Ashoat Posted May 14, 2010 Posted May 14, 2010 I'm working on it. I've narrowed it down to one IP. As a result, only about 1000 accounts are down right now. I'm going to run through a binary search to figure out the offending site. I'll let you know as soon as we've figured anything out.
MrAss69 Posted May 14, 2010 Posted May 14, 2010 HelioHost Account Queued Ahoy! You're seeing this page because HelioHost has not gotten about to installing and configuring your account yet. This process usually takes 24 hours, and once it is complete your website should show up properly. While the account is being created we suggest taking a look at your control panel. Thanks for choosing HelioHost! We wish you good luck with your website. Sincerely, The HelioHost Staff So I guess, I'm one of the lucky guys whose accs are down?
Sentinel Posted May 14, 2010 Posted May 14, 2010 No this means it'll take about 24 hours to get your account deamonized(created) So you don't have an account right now, it's in the process of being created, see one of the other threads. Lol more DDoSing? stupid skiddies.
MrAss69 Posted May 14, 2010 Posted May 14, 2010 Ehm, then I wonder what I did the whole day? The account was already created, but now it seems to have disappered... Files are still in my directory on the server, MySQL-DB's still there but showing 0,0MB within cPanel (PHPMyAdmin shows that there's data though)...
Sentinel Posted May 14, 2010 Posted May 14, 2010 Oh i see... Hrm, well perhaps the server lost your stuff? I dunno, I'm not sure this is the place to chase this up. But here's a tip, back up regulary or whenever you make big changes.
MrAss69 Posted May 14, 2010 Posted May 14, 2010 Okay, just one last OT before getting back to business... I was working on my site, when the DDoS started -> Unable to connect to anything here After the server went back on -> Data's still there, but I'm getting this error, that my account would be queued when I'm trying to access it via web This seems to be a problem related to the DDoS-Attack...
Sentinel Posted May 14, 2010 Posted May 14, 2010 Okay, just one last OT before getting back to business... I was working on my site, when the DDoS started -> Unable to connect to anything here After the server went back on -> Data's still there, but I'm getting this error, that my account would be queued when I'm trying to access it via web This seems to be a problem related to the DDoS-Attack... Then, if it's just an error relating to the DDoS, there's not much anyone can do, in my opinion. Unless the root admin buys a super expensive firewall, and wastes $1000+ p/month. That's won't offer a guarentee. Just wait it out until the attack has finished. djbob person.. nosey question; on average how long do the attacks last? Do the IP's have a similar stringed IP? Throughout all the recent attacks? Tell me to shut up, if I'm being too nosey.
Ashoat Posted May 14, 2010 Author Posted May 14, 2010 Okay, I've identified the account getting attacked. It's "biberhapi.com". I don't know what they're about, but I'm going to quarantine that account off on the old IP and move everyone else over to a new one. A script is currently running to perform the switch. It probably won't take more than an hour.
King Gamer Posted May 15, 2010 Posted May 15, 2010 I just looked at a google cached copy of the site(used google translate) and it apears it is a site about some weight loss drug.
Tony M Posted May 16, 2010 Posted May 16, 2010 From 2 days ago I when I was accessing My website, I waited more than 5 minute so than the page is completely loaded. Yesterday I was accessing Helionet.org and I received an error (this might be the problem that You are talking about). Today My website loaded in only 15 seconds (not 5 minutes like 2 days ago). So I think that all Errors are Now Corrected.
Bruno Posted May 17, 2010 Posted May 17, 2010 whooops wrong place was meant as a replay to http://www.helionet.org/index/index.php?showtopic=6216 poted on wrong window >.> I had the same problem, and needed some traceback Used this simple script, i hope it helps others to save time .... _application = django.core.handlers.wsgi.WSGIHandler() def application(environ, start_response): environ['PATH_INFO'] = environ['SCRIPT_NAME'] + environ['PATH_INFO'] # return [myresp,] try: return _application(environ, start_response) except: start_response("200 OK", [("Content-type", "text/plain")]) tb = "Unexpected error: "+ str(sys.exc_info()[0]) tb = tb+"\nError was: "+str(sys.exc_info()[1]) # traceback.print_exc(file=sys.stdout) tb = tb+"\nTraceback was: "+repr(sys.exc_info()[2]) tb = tb + "\n PATH was: "+str(sys.path) return [tb,]
Col Posted May 27, 2010 Posted May 27, 2010 I just looked at a google cached copy of the site(used google translate) and it apears it is a site about some weight loss drug. Odd isn't it - why would anyone want to DDoS what appears to be a Turkish site selling from what I can work out, peper as a weight loss drug??
King Gamer Posted May 28, 2010 Posted May 28, 2010 Well, it couldbe that someone bought it and realized that it didn't work and was mad. Howerver, this is just theriozing(sp?) because i dont know if peper works.
Recommended Posts