ID:80727
 
Keywords: stupidity
So apparently my site came under a DDoS attack about 7 hours ago. Don't bother clicking that link, it's down.

The first thing that comes to mind is puzzlement. Why on earth would anyone consider my site worth DDoSing? I'm not aware of anyone I've offended. My pitiful cash flow hardly warrants any ransom money. Just what is the motive here?

Must be some uber-pathetic script kiddie testing out their new toy. If they're hoping for some kind of angry reaction, they'll be sorely disappointed. All I'm feeling at the moment is withering apathetic disgust. Honestly - what kind of a snivelling loser would you have to be to lash out mindlessly like that? Lame, lame, lame. Grow up.

Now if you'll excuse me, I'm off to get some productive work done. (Ooh! Productive work. What a novel concept. Watch and learn, kiddo.)
you sold like 1 or 2 cheap little games on that site, right? maybe someone bought one, played it a bit, and went FFFFFFUUUUUUUUU-

that's just my guess ;o
A couple of indie games, yes; one being my own Mayhem Intergalactic, based on this BYOND game. Typical reactions to the game tend to range from "love it!" to "meh, it's okay". In comparison, DDoSing the site comes off as a touch extreme...! :-) Still, your guess is as good as mine...
Step 4 complete, now to implement step 5 in my ploy to take over the world, muhahahahah!
Are you sure you didn't get dugg or anything? Big websites can take down smaller ones pretty quickly.
Only thing that comes to mind from the past few days is that I was listed on IndieGameVideos.com. Their YouTube video has 8 views, so I doubt it's related. :-P
Ah yes, my plan is coming into fruitation. Now to launch more DDOS attacks against people that sacrifice a month or two or more (I forget) of income for charity.

srsly, does it make someone feel good to do that?
At least one person connected to Gum Drop Neo Terra claimed ignorance when I compared the game to Mayhem Intergalactic. That makes them suspicious in my book. I mean, they've got circles with numbers, man. Circles AND numbers in space!

;)
Eh, Crashed.. Although I'm pissed at you, don't suspect me for anything.
Yammen wrote:
Eh, Crashed.. Although I'm pissed at you, don't suspect me for anything.

*pours coffee over Yammen*

Crashed != Crispy
Probably just a completely random attack. This has happened to my sites a few times.
Your Full ban shit fails. It's worthless. lolololol.
Productive work? That's madness! You should be swearing as much as humanly possibly while the cute bar girl continues to give you alcohol at a "discounted"* price! That's the Australian way!

* Oh, you'll pay for it one way or another.
I deeply apologise for letting my country down, Tiberath. Still, at least I can't be fired from being captain of the cricket team. :-D

@Blaze: It served its purpose well, once upon a time when banning by IP was considered "advanced". =) Was definitely used to good effect to foil a few griefers back in the day, and at the time it was the most foolproof system possible. If memory serves, my motive for releasing it was to stop all the endless cries of "help help, someone is spamming our game!"

I hear BYOND has some newfangled built-in banning functionality which is probably better, these days.

@Silk: Yeah, that's what I figured. Glad to hear it's not just me, thanks!

@ACWraith: Hmm... looks more like a clone of Galcon to me, but thanks for the shout-out! :-) I agree, he's definitely a suspect. Let's go egg his house. ;-)

@Jeff: 50% of a month-and-a-half-ish, to be precise(-ish). I doubt they even know or care who they're attacking, to be honest. Just mindless vandalism. Pretty sad really.
Crispy wrote:
I hear BYOND has some newfangled built-in banning functionality which is probably better, these days.

Only for DreamDaemon, which leaves those with Linux hosts out on the line still (well, I hear you can use it, but it requires a reboot of the server). But the combination of client.computer_id, client.address, client.ckey, client side savefile and a browser cookie should do the job better than anything else.

The problem is, I think browser cookies aren't restricted to one BYOND environment. So I'm fairly sure a cookie from Game A, can be effected by your own DM environment.

I doubt they even know or care who they're attacking, to be honest. Just mindless vandalism. Pretty sad really.

I say the same thing when I take the trains in Melbourne. Graffiti everywhere, believe me, it's not artistic...

--

Oh yeah, should still do it anyway, those bar girls are hot. Especially in Canberra and Newcastle.
Best thing to do is find out the IP of who did the attack (should be easy to come by), iptable ban them, and then report them to their ISP.
Nadrew wrote:
Best thing to do is find out the IP of who did the attack (should be easy to come by), iptable ban them, and then report them to their ISP.

Apparently it's a DDoS (Distributed Denial of Service) attack, in which case banning them or reporting them to their ISPs would be pretty useless since it's probably a botnet.

I'm not dealing with the problem directly, btw; my hosting provider is handling it, and has temporarily null-routed my virtual server so I don't get any traffic. That way my VPS isn't needlessly sucking up any resources from the physical machine it's on, so it's a pretty sensible thing to do under the circumstances.

Tiberath wrote:
Oh yeah, should still do it anyway, those bar girls are hot. Especially in Canberra and Newcastle.

Haha. Can't speak for Newcastle, but as for Canberra, you may have a point... :-)

Only for DreamDaemon, which leaves those with Linux hosts out on the line still (well, I hear you can use it, but it requires a reboot of the server). But the combination of client.computer_id, client.address, client.ckey, client side savefile and a browser cookie should do the job better than anything else.

I see. Well, FullBan doesn't use client.computer_id, since as I recall that wasn't implemented at the time I wrote it. It probably should, but I don't have much interest in updating it these days.
Site is back up! Hurrah! Not sure exactly when the DDoS stopped, since I had to ping support to get the null route removed (normally it gets removed after 24 hours, apparently, but not this time for whatever reason).
Ah right, missed that part of the post. That's a pain in the behind for sure. How does one go about talking to you these days? I have some questions and conversation whatnots.
My email address is on the left, and there's a alternative one on my (now operational!) website. :-)

(As an aside: I'm really glad I switched my company email over to Fastmail recently. Among other benefits, it wasn't affected by the attack, since it's on a separate server.)