Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Using TomCoyote's website, James Healan of SpywareInfo has been able to email his members about the recent DDOS attacks. The email was sent early this morning and reads as follows:
______________________________SpywareInfo, TomCoyote.org and merijn.org disappeared last week. This is due to a colossal, ongoing distributed denial of service attack. Several thousand trojaned PCs are throwing millions of HTTP GET requests at our server. The attacker is very determined to keep these sites off the net. Every time we filter out the attack, thousand of new machines join in. For now, the server is firewalled and all traffic is being null routed.
No one has claimed responsibility and there has been no attempt to break into the server. We are examining files from some of the infected machines involved in the attacks. At this time, I cannot confirm or deny the rumors floating around that coolwebsearch.com or one of their affiliated sites is responsible for these attacks.
TomCoyote.org is up and running again on a new server and the forums there are available to help people: http://forums.tomcoyote.org/.
TomCoyote has also allowed me to send this newsletter out from their web site and I thank them for it.
Merijn.org is also up and running again on a new server contributed by the folks at X-Block (http://www.xblock.com).
The private mailing list and malware repository for antispyware developers is also up and running on a new server.
SpywareInfo will continue to be down for the next several days. My hosting service and I are working on setting up a system of multiple redundant proxy servers to shield the main server from these attacks. I hope to have this running within the next week or so.
For updates on the situation, please refer to this message board thread: http://forums.tomcoyote.org/index.php?showtopic=4413
If anyone would like to contribute a server and hosting, please contact me at mike@tomcoyote.org. There are some minimum requirements for each server. I need a minimum PII 300MHz 128RAM, dedicated IP address, apache 1.3x on linux (preferably red hat) with root access via SSH and minimum of 100GB bandwidth/month. A Virtual Private Server (VPS) will work fine (I don't need a whole box).
It is going to cost a small fortune to set up these proxies to shield SpywareInfo from attack. If you would like to help us pay for these costs, we have a paypal account
(https://www.paypal.com/xclick/business=paypal%40spywareinfo.com&no_note=1&tax=0¤cy_code=USD) as well as a postal address:
James Healan
PO Box 2378
Reidsville, GA USA 30453Thank you very much for your contributions.
SpywareInfo will be back. It will take more than this to keep us off the net.
Mike Healan
SpywareInfo
TheKid: Thanks. Seems I didn't get all of the sleep out of my eyes this morning.
Justin Weber: Sorry about this duplicate post. Should have read the Merijn.org etc (below) first.
0 
No biggie,LOL,easily an honest mistake.
Maybe Justin and/or Kevin will only give you life w/o parole now,as opposed to the
"thread death" penalty.
0
IronMan,
I just tried to get onto TomCoyote's site via the link you posted (copy/paste onto address bar), and it came up telling me "forbidden."
Did anyone else have this problem?
--Viv :)
0
Viv:
Yes, went to the site and received: "This account has been suspended. Either the domain has been overused, or the reseller ran out of resources."
Probably another DDOS. Earlier today, the site was up and running just fine.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
