Lusitano's Avatar, Join Date: Mar 2009
Go4Expert Member
Quote:
Originally Posted by shabbir View Post
Well Actually DDoS attacks cannot be stopped but can be prevented and there are organizations working for this.
Well, the truth is i dont know much about these matters. I never really took much interest in learning stuff related to hacking till today, after this happened. Im not a programer or anything like that, so my knowledge on this issues is prety basic. Im kinda having an headache from all the explanations and terms i had to look into while researcing on this. But back to the point... as far as i researched it doesnt look like i can prevent this guy from doing it again if he ever feels like it. And i must confess this is not a pleasant thought.
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
No. You get a host where there are firewalls against DDoS and if you want to prevent your personal PC from this its quite easy.

Just close all the ports connection apart from the one through which you connect internet or get some Good Norton and that would do the trick. Norton even protects from the Port Scanning which
Lusitano's Avatar, Join Date: Mar 2009
Go4Expert Member
Quote:
Originally Posted by shabbir View Post
No. You get a host where there are firewalls against DDoS and if you want to prevent your personal PC from this its quite easy.

Just close all the ports connection apart from the one through which you connect internet or get some Good Norton and that would do the trick. Norton even protects from the Port Scanning which
Are you sure Norton would solve this kind of problem? I mean... this guy says he can do this to a cable company that payed 10.000 euros to have protection against it. It's hard to believe the answer is Norton. And about "closing the ports"... could u give me some hints on how to do that if it's not asking too much?
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
Norton is definitely a solution because DDoS needs to request some data from your PC and if Antivirus Stops the Port Scanning chances are it can stop that to an extent.

Also you can have Hardware Firewalls to protect from DDoS Specially.

Search for DDoS Hardware Firewalls and that should help
xpi0t0s's Avatar, Join Date: Aug 2004
Mentor
Sounds like he's nothing but a common thief, using bribery tactics to try to make you pay. He's probably just a script kiddie too with no actual skills of his own (otherwise he'd be out using them in an honest job).

Well if you do pay there will be no guarantee he won't keep doing it when he wants more money. Protection rackets give you no protection at all and just gives your attacker more drug money.

Maybe he has got people paying him $0,000's in protection money but you already know he's a thief; how do you know he isn't lying about that too? Has he shown you receipts and have you confirmed the payments with the alleged victims? If not then take ALL his claims with a LARGE pinch of salt.

So ignore him. If you must respond, tell him clearly you're not going to pay him a penny no matter what he does and once he gets that message he'll leave you alone and move on to someone else. He can't DDOS everyone he threatens, and it's more likely he's only using DDOS as a threat.

A DDOS (distributed denial of service) is a realistic threat; partly thanks to Windows insecurities but to a large extent stupid users (people who can't resist clicking on "I love you" even if they've been virus infected and LARTed multiple times before - there is virtually no limit on human stupidity) there are many "zombie" machines out there - that's a broadband connected PC with some malware that the owner doesn't know about and that can be controlled by people like this.

But a *permanent* DDOS is no threat at all, and that's what lying thieves like this fail to point out. They just let you make that assumption for yourself. If he were to setup a permanent DDOS, and his allegedly 10 million machines all continuously attack your IP, then the solution is to get a new IP address, and the only way he can tell if that new IP address is you is if you tell him. If he blocks that then repeat until he can't block any more. He can't possibly block the whole internet. Plus if these zombie machines ARE continuously transmitting to your IP then they can be traced and shutdown.

If you have no internet connection then complain about this to your ISP; it's their job to get you connected and if their systems are prone to DDOS attacks then that's their problem not yours.

Make sure you have a firewall on your system. I use Windows firewall which seems to be good enough; it prevents inbound stuff but does nothing about outbound connections. I used to use the free version of Kerio Personal Firewall which is very good and has a configuration mode whereby any inbound or outbound connection gets reported to you and you get to choose between Always allow, Allow once, Disallow once and Always disallow. This is tedious in the early days as just about everything you do results in a popup but pays huge dividends as you build up a rule database. It also has a stealth mode whereby any blocked inbound connection isn't immediately rejected (which confirms to a cracker/script kiddie that there is a PC at that location) but ignores it - no response at all suggests there ISN'T a PC there.

(I stopped using Kerio because I got a second PC and wanted to connect it to the internet through the first. Kerio Free doesn't support this configuration and you have to get the paid version. However Windows Firewall *does* support this configuration, hence the switch. The outbound stuff Kerio would have picked up would be down to malware on the computer which would be picked up by AVG and/or Spybot Search&Destroy anyway, so I decided I didn't need the outbound stuff anyway. But if you don't want to use your PC as a gateway for other PC's then Kerio is a good choice if you're concerned about what your IP layer is getting up to.)
Lusitano's Avatar, Join Date: Mar 2009
Go4Expert Member
Quote:
Originally Posted by xpi0t0s View Post
Sounds like he's nothing but a common thief, using bribery tactics to try to make you pay. He's probably just a script kiddie too with no actual skills of his own (otherwise he'd be out using them in an honest job).

Well if you do pay there will be no guarantee he won't keep doing it when he wants more money. Protection rackets give you no protection at all and just gives your attacker more drug money.

Maybe he has got people paying him $0,000's in protection money but you already know he's a thief; how do you know he isn't lying about that too? Has he shown you receipts and have you confirmed the payments with the alleged victims? If not then take ALL his claims with a LARGE pinch of salt.

So ignore him. If you must respond, tell him clearly you're not going to pay him a penny no matter what he does and once he gets that message he'll leave you alone and move on to someone else. He can't DDOS everyone he threatens, and it's more likely he's only using DDOS as a threat.

A DDOS (distributed denial of service) is a realistic threat; partly thanks to Windows insecurities but to a large extent stupid users (people who can't resist clicking on "I love you" even if they've been virus infected and LARTed multiple times before - there is virtually no limit on human stupidity) there are many "zombie" machines out there - that's a broadband connected PC with some malware that the owner doesn't know about and that can be controlled by people like this.

But a *permanent* DDOS is no threat at all, and that's what lying thieves like this fail to point out. They just let you make that assumption for yourself. If he were to setup a permanent DDOS, and his allegedly 10 million machines all continuously attack your IP, then the solution is to get a new IP address, and the only way he can tell if that new IP address is you is if you tell him. If he blocks that then repeat until he can't block any more. He can't possibly block the whole internet. Plus if these zombie machines ARE continuously transmitting to your IP then they can be traced and shutdown.

If you have no internet connection then complain about this to your ISP; it's their job to get you connected and if their systems are prone to DDOS attacks then that's their problem not yours.

Make sure you have a firewall on your system. I use Windows firewall which seems to be good enough; it prevents inbound stuff but does nothing about outbound connections. I used to use the free version of Kerio Personal Firewall which is very good and has a configuration mode whereby any inbound or outbound connection gets reported to you and you get to choose between Always allow, Allow once, Disallow once and Always disallow. This is tedious in the early days as just about everything you do results in a popup but pays huge dividends as you build up a rule database. It also has a stealth mode whereby any blocked inbound connection isn't immediately rejected (which confirms to a cracker/script kiddie that there is a PC at that location) but ignores it - no response at all suggests there ISN'T a PC there.

(I stopped using Kerio because I got a second PC and wanted to connect it to the internet through the first. Kerio Free doesn't support this configuration and you have to get the paid version. However Windows Firewall *does* support this configuration, hence the switch. The outbound stuff Kerio would have picked up would be down to malware on the computer which would be picked up by AVG and/or Spybot Search&Destroy anyway, so I decided I didn't need the outbound stuff anyway. But if you don't want to use your PC as a gateway for other PC's then Kerio is a good choice if you're concerned about what your IP layer is getting up to.)
Well, 1st of all you don't need to get so worked up. Ahah! Its not like he's asking me for money. He actualy got my IP through my msn cause i use to talk to his sister in there and they share that msn account. And yesterday i guess maybe he decided to do that to "prove" who knows what. But no matter what the case might be i didn't find it funny at all and was hopping there would be a way to block that anyway. I have instaled Norton 2009 now as i was advised and found out a so claimed anti-ddos firewall called Fort-Guard, so lets hope it will be worth the trouble. It's not a matter if he will do it again or not... the matter is he can do it. And thats what i don't like. So if theres a way to prevent it i want to know how.
indiansword's Avatar, Join Date: Oct 2008
Security Expert
lol i wasnt wrong. i was about DoS and xpi0t0s spoke about Ddos.

Yes but a very good thing he said was:
You should tell him "m not gonna pay u, do whateva u want with my comp". Ususally if u think from the point view of a hacker, he probably wud think, " there are millions of ppl out there who dont know anything, and this guy is still researching on it, so rather than wasting more time on u, lets move to someone else, probably i wud be paid more"
xpi0t0s's Avatar, Join Date: Aug 2004
Mentor
Fair enough, and obviously I didn't read the whole conversation either (mainly because I find this whole txtspk stuff* difficult to understand) but I did pick out the following bits:

the cable guys from this town
paid 10 000 euros
to buy protection for that

i got people
paying me 1000$ US
and much more

if i attack ur ip
u can put as much firewalls as u want
but i'm attacking from 100+ servers
which can upload 10MB/s
and u can't find a firewall which can support that big attacks

to anyone i know hiz ip adress
i can shut it down permanently, untill he changez the ip


Yes, I missed the bit about him being more or less a friend because you know his sister; you could possibly have made that a little clearer; usually when people complain about "being hacked" it's by a stranger.

*Frxpl, fImsutltrpkdtndm, ncdgspc, uwnthvukgclhI'alnbt.
Lusitano's Avatar, Join Date: Mar 2009
Go4Expert Member
Quote:
Originally Posted by xpi0t0s View Post
Fair enough, and obviously I didn't read the whole conversation either (mainly because I find this whole txtspk stuff* difficult to understand) but I did pick out the following bits:

the cable guys from this town
paid 10 000 euros
to buy protection for that

i got people
paying me 1000$ US
and much more

if i attack ur ip
u can put as much firewalls as u want
but i'm attacking from 100+ servers
which can upload 10MB/s
and u can't find a firewall which can support that big attacks

to anyone i know hiz ip adress
i can shut it down permanently, untill he changez the ip


Yes, I missed the bit about him being more or less a friend because you know his sister; you could possibly have made that a little clearer; usually when people complain about "being hacked" it's by a stranger.

*Frxpl, fImsutltrpkdtndm, ncdgspc, uwnthvukgclhI'alnbt.
As far as i see you got the most important parts of what he said. Some cable company payed 10.000 euros to buy protection from ddos and he claims he can still bring it down in 1second if he wants, and he gets payed 1.000 or more by people that wants him to teach them to do that. So looking at that it doesn't look like he is a beginer. And to make it clear... I don't really know him. I've known his sister (not personaly) for like half an year, but don't know much about him exept for what she tells me. I'v been playing a game called Conquer Online for quite some time (that's where i first knew her) and that guy can bring the servers down everytime he wants. So i guess all this tells a bit about the threat he can pose to me or anyone if he wishes. Even though he told me not to worry it's not like i fully trust him either. Otherwise i wouldnt be diging info arround about all this stuff. And no matter if he poses a threat to me or not i'd like to be protected if that was possible. And you never know when somone else will try to do the same. I never knew this kind of attack was possible, so yeah, i'm taking it seriously.
shabbir's Avatar, Join Date: Jul 2004
Go4Expert Founder
If he can break a DDoS hardware firewall then probably he would be working into that Firewall company by now then.