Silk Road forums

Discussion => Silk Road discussion => Topic started by: GaryBusey on May 04, 2013, 06:03 am

Title: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: GaryBusey on May 04, 2013, 06:03 am
How many of you are trying to log in to the site and hitting refresh? Let staff do their work. We are probably contributing to the DDOS by trying to log in.
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: Mr. Fluffles Schrodinger on May 04, 2013, 06:13 am
Thank you so much for pointing this out.

Common sense and all, it probably needed to be said.  +1
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: BruceCampbell on May 04, 2013, 06:18 am
Has nobody actually said this yet?

Because that makes sense. I guess.

Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: Erfy on May 04, 2013, 07:29 am
We've seen a couple of these thread; Thought I should chime in.

How much load 2-3k peep refreshing every minute incurs vs. a normal load of 2k actively browsing users vs. whatever the DDOS is throwing at it.

So unless we hear otherwise... if you need to get on don't shy to try for 10 mins at a time and go process and finalize those orders ;)


Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: Jack N Hoff on May 04, 2013, 07:41 am
We've seen a couple of these thread; Thought I should chime in.

How much load 2-3k peep refreshing every minute incurs vs. a normal load of 2k actively browsing users vs. whatever the DDOS is throwing at it.

So unless we hear otherwise... if you need to get on don't shy to try for 10 mins at a time and go process and finalize those orders ;)

There is only 111 people on the forum right now.  111 people trying to refresh would amount to nothing noticeable.
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: FrankSidebottom on May 04, 2013, 07:50 am
Really won't make a difference, peeps.

Denial attacks from a single source tend to generate millions, if not tens of millions of GET requests from a server, so laying off the F5 is not going to make a blind bit of difference to the poor cunt looking at the logs. Trust me on this.

Having said that.......go easy eh and go make a cuppa ;)


Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: Secret_Squirrel on May 04, 2013, 07:53 am
Maybe posting minute to minute updates on the status of the site is the reason the forums stopped getting hit...

and are we making it easier for the attacker by constantly refreshing SR and posting our results here?

I'm waiting for an update from DPR, we've always gotten an updates when its back up
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: AnonymousAddict on May 04, 2013, 11:16 am
Guys Lets get the attack name were under CORRECT! ITS NOT A DDOS! ITS A DOS!! just for your enlightenment..

 DOS=
A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.   WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat diffrent..

DDOS=
DDoS
A DDoS Attack is a Distributed Denial of Service Attack.

In most respects it is similar to a DoS attack but the results are much, much different. Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet. The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.

 WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat different..

UNless im missing something here? How can a DDOS attack a IP address that can be changed with a click, and specially on a TOR net work..  ONIONS


If i am wrong in anyway please do correct me and enlighten me to how its a DDOS on a tor Onion site? Not trying to act like a know it all, please dnt take it that way but its just been in my head how? how is this? a DDOS?

Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: itsthecops on May 04, 2013, 12:01 pm
Guys Lets get the attack name were under CORRECT! ITS NOT A DDOS! ITS A DOS!! just for your enlightenment..

 DOS=
A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.   WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat diffrent..

DDOS=
DDoS
A DDoS Attack is a Distributed Denial of Service Attack.

In most respects it is similar to a DoS attack but the results are much, much different. Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet. The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.

 WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat different..

UNless im missing something here? How can a DDOS attack a IP address that can be changed with a click, and specially on a TOR net work..  ONIONS


If i am wrong in anyway please do correct me and enlighten me to how its a DDOS on a tor Onion site? Not trying to act like a know it all, please dnt take it that way but its just been in my head how? how is this? a DDOS?


Great Post Anonymousaddict . 
I give credit where its due.  Thanks for taking the time to write it.

jacknhoff:
You are right, the most people on this forum is like 280 at a time. 
There are only 60,000. users registered, and most are fake accounts/duplicates.   Do the math, there are only about 22,000. actual people registered on this forum. 

Most of those never come here unless they absolutely have to.  The rest of the people are you and me.  = the people who are social and like to chat...
There really isn't that many people here at all.  Its quite easy to track someone down on this forum.  Compared to clear net forums, where users are in the millions.

Think about it.  We are actually quite a small community.
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: lukeuser on May 04, 2013, 12:03 pm
Guys Lets get the attack name were under CORRECT! ITS NOT A DDOS! ITS A DOS!! just for your enlightenment..

 DOS=
A denial of service (DoS) attack is a malicious attempt to make a server or a network resource unavailable to users, usually by temporarily interrupting or suspending the services of a host connected to the Internet.This means that one computer and one internet connection is used to flood a server with packets (TCP / UDP). The point of such a denial of service attack is to overload the targeted server’s bandwidth and other resources. This will make the server inaccessible to others, thereby blocking the website or whatever else is hosted there.   WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat diffrent..

DDOS=
DDoS
A DDoS Attack is a Distributed Denial of Service Attack.

In most respects it is similar to a DoS attack but the results are much, much different. Instead of one computer and one internet connection the DDoS attack utilises many computers and many connections. The computers behind such an attack are often distributed around the whole world and will be part of what is known as a botnet. The main difference between a DDoS attack vs a DoS attack, therefore, is that the target server will be overload by hundreds or even thousands of requests in the case of the former as opposed to just one attacker in the case of the latter.

 WERE ON A TOR NETWORK, U HAVE TO HIT A DIRECT IP ADDRESS, it takes nothing to hit 'NEW IDENTITY" DOS is somewhat different..

UNless im missing something here? How can a DDOS attack a IP address that can be changed with a click, and specially on a TOR net work..  ONIONS


If i am wrong in anyway please do correct me and enlighten me to how its a DDOS on a tor Onion site? Not trying to act like a know it all, please dnt take it that way but its just been in my head how? how is this? a DDOS?

I don't really...understand what you trying to say. When you talk about clicking 'new identity', that changes what exit node you use. But since SR is a hidden service, you don't use an exit node with it, so that is irrelevant. With my basic knowledge of Tor and hidden services, i'll suggest that the silk road introduction points are the only things which can be targeted. A database keeps a record of which Tor nodes are introduction points for each hidden service. So the attacker is presumably targeting these introduction points.

https://www.torproject.org/docs/hidden-services.html.en (clearnet)

Quote
Defense against Denial of Service of Introduction Points

The adversarial version of the previous section involves attackers intentionally hammering the Introduction Points of a Hidden Service to make it unreachable by honest clients. This means that an attacker can temporarily bring down a Hidden Service by DoSing a small number of Tor relays.
To defend against such attacks, Syverson and Øverlier introduced Valet nodes in their PETS 2006 paper: "Valet Services: Improving Hidden Servers with a Personal Touch". Valet nodes stand in front of Introduction Points and act as a protection layer. This allows Hidden Services to maintain a limited number of Introduction Points, but many more contact points, without clients learning the actual addresses of the Introduction Points.
Valet nodes are not implemented yet, mainly because of the big implementation and deployment effort they require.
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: cocktree on May 04, 2013, 04:19 pm
There is only 111 people on the forum right now.  111 people trying to refresh would amount to nothing noticeable.
The number of forum users is not equivalent to the number of users attempting to log in, or otherwise access, the main site.
Title: Re: USERS - STOP TRYING TO LOG INTO SR DURING DDOS!
Post by: hee57 on May 04, 2013, 04:38 pm
There is only 111 people on the forum right now.  111 people trying to refresh would amount to nothing noticeable.
The number of forum users is not equivalent to the number of users attempting to log in, or otherwise access, the main site.

But at max 111 forum users will see this message and stop spamming SR which won't do much.