am calling for info on how to flood, nuke, ping of death, anything that will force them to have to restart their machine or give them a nucence for a change.

Like for me I run GeekTool on my desktop so can see who is accessing my sites, when and so on... plus it gives me their ip address in real time. there has to be a way to use that info and strick back at ppl who are tying to abuse my machine.

Any help?

 

[mnkeybsness]

just because someone is being a jerk to you doesn't mean that you have to return the favor.

just leave them be. back up your data often. remember the good people in the world.

 

[whocares]

What kind of abuse do you get? Serious abuse?

 

[edesignuk]

Yeah, the best thing you can do is report the IP addresses to the ISP's that own them.

 

[jonapete2001]

Dude this would be totally against the law. i cant believe you actually requested help on doing denial of service attacks. Why would you ask here when you can find stuff like this on google.

It is wrong to ask stuff like this in a legitamit forum

 

[Rower_CPU]

Sad thing is, there's a good chance that the IPs you're seeing are from less fortunate machines that have already been taken over.

Like edesignuk said, report them to their ISP and let them track it down.

 

[Makosuke]

Agreed. As desperately tempting as it is to do something in retribution, probably the "worst" you can do is to report to ISPs.

If the hackers have even a fragment of skill, the IPs you're seeing are probably compromised computers owned by unsuspecting people. Reporting those IPs to the ISP that owns them should get them to contact the people and fix the security breaches, at least removing some drones from the hackers' arsenal, and helping out an innocent.

If the hacker is so pathetic they're using their own machine with a traceable IP address, then the ISP should shut them down, causing him/her even more of a nusiance.

 

[walkingmac]

I can argree with you all (sorry I was getting a bit upset the day about and kinda blew up on the forum). What I wanted was to see these people stopped. Cuase while they probably can't attack my mac machine that well (it seems they are tageting NT servers) cause they probably don't wouldn't know how, if it is not my machine it is someone else who is completely unexpecting of this. Sorry i was a bit vigilantic about the opening post. You all are probably right that reporting the address is the most proper thing to do, can someone describe what steps that entails please.

(sorry if i ruffled anyone's feathers the wrong way)

 

[walkingmac]

Originally posted by Makosuke
Agreed. As desperately tempting as it is to do something in retribution, probably the "worst" you can do is to report to ISPs.

If the hackers have even a fragment of skill, the IPs you're seeing are probably compromised computers owned by unsuspecting people. Reporting those IPs to the ISP that owns them should get them to contact the people and fix the security breaches, at least removing some drones from the hackers' arsenal, and helping out an innocent.

If the hacker is so pathetic they're using their own machine with a traceable IP address, then the ISP should shut them down, causing him/her even more of a nusiance.

to this.... can the ISP track that as well? Could they tell that 'o, this guy was just being used by someone else' or is that not a reality. The last thing I would want to do is report of this behavior and some inocent person gets the heat from someone elses jerking around in M$ playland

 

[Makosuke]

Originally posted by walkingmac
to this.... can the ISP track that as well? Could they tell that 'o, this guy was just being used by someone else' or is that not a reality. The last thing I would want to do is report of this behavior and some inocent person gets the heat from someone elses jerking around in M$ playland

I'm not an expert, but it probably depends on the technique being used, the skill of the hacker, and how much the ISP cares.

In any case I expect an ISP would be a lot more likely to let a guilty hacker go if he/she pretended his/her computer was compromized than to disconnect a user with a compromized computer. Of course, if people were more careful about security on their DSL/Cable connected computers, DDoS attacks wouldn't be such a big problem, so a bit more than a gentle warning is probably in order for unsuspectinig accomplices, anyway.

As for how to report, first find out who owns the block of the suspect IP. You can use an online tool like SamSpade.org, or just use the Whois section of OSX's Network Utility (whois.arin.net probably gives the best results).

That should tell you who owns the IP address. Once you've got that information, try to find the ISP's homepage. Most ISPs have a place to report abuse, and you can use that to inform them of the offending IP address, the nature of the abuse, and the exact times of the accesses (they'll probably need that sinice many ISPs don't use dedicated IP addresses). I've occasionally had an ISP follow up with requests for more info to help them track the bad behavior.

If there is no obvious place to report abuse, try e-mailing abuse@[ispdomain.com], which for any decent ISP should work.

Hope that gets you started.

 

[5300cs]

Not to dampen the mood or anything, but depending on where the offenders ISP is, reporting them may have no effect.

My friend was attacked from an IP in South Korea, and he took all the info (IP address, etc) and sent it to their ISP. The next day he was attacked 5 more times within 3 hours.

But, if they are from the US, then your chances are pretty good. Getting a broadband account is much more difficult than getting a dial-up account, so having it shut down would be a major pain in the rear for them.

 

[mymemory]

Nuke those bastards!