BoonEx Under DDoS Attack

Andrew Boon posted 2nd of April 2011 in Dolphin.pro News. 34 comments.

Once again we're being targeted by some losers. Well, this again confirms that we're doing something right and it is the for us to learn and improve again. We're using different options and tools to mitigate the attack which is coming at a rate of about 3-4 Gbps / 800,000 pps. now (about 5x more than the last one).

 

Sorry for any inconvenience. The situation should stabilise soon.

 
Comments
·Oldest
·Top
Please login to post a comment.
jubiijan
I was accually afraid it was the problem. Anyways good to see you online again. Welcome back :)
theguypc
I was a little worried it was my ISP, but it was going on so long that I figured it was an attack.

I hope my April Fools post didn't trigger it - lol
I thought it was the April 1 joke
annabel
And isn't there a way to find out where it comes from ? Can't imagine there isn't a way to track down those losers ...
Andrew Boon
In most cases it's impossible, unfortunately. That's why the whole industry of DDoS mitigation exists. Attacking computers are normally infected PCs of people from around the world hosting malicious software controlled remotely. Zombies, if you will.
annabel
Hm ... I've been reading something about it and my question is ... how do I know I'm sufficiently protected ? How do I know someone is not using my computer (amongst others) to launch such an attack ? Could it be one of the members who knows a weak protection item using all the other members' computers to launch the attack ? I don't understand why someone would attack Boonex.com unless it's a pissed-off member who wants to take revenge for some (stupid) reason.
Andrew Boon
Just a good antivirus scan should do the job for your own PC and a little bit of work with your hosting provider should help to check you hosting server. It not Unity members' computers, trust me. Botnets are comprised of just random computers.

As for reasons to attack... there're plenty. We have seen attacks coinciding with competitor's product launch. No proof, just a quick guess.

Good thing is that it is now a rule that such attacks ALWAYS bring something good with them - new knowledge, see more new technologies, good changes. They work like a good caffeine boost. Even now, they helped us to find a way to slash our bandwidth costs, improve loading speed and server security.
It may be worth mentioning here that Boonex has a Twitter feed that had an announcement about the DDOS attack hours ago - I make sure I save the Twitter feeds of websites I regularly use in case they have unplanned downtime - and they usually make some sort of announcement on their Twitter feed.
csampson1
Don't you have to ask about that last comment? How does Twitter, Google, FaceBook all avoid this same? I know money and staff out the backside! As a member I will be the first to say that I am petrified of the same type attack and any member who is not has not thought about it! Can you share in great detail what as a end user of Dolphin we can do if anything to avoid such an attack.......If there are things for our hosts to do please provide a check list to confirm they have been done by our see more hosts and anything we are suppose to do!! It is quite apparent that this type stuff is such a waste of time but very apparent and quite obvious that it has to be done and double checked to avoid..........
dolphin_jay
There is nothing you can do to stop. If they want you down you will be down. The only thing you can do is spend a bit of money to match the amount of bandwidth that they are hitting you with. OK alot of money each month to match there bandwidth.
sonnarinternet
It is absolutely imperative that Dolphin is modified ASAP such that DDoS attacks against Boonex.com do not also affect all the sites which use Dolphin. While Boonex.com was being attacked (by a pathetic little cry baby), all the pages in Dolphin Admin literally took minutes to load. This is completely unacceptable and unnecessary! There's no reason that Admin be designed such that it frequently has to "phone home". As soon as the DDoS attack was over, Dolphin Admin worked fine once again. see more We've just recently upgraded to Dolphin 7.05 and we absolutely *Love It* however, having Admin essentially crash each time Boonex has a disgruntled user can't continue. So please, make this a top priority for Dolphin 7.1 and I also request that you consider an emergency Dolphin 7.07 release to remedy this problem. We Love Dolphin!
Nathan Paton
Dolphin isn't as tied to the BoonEx server as it once was. I recommend you disable administration panel feeds, which was probably causing the long load time.
paulo rodrigues
as an end user who has not yet upgraded from 7.0.4 do i have to fear any of this or should i wait?
Nathan Paton
You're not the target, so I don't see why you should have to worry about your site.
sonnarinternet
We tried disabling the Boonex feeds on the Admin panel and although that helped, page load times were still *Very Slow*. Why not design Dolphin including Admin so that there is ZERO dependence on Boonex.com and it never needs to "phone home"? Given the DDoS attacks that Boonex has suffered, wouldn't this make sense?
Nathan Paton
I suppose it could be improved, but the script still needs to be able to communicate with the BoonEx server for things such as licensing.
presscon
@Magnussoft - Perhaps for those that wish we could pay a small fee to remove that license check and another such nuisance to not affect other Dolphin sites.

It does not make sense to hold the rest of the sites "Ransom" so to speak.
Nathan Paton
@presscon: I don't see how that's the case.

If the server goes down, the worse that happens is the administration panel may take longer to load due to the feeds, which can be removed with the change of two settings and the possible file edit. The only time you should problems with the license is when applying a new one.
annabel
Can you tell us how to turn off admin feeds ? Some of them I'd like to remove.
annabel
Can you tell us how to turn off admin feeds ? Some of them I'd like to remove.
Nathan Paton
You'll find this and more under the advanced settings page.
Had no problems at all with my site while boonex was down.

Glad you got it straightened out on your End
gondwana
My biggest problem while Boonex was down was missing my daily dose of Boonex! It's a sad fact that there will always be sick and demented people out there intent on causing damage and destruction but glad to see Boonex has turned a negative into a positive.

Interestingly, the above comments raise some new issues that I was not aware of:
As for 'Turning off Admin Feeds' in 'Advanced Settings' that seems to be simply the boonex news and boonex feeds.
What about Magnussoft's comment, 'the script see more still needs to be able to communicate with the BoonEx server for things such as licensing.' ?
Why is that necessary?
Once the license is purchased, installed and enabled on a site why does it need to be communicated everytime admin logs in? I don't understand what purpose that serves.
And what other 'things' are being communicated to boonex?
I'd be very interested to know these 'things'.
Nathan Paton
It used to be the case that the script was in constant communication, but now it's only the feeds in the administration panel, which can be disable through the advanced settings page. I was referring to entering a new license, which would be the only time you would have problems when the BoonEx server is down.
tevasas
I was attacked on my site to : http://www.boonex.com/unity/forums/#topic/Security-attack-was-stopped--2011-04-03.htm
Nathan Paton
Check the other posts in that thread. It has to do with PHPIDS, which never worked correctly. I recommend you try the second option listed here (also posted by deano): http://www.boonex.com/unity/forums/topic/Troubleshooting-Possible-Security-Attacks-.htm
So that was the reason why I couldn't log to boonex website, ddos from those losers. Boonex must find a solution for this because it's growth would be impeded, the sales would go down. People who intend to buy boonex dolphin license and couldn't get the website loaded by the server would go away.

I already check for the anti- ddos and it would cost me $250,000 to buy their equipment and I don't have that money. The other option would be to rent their equipment for $8,000 thats still unaffordable see more for me. Anyway my website is not the target it's the popular website like boonex.

My suggestion to boonex people is to check if their web host has this equipment, which obviously they don't have because boonex wouldn't be under ddos on the first place. But there is a webhost that have this kind of equipment. The anti ddos are being sold for big time web hosting company. I need my website to be finish and I relay on boonex website very much. Getting the web host with anti ddos would be a last option. Transfering from one web host to another is not an easy task. But boonex can transfer some of it's website to another web host with anti ddos and let the other half remain to the web host they have right now. So when those losers attack boonex again boonex website wouldn't be down because the other web host with that anti ddos would still function
So that was the reason why I couldn't log to boonex website, ddos from those losers. Boonex must find a solution for this because it's growth would be impeded, the sales would go down. People who intend to buy boonex dolphin license and couldn't get the website loaded by the server would go away.

I already check for the anti- ddos and it would cost me $250,000 to buy their equipment and I don't have that money. The other option would be to rent their equipment for $8,000 thats still unaffordable see more for me. Anyway my website is not the target it's the popular website like boonex.

My suggestion to boonex people is to check if their web host has this equipment, which obviously they don't have because boonex wouldn't be under ddos on the first place. But there is a webhost that have this kind of equipment. The anti ddos are being sold for big time web hosting company. I need my website to be finish and I relay on boonex website very much. Getting the web host with anti ddos would be a last option. Transfering from one web host to another is not an easy task. But boonex can transfer some of it's website to another web host with anti ddos and let the other half remain to the web host they have right now. So when those losers attack boonex again boonex website wouldn't be down because the other web host with that anti ddos would still function
theguypc
Testing
Testing
Testing
I need my website to be finish and I rely on boonex website very much. (not "relay" it was a typo error)
d7KK
@Andrew Boon

no problem. we understand all this situation!

best regards!!
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
PET:0.16033577919006