Pages:
Author

Topic: MTGOX ordering DDOS ATTACKS!?!?!?!!? (Read 5337 times)

member
Activity: 88
Merit: 10
November 04, 2012, 08:44:05 AM
#45

heh - thanks for this nice story from Gibson.. I love that guy scince 1999 Smiley   This link was such a pleasure to read.. Thanks You MPOE-PR !
+1
hero member
Activity: 756
Merit: 501
There is more to Bitcoin than bitcoins.
November 01, 2012, 01:59:07 PM
#44

I don't think Russian courts care about slandering Japanese or American businesses doubt this lawsuit would go anywhere. I also doubt Gox would denial of service their competitors when they don't really have any on their level.

More likely some guy had his money seized by BTC-E for shady trading and reacted by slamming their servers and 'support' is just joking with the idiots in chat

Yeah that, it was very tongue in cheek from a non native English speaker. If you've been around and seen the user "support" 's mishandling of dialogue and sense of humor, you know it wasn't a real accusation, just a quip to say they're number two and getting more serious everyday.

Support had no idea who was DDOSing them when asked and assumed it was a random idiot like we all do.
Great, what a culture shock for some!
full member
Activity: 238
Merit: 100
November 01, 2012, 10:55:32 AM
#43

I don't think Russian courts care about slandering Japanese or American businesses doubt this lawsuit would go anywhere. I also doubt Gox would denial of service their competitors when they don't really have any on their level.

More likely some guy had his money seized by BTC-E for shady trading and reacted by slamming their servers and 'support' is just joking with the idiots in chat

Yeah that, it was very tongue in cheek from a non native English speaker. If you've been around and seen the user "support" 's mishandling of dialogue and sense of humor, you know it wasn't a real accusation, just a quip to say they're number two and getting more serious everyday.

Support had no idea who was DDOSing them when asked and assumed it was a random idiot like we all do.
hero member
Activity: 899
Merit: 1002
October 28, 2012, 08:48:39 PM
#42
That's one hell of an accusation to make without evidence, and making it without proving it can only damage BTC-e's reputation.

Explain yourself BTC-e support.
Seriously, that could be grounds for a lawsuit under slander/libel.

I don't think Russian courts care about slandering Japanese or American businesses doubt this lawsuit would go anywhere. I also doubt Gox would denial of service their competitors when they don't really have any on their level.

More likely some guy had his money seized by BTC-E for shady trading and reacted by slamming their servers and 'support' is just joking with the idiots in chat
legendary
Activity: 1176
Merit: 1001
October 27, 2012, 11:36:44 AM
#41
It's trivial to generate packets with the wrong source ip, it's not trivial to have some ISP not dropping these packets.

Nobody said it's trivial. Mere possible.
That many DDOS attacks succeed because of poor routing and firewall practices is nothing new.
Usually your upstream providers disconnects your link (no matter how much you pay them) if their routers detects packets coming from your link and from a range that wasn't assigned to you.

However i have to say that i really lack knowledge on how hard is it to do such an attack.
legendary
Activity: 1666
Merit: 1057
Marketing manager - GO MP
October 27, 2012, 11:34:20 AM
#40
It's trivial to generate packets with the wrong source ip, it's not trivial to have some ISP not dropping these packets.

Nobody said it's trivial. Mere possible.
That many DDOS attacks succeed because of poor routing and firewall practices is nothing new.
hero member
Activity: 756
Merit: 522
legendary
Activity: 1554
Merit: 1021
October 27, 2012, 07:40:04 AM
#38
Proof?

Sounds like BTC-e is trying to get some Mt.Gox customers Tongue

Well played BTC-e.
full member
Activity: 126
Merit: 100
October 27, 2012, 06:26:13 AM
#37
Quote from: Nolo
Yes it could.  That is an extremely serious allegation.  

Edit:  But we don't have the entire conversation.  Support could have said:  "All these rumors about the DDOS need to stop."  And the question could have been asked:  "What is the rumor that is going around?"  And support could have replied: "mtgox ordered it."

One screenshot can be taken completely out of context. 

+1 this exactly

Is there anything more to this than the one post? If not, it certainly isn't clear what the support person was saying.

They should clear it up, though.
legendary
Activity: 1176
Merit: 1001
October 27, 2012, 06:21:42 AM
#36
It's trivial to generate packets with the wrong source ip, it's not trivial to have some ISP not dropping these packets.
full member
Activity: 238
Merit: 100
October 27, 2012, 04:55:46 AM
#35
Why has BTC-e not posted a response on this yet?
vip
Activity: 756
Merit: 503
October 27, 2012, 04:23:01 AM
#34
Your ISP should lock ips coming from outside their allocated network, same should a server provider.
Quite curious on how easy/hard it's to fake an ip source anyway.

With nmap that's just a switch so must be trivial with DDOS tools.

Quote
-S (Spoof source address)
In some circumstances, Nmap may not be able to determine your source address (Nmap will tell you if this is the case). In this situation, use -S with the IP address of the interface you wish to send packets through.

Another possible use of this flag is to spoof the scan to make the targets think that someone else is scanning them. Imagine a company being repeatedly port scanned by a competitor! The -e option and -Pn are generally required for this sort of usage. Note that you usually won't receive reply packets back (they will be addressed to the IP you are spoofing), so Nmap won't produce useful reports.
http://nmap.org/book/man-bypass-firewalls-ids.html
legendary
Activity: 1176
Merit: 1001
October 27, 2012, 04:18:52 AM
#33
Your ISP should lock ips coming from outside their allocated network, same should a server provider.
Quite curious on how easy/hard it's to fake an ip source anyway.
vip
Activity: 756
Merit: 503
October 27, 2012, 03:49:40 AM
#32
Routers are designed to reject these packets.
It's a security flaw if that wouldn't happend.
Routers drop spoofed internal network address but I don't think they can filter spoofed WAN address.

Some more interesting reading"
Quote
Impersonation. In the DNS attacks, each attacking host uses the targeted name server's IP address as its source IP address rather than its own. The effect of spoofing IP addresses in this manner is that responses to DNS requests will be returned to the target rather than the spoofing hosts.

http://www.watchguard.com/infocenter/editorial/41649.asp


full member
Activity: 187
Merit: 100
October 27, 2012, 02:57:55 AM
#31
Wow talk about taking out your competition...
legendary
Activity: 1176
Merit: 1001
October 27, 2012, 02:53:46 AM
#30
Routers are designed to reject these packets.
It's a security flaw if that wouldn't happend.
vip
Activity: 756
Merit: 503
October 27, 2012, 02:10:17 AM
#29
Folks, a semi-competent script kiddie can drop a billion IP packets on the internet directed to btc-e (for example) with any "from" address you want (like mt-gox).  All the responses will go to the "from" address... so its pretty useless for everything except DDOS attacks.  Smart routers might drop the packets, but I guess not in this case.

This is the most likely explanation...


Absolutely not.

There is not such a thing as the "from" addresses, these are not mails.

The attack you are taking about requires exploit (serious ones) on the edge routers among the attacker and the attacked.

No, that's not going to happen nor has happend.

It's simply them being unable to put in place a minimal dos (I think) or ddos (unlikely) protection in place and blaming their ignorance on their competitor to gain some fan.

Stupid move, dear.
Wait wut?

http://en.wikipedia.org/wiki/IP_address_spoofing
legendary
Activity: 1666
Merit: 1057
Marketing manager - GO MP
October 27, 2012, 02:07:53 AM
#28
There is not such a thing as the "from" addresses, these are not mails.

Dude, every TCP/IP package includes a source address, how do you think communication is facilitated?
And under normal circumstances one can "spoof" this source address.
full member
Activity: 238
Merit: 100
October 27, 2012, 02:03:14 AM
#27
That's one hell of an accusation to make without evidence, and making it without proving it can only damage BTC-e's reputation.

Explain yourself BTC-e support.
Seriously, that could be grounds for a lawsuit under slander/libel.

Yes it could.  That is an extremely serious allegation.  

Edit:  But we don't have the entire conversation.  Support could have said:  "All these rumors about the DDOS need to stop."  And the question could have been asked:  "What is the rumor that is going around?"  And support could have replied: "mtgox ordered it."

One screenshot can be taken completely out of context. 

I witnessed it. It's not out of context at all, in fact that is the only thing support said.
legendary
Activity: 1176
Merit: 1001
October 27, 2012, 01:06:07 AM
#26
Folks, a semi-competent script kiddie can drop a billion IP packets on the internet directed to btc-e (for example) with any "from" address you want (like mt-gox).  All the responses will go to the "from" address... so its pretty useless for everything except DDOS attacks.  Smart routers might drop the packets, but I guess not in this case.

This is the most likely explanation...


Absolutely not.

There is not such a thing as the "from" addresses, these are not mails.

The attack you are taking about requires exploit (serious ones) on the edge routers among the attacker and the attacked.

No, that's not going to happen nor has happend.

It's simply them being unable to put in place a minimal dos (I think) or ddos (unlikely) protection in place and blaming their ignorance on their competitor to gain some fan.

Stupid move, dear.
Pages:
Jump to: