patents Posted August 7, 2018 Share Posted August 7, 2018 Is tommy down? Quote Link to comment Share on other sites More sharing options...
wolstech Posted August 7, 2018 Share Posted August 7, 2018 Yes it is. Supposedly the ddos from Johnny moved there because we took Johnny down for maintenance... Quote Link to comment Share on other sites More sharing options...
Spaceium Posted August 7, 2018 Share Posted August 7, 2018 (edited) I suspect that the attack is coming from this address, please use caution, and do not click on it as it is unsecured. lilo.merchantsuniveral.com or http://he.net/%22 or https://stress.wtf/ and a possible IP, 89.238.139.52 Edited August 7, 2018 by fgrp Quote Link to comment Share on other sites More sharing options...
alein Posted August 8, 2018 Share Posted August 8, 2018 This site information you mentioned is all sites attacking servers and this is a big problem for us Quote Link to comment Share on other sites More sharing options...
wolstech Posted August 8, 2018 Share Posted August 8, 2018 It's a botnet (or someone else with a large and random IP pool), not a single source. If we block one IP, the attack just comes from elsewhere... Quote Link to comment Share on other sites More sharing options...
bibash Posted August 8, 2018 Share Posted August 8, 2018 I have host my sites in tommy, is this reason I am getting error below? ForbiddenYou don't have permission to access / on this server.Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request. Quote Link to comment Share on other sites More sharing options...
sagnik Posted August 8, 2018 Share Posted August 8, 2018 I think no. It's probably the cause of incorrect .htaccess settings. You can check if I'm right by removing .htaccess.I think the error is caused by an incorrect URL Rewriting or you have turned off DirectoryIndex. Quote Link to comment Share on other sites More sharing options...
wolstech Posted August 8, 2018 Share Posted August 8, 2018 @sagnik: Nope. The /home1 volume (which contains his home folder) isn't mounted for some reason. He wouldn't even be able to get to an htaccess file because as far as the server is concerned, his home folder is missing. Most users with an account created on or after April 19th 2018 probably have an account with their home folder on /home1...the /home1 was the added space from our NAS purchase. It probably dropped offline due to the DDoS traffic or the null routing yesterday and just needs to be remounted. The bad news is I don't know how to do that, which is why we're waiting for Krydos... Quote Link to comment Share on other sites More sharing options...
Luigi123 Posted August 8, 2018 Share Posted August 8, 2018 Moved to Questions. Quote Link to comment Share on other sites More sharing options...
sagnik Posted August 9, 2018 Share Posted August 9, 2018 Okay. I got it. So did you find out where the attack came from? Quote Link to comment Share on other sites More sharing options...
wolstech Posted August 9, 2018 Share Posted August 9, 2018 It's a botnet, so impossible to identify the source. The actual attack looks like it's coming from all over the world since botnets are usually made up of random PCs that have malware. 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.