Forum availability

[Xan]

Hi folks,

Sorry about the recent availability issues. It looks like we're receiving a DOS attack from Singapore, Russia, and Vietnam. I've blocked a bunch of IP addresses.

[yankees60]

Hi folks,

Sorry about the recent availability issues. It looks like we're receiving a DOS attack from Singapore, Russia, and Vietnam. I've blocked a bunch of IP addresses.

Thanks for defending us!

[dualstow]

I wonder what they want with a little forum.

[Xan]

Some men just want to watch the world burn.

[yankees60]

I wonder what they want with a little forum.

It's not like if they establish a beachhead here that that allows them to conquer all the rest of the world's forums ...

[Mountaineer]

Thanks for the update Xan, and for all you do to administer this forum.
Blessings.

[dualstow]

Some men just want to watch the world burn.

Felt like a quote, but I had to look it up.

Thank you, Xan, for your hard work and time put in.

[Xan]

There have been a lot of robotic user registrations lately. 497 of 3,352 total accounts were registered in the past week.

These accounts don't seem to be spamming the forum. The only effect seems to be that I'm getting a fair number of email bounces from registration confirmation emails.

The email addresses seem to often be in different countries from the IP addresses. My only guess at this point as to why somebody is doing this is to cause people to click Spam in order to keep the forum from being able to send email notifications to anybody. At least, that's the only effect I can see, so it's my guess as to the purpose. Why somebody would want to do that, I don't know.

I've switched from a simple "type the letters in this image" to reCaptcha on the registration page. Let's see if it helps.

[Mountaineer]

There have been a lot of robotic user registrations lately. 497 of 3,352 total accounts were registered in the past week.

These accounts don't seem to be spamming the forum. The only effect seems to be that I'm getting a fair number of email bounces from registration confirmation emails.

The email addresses seem to often be in different countries from the IP addresses. My only guess at this point as to why somebody is doing this is to cause people to click Spam in order to keep the forum from being able to send email notifications to anybody. At least, that's the only effect I can see, so it's my guess as to the purpose. Why somebody would want to do that, I don't know.

I've switched from a simple "type the letters in this image" to reCaptcha on the registration page. Let's see if it helps.

Perhaps it’s AI trying to learn all the wisdom presented by this outstanding group of gurus and wizards.

[Xan]

Okay, I've determined that we've been under a distributed "Slow Loris" attack. Having deployed specific countermeasures to that, I should no longer need to be playing whack-a-mole with IP addresses.

No idea why anybody would want to shut down this forum, though.

[Smith1776]

Okay, I've determined that we've been under a distributed "Slow Loris" attack. Having deployed specific countermeasures to that, I should no longer need to be playing whack-a-mole with IP addresses.

No idea why anybody would want to shut down this forum, though.

My money is on a salty bogleheads forum member that doesn’t like us.

I can think of a few.

[Mountaineer]

Okay, I've determined that we've been under a distributed "Slow Loris" attack. Having deployed specific countermeasures to that, I should no longer need to be playing whack-a-mole with IP addresses.

No idea why anybody would want to shut down this forum, though.

Wow! Thanks again Xan for all you do. I'd never heard of that "Slow Loris" attack. The nefarious do-badders are certainly crafty beasts.

[dualstow]

https://en.wikipedia.org/wiki/Slow_loris

https://en.wikipedia.org/wiki/Slowloris_(cyber_attack)

[Vil]

Last year, as we went live with a project in Germany, all attacks came from Russia.
Off:
Just 6 months before the suggested date of Bulgaria joining the EURO area, our president decided its good to have a referendum against accepting the EUR currency, nice, ah. Russian hands are long, very long.
Yet another recent case, you might not be aware of, but widely proclaimed : Six Bulgarians jailed after spying for Russia in UK.

[boglerdude]

botnets practicing and probing. The only evil genius that thinks about this forum is vinny

[dualstow]

Last year, as we went live with a project in Germany, all attacks came from Russia.
Off:
Just 6 months before the suggested date of Bulgaria joining the EURO area, our president decided its good to have a referendum against accepting the EUR currency, nice, ah. Russian hands are long, very long.
Yet another recent case, you might not be aware of, but widely proclaimed : Six Bulgarians jailed after spying for Russia in UK.

I heard about the spy case, but forgot they were Bulgarian.