A new Denial of Service attack.

[LIMPET235]

Hi Guys 'n' gal,
I just watched the latest episode of Steve Gibson & Leo Laporte that I D/L every week.

It appears that grc.com & possibly twit.tv are both getting hit by this DDoS attack.
[edit] twit.tv is up again.[/edit]

Steve called it a "DNS Reflection Attack" & it appears that there's no way at present to stop them.

I tried both sites via the "Down for everyone or just me" site & both are down.
DFE > http://www.downforeveryoneorjustme.com/
grc > https://www.grc.com/intro.htm
twit > http://twit.tv/

Looks like someone doesn't like what they both are doing or just testing it out for future use somewhere.
Steve reckons they flooded his server with 13 Gig bits of requests. (I think that's what he said.)

Proper bastardo's.
They should think before totally inconveniencing & incapacitating 2 great sites.

Hope they don't try here.

Stay safe.
Regs, L..

ps. I'm in the process of uploading a cut down version to my mediafire site....if anyone is interested in all the details.
About 42 Mins & 279 Meg .avi file.

pps. The mediafire file is here...
> http://www.mediafire.com/watch/am3cp024 ... s_Down.avi

ppps. Make sure that you are using the latest Flash version.
> 20.0.0.306

[Omega X]

I saw this the other day on Neowin. Kind of odd that they would go out of their way to target GRC.

The site seems to be working now.

[LIMPET235]

Yep, I agree. Very strange to target such a small site that harms no-one & helps heaps.

[Grumpus]

I can think of a ton of reason why a DOS attack, particularly from government of other criminal sources as it appears to help the average Windows user close some of the things MS doesn't by default.

[LIMPET235]

I can think of one in particular, Grump, especially when/if it's web site security related.

[Omega X]

I can think of a ton of reason why a DOS attack, particularly from government of other criminal sources as it appears to help the average Windows user close some of the things MS doesn't by default.

The government is too incompetent to willingly DDoS GRC. Someone else was behind this. Probably a Spinrite customer.

[Grumpus]

@Limpet235 - I see you hanging with the thug squirrels again.

@OmegaX - I don't think they're incompetent, more like too busy with political crap from the latest squeaky wheel.
My thought is if they need a back door for snoop factor this site might just mitigate some of their simpler methods of intrusion.

Not to change the thread but the weekends Linux Mint site breach may have started with single user machines.
Found my Bios altered, machine changed to an XP machine from Linux machine, time zone and LAN state some other settings after some updates from the repository. It could have been libc and ntp updates but it's never happened before. Got the error warning last mid-week but a warm boot fixed it, or so I thought, error notification again this morning, made changes.

[LIMPET235]

Hey Grump...
It was an image that I thought appropriate to your reply.

In case you didn't know...
Steve is working on a very secure "no passwords etc., etc., needed" to log in to any of your sites with any device.
It's called "SQRL", pronounced squirrel.
It's in the last stages of testing & hopefully, will be available, shortly.

[Grumpus]

Won't help me as when I've tried the software on the site I get different answers each time.
I am for the most part stealth or blocked but his site shows ports open which are not one time; and not open the next.
I think it would be good to deal with the Linux ambiguity first but that might not be workable.

Above Bios issue is probably the software changes and not access but finding my 100% Linux system borked to Windows XP was a bit disturbing as it could have implemented the dopey Secure Boot crap. I think the mentality has to change, everyone did not start a new system out as MS based , this is a started as Linux system.
Both Fedora and Mint seem to want to accommodate MS beyond simple cross platform communication add the AWS intrusions and I might as well go back to an abacus or a 407 business machine. I know they can't hack the cards, then again there was that fiasco in Florida with hanging chad.