We're Back - READ (Info - Updated)

[blud]

After roughly 2 days offline, MangaShare is back. We suffered a distributed denial of service attack on our website beginning Sunday evening. Surprisingly, our data center did not have any DDoS mitigation systems so we were forced to simply "wait and see".

This was unacceptable so we scrambled, lost a lot of sleep, and managed to get a really kickass cluster set up at a new datacenter.

We should be online and faster than ever for everyone as the DNS updates over the next 24 hours. Our fridays should run a lot smoother now too due to a load balancer being installed.



Expect some rockiness as we settle into the new servers.

Note: The attack is still underway, and we're working with our new server company to mitigate it. Expect a lot of broken images and  a lot of the following error message.

"Service Unavailable - This server is temporarily unable to service requests.(Internal-Reason: 132)"

------------------------------------------
10:52 PM MST @ 12/05/2007 - Update
------------------------------------------

Forums are mostly functional now. The attack is still taking place (thousands of concurrent users per second), but with help from our new datacenter we're mitigating the traffic and improving.

Due to the nature of the attack there's very little we can do other than what we've done. Hopefully the jackass behind the wheel gets bored soon.

------------------------------------------
8:59 AM MST @ 12/06/2007 - Update
------------------------------------------

Still under DDoS, trying new things. I'll keep you posted.

------------------------------------------
9:32 AM MST @ 12/06/2007 - Update
------------------------------------------

See post #3 in this thread.

[P'unk]

Wow that's really answer my question "What the hell happened to MS?". Hope you got lucky with your effort Blud!

[blud]

A significant block of IPs have been shut off from accessing MangaShare. Those who reside in several Asian countries might have problems accessing our site over the next few weeks - because frankly, I don't really care. Blame the DDoS'ers for that.

We saw major improvements to the load after this step was taken. There are still some attackers squeaking by but as far as I can tell, the site works now.

We'll continue monitoring it throughout the day.

[Rainierman]

Holy crap, I am not sure if I understood well but from what I got, MS got hacked attempted? Wrong, not exactly, I just checked and wow. It's good to know what a DoS attack is now.

(for those that are clueless about the subject like I was before)
Denial-of-service attack - Wikipedia, the free encyclopedia

I didn't think the brief downtime was due to something of this nature, I am a bit surprised. I hope you manage through and that your efforts pay off in the end Mangashare staff, good luck.

[Kendoki]

I thought my 1000th post broke the site. v_v

Least it's back up.

[MountainLionLink]

A significant block of IPs have been shut off from accessing MangaShare. Those who reside in several Asian countries might have problems accessing our site over the next few weeks - because frankly, I don't really care. Blame the DDoS'ers for that.

We saw major improvements to the load after this step was taken. There are still some attackers squeaking by but as far as I can tell, the site works now.

We'll continue monitoring it throughout the day.

Can you ask anyone from the new server host to trace these wild IP addresses so that they can be blocked?

Anyways I agree with you, if a few bad individuals decided to ruin everyones' favorite hobby, then let everyone from that area pay the price. Since it seems like some of the individuals in the Asian countries just like to cause more harm on the internet then anything else. Yes I'm talking about South Korea and all the DDoS attacks that come from that area.

[Woofcat]

The reason there are so many zombie pc's in some countries is due the fact that they all pirate windows with no security patches. Thus making them the perfect ground for snatching up zombie PC's.

Now if only they also pirated anti virus software!

[Infinity]

Well, its working now, and I guess that is what is most important.
Thanks for working it out, Blud, I know it must have been pretty annoying. ;_;

[g7_gomitat7]

How the hell does a hosting company get the denial of service attack??
Not only that, but why?
Seriously!!
There's no monetary gain.
It costs money to keep up zombie computers!
Dear God this is pitiful.

If this gets serious, I'll design an authentication system for you to avoid this crap.
My uncle knows a lot about this stuff, and I have read my fair share on hacking.

By the way, the bigger hosting companies have more sophisticated security.
For instance, use Yahoo hosting because of the shear size of their operating capacity.
I have no clue who you choose, but, just in case, keep a backup of the website every week.

Or something like that...
Put it on an external hard drive.
Serious malicous attacks may involve a complete loss of data.

A dos is the lamest trick in the book.
This is just BS.
------------------------------------------
I'm just curious:
Where are these attacks coming from???
This is a long shot, but you could contact intelligence agencies.
Sometimes they get involved into this kind of stuff.
I just read recently how German counterintelligence use trojans when dealing with certain suspects.
Canada may have some sort policy towards this too.
Hacking crime rings tend to be a target of intelligence agencies and these types of attacks can lend evidence, more or less, to their objectives.

[blud]

Unfortunately there is no real way to avoid a DDoS attack. It is designed to mimic real users opening real connections so there's no method of preventing it. The way massive shared hosting companies deal it is simply through out-resourcing the attacker / null routing the targeted ip / disabling the account that's being targeted.

A site like MangaShare is hosted on our own dedicated servers, so there's less our data center can do for us, short of paying them to set up a significant amount of additional servers to balance the load on and getting a high bandwidth bill from serving all the fake traffic out of the deal. With our new provider, they have something called a Cisco Guard, which is currently monitoring our traffic patterns and trying to disable additional attacks in real time, it's not a complete solution but it's helping.

Your guess is as good as mine as to who is doing this, or why. MangaShare doesn't really have any enemies that come to mind - and no it's not Tazmo (he uses our manga on his site week by week so there's no reason for him to try and end us).

It was a pretty thorough attack though; at first it was targeted at the highest load part of the website "mangashare.com/forums/", we added an index.html file as a static gateway to the index.php file, basically saying "click here to enter the forums". This reduced the load on the servers significantly, but not even an hour later the attack was updated to target "mangashare.com/forums/index.php".

Our last resort was to simply block parts of Asia, because the vast majority was originating from there. Keep in mind that the actual orchestrator of the whole thing could live anywhere in the world. There is really no way of knowing who did it short of them bragging somewhere or sending an extortion email (both of which didn't happen).