Actually, I'm VERY familiar with the network side of things, and if any books have any questions about this BS, they can reach me at ttinco123@juno.com. I'll keep their inquiry confidential if they prefer.
Java is probably the resident software expert, so he may be a good contact on the programming side of things.
Java is probably the resident software expert, so he may be a good contact on the programming side of things.
TTinCo-
Thanks for the compliment. I've just picked up a few things here and there. I can usually think of a way to do something (to convince myself it is possible), though the hackers would use a much more sophisticated method than would occur to me.
I try to ask a lot of questions and get an idea of what is possible or the general principles. I'm more of a Jack-of-All-Trades (master of few) kind of guy. Fortunately, I'm often able to bridge the gaps between a software expert and a hardware expert by getting them to work together better.
Ebay, Yahoo, Microsoft, etc. spent millions handling and solving these types of DOS problems. Find out what they did and BUY THAT SOLUTION. I'm sure it costs less than $30K.
TTinCo, with your knowledge of the network side, do you know who the ISP's are for the different books affected? I ask because some ISP's may be immune to the attack. On the other hand, if 5 books all use the same ISP, they could chip in and buy the ISP the additional equipment to put upstream. (5 books x $30K is buys a lot of hardware for the ISP)
Anyway, try to compile a list (don't post it, as it may give the hackers useful information). Eventually, if a pattern emerges, you can contact the books and ISP's directly. I'm sure the ISP's are all over this and may noticed other patterns.
Thanks for the compliment. I've just picked up a few things here and there. I can usually think of a way to do something (to convince myself it is possible), though the hackers would use a much more sophisticated method than would occur to me.
I try to ask a lot of questions and get an idea of what is possible or the general principles. I'm more of a Jack-of-All-Trades (master of few) kind of guy. Fortunately, I'm often able to bridge the gaps between a software expert and a hardware expert by getting them to work together better.
Ebay, Yahoo, Microsoft, etc. spent millions handling and solving these types of DOS problems. Find out what they did and BUY THAT SOLUTION. I'm sure it costs less than $30K.
TTinCo, with your knowledge of the network side, do you know who the ISP's are for the different books affected? I ask because some ISP's may be immune to the attack. On the other hand, if 5 books all use the same ISP, they could chip in and buy the ISP the additional equipment to put upstream. (5 books x $30K is buys a lot of hardware for the ISP)
Anyway, try to compile a list (don't post it, as it may give the hackers useful information). Eventually, if a pattern emerges, you can contact the books and ISP's directly. I'm sure the ISP's are all over this and may noticed other patterns.
Java, I can't tell you anything about who uses for an ISP. I know that CR bandwidth is a completely separate form of extortion, and with what they charge, they should have TOP notch monitoring and filtering capabilities, but I'm afraid that I know better. They could also be using an IP anonomizer-that would make things a little bit more of a mess.
Unless this is a true trojan horse virus that has propagated extensively, I can't imagine the attack coming from more than a couple hundred machines-whose IP's could be blocked by the ISP....assuming the ISP takes calls before Monday AM.
A decent ISP should be able to snuff this out in a couple hours unless it's on a much larger scale than I think.
Unless this is a true trojan horse virus that has propagated extensively, I can't imagine the attack coming from more than a couple hundred machines-whose IP's could be blocked by the ISP....assuming the ISP takes calls before Monday AM.
A decent ISP should be able to snuff this out in a couple hours unless it's on a much larger scale than I think.
I may be out of my league here but there's a few things that I can comment on:
1. As far as I know, there is no one complete fail-safe way to combat all DOS attacks. Just like viruses, it's a continual game of cat and mouse.
2. The books that I have known that have been the most successful combating the DOS attacks have hosted in countries other than Costa Rica. While Costa Rica actually has a fairly solid internet infrastructure compared with most of the rest of the world (and I know this will invite slams against internet service there and this statement), the companies that I know that have been most successful in this aspect host in the United States where it is easier to get cooperation in dealing with the ISPs and putting up preventative measures against DOS attacks.
3. We have worked with a few customers in the same building as Hollywood to thwart DOS attacks - however just because a book may have had success against one does not mean that it will always be successful against every type of attack.
If anyone wants to query, argue, debate, etc., just reach me anytime on my email: jim@downetworks.com. i don't know all the answers but our Network Engineer has been thru this drill a few times already and I'll be happy to have him share his experience.
Peace out.
1. As far as I know, there is no one complete fail-safe way to combat all DOS attacks. Just like viruses, it's a continual game of cat and mouse.
2. The books that I have known that have been the most successful combating the DOS attacks have hosted in countries other than Costa Rica. While Costa Rica actually has a fairly solid internet infrastructure compared with most of the rest of the world (and I know this will invite slams against internet service there and this statement), the companies that I know that have been most successful in this aspect host in the United States where it is easier to get cooperation in dealing with the ISPs and putting up preventative measures against DOS attacks.
3. We have worked with a few customers in the same building as Hollywood to thwart DOS attacks - however just because a book may have had success against one does not mean that it will always be successful against every type of attack.
If anyone wants to query, argue, debate, etc., just reach me anytime on my email: jim@downetworks.com. i don't know all the answers but our Network Engineer has been thru this drill a few times already and I'll be happy to have him share his experience.
Peace out.
