The web site is offline?

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
#1
I have been getting "the web site is offline" all afternoon when connecting to these forums. I press the "try again for a live version" and it's OK. What's up?
 
#3
The Chinese are attacking the site again. They've been unable to do any damage, but they're slowing things down.
This continues today. Did you do something to anger them? It's particularly annoying to have just composed a post only to press "Post Reply" and have it lost!
 

rconn

Administrator
Staff member
May 14, 2008
10,096
85
#6
Rex, I think you should add a banner to the website saying something like "Not affiliated with the Department of Defense"....
We get attacked periodically by two (apparently? ostensibly?) different groups from China -- what appears to be criminal hacker groups looking for passwords & credit card numbers, and another set (somewhat more inept -- government sponsored?) who appear to be searching for code. Since we don't have either on the JP Software website, they're wasting their time, but perhaps the possibility of causing disruptions on our website is enough to satisfy the second group.
 
#7
When they start picking on me ...
Code:
v:\> alias ipblock
netsh advfirewall firewall add rule name=aablock_%1 dir=in action=block enable=yes localip=any remoteip=%1
Code:
ipblock 218.0.0.0-223.255.255.255
is a good start. Would you like a list that covers about 98% of Asia?
 
#9
I'm already blocking them. But they're beating on the door hard enough (> 1000 attempted accesses per second) that they're causing some spotty access timeouts.
Are ISPs amenable to helping out in such situations? ... blocking at a higher level?
The few times this has happened to me (that I'm aware of ... never causing any harm or even inconvenience) the attacks have been from a single IP in a block of dynamically assigned IPs used by some ISP over there. I figure it's a stand-alone hacker.
 

Charles Dye

Super Moderator
Staff member
May 20, 2008
3,376
39
Albuquerque, NM
prospero.unm.edu
#10
We get attacked periodically by two (apparently? ostensibly?) different groups from China -- what appears to be criminal hacker groups looking for passwords & credit card numbers, and another set (somewhat more inept -- government sponsored?) who appear to be searching for code. Since we don't have either on the JP Software website, they're wasting their time, but perhaps the possibility of causing disruptions on our website is enough to satisfy the second group.
Hmp. I'd be tempted to generate a few hundred thousand "credit card numbers", complete with expiration dates, and put 'em someplace the script monkeys could find. Give them something to play with. But I guess that would just drive them into a blood frenzy; it's probably a good thing I'm not running your web site!
 

rconn

Administrator
Staff member
May 14, 2008
10,096
85
#11
This attack is coming from at least several hundred (possibly several thousand; haven't isolated them all yet) IP addresses, most of which appear to be bots. New ones are added continually.

If it follows the same pattern as previous attacks, it'll peter out in another day or two when they decide to shift their attention to a more worthwhile target.