gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76774 Posts in 13500 Topics by 1651 Members - Latest Member: insider4ever March 29, 2024, 01:07:15 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Illegal Attacks On The Network
gfx
gfxgfx
 

Author Topic: Illegal Attacks On The Network  (Read 4438 times)

0 Members and 1 Guest are viewing this topic.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Illegal Attacks On The Network
« on: July 17, 2009, 09:09:26 am »
Folks I have been monitoring an increased effort by our enemies to launch illegal ddos attacks on our primaries, the blocked whittaker range that I believe is a front for media defender are using DOS techiques to cause network destabilisation and this can at times cause some folks to fall from their Primaries, as media defender has no idea if files are being transferred or not and is reckless as to whether data is being destroyed they are clearly breaking the law and complaints should be logged with either the FCC or the FBI regarding their cyber warfare attacks, as I,m not a US citizen its not possible for me to report them effectively but I would be more than grateful if anyone who is operating primary drops them a line asking them to investigate these criminal  activities that are a step too far.

The attacks are triggered when anyone grabs a chat room listing so to minimise your exposure try to save and select the rooms you require from "favourites" rather than grab a fresh listing. There is no legal excuse to attack chat groups except to try to crush our community, we will not however give in to criminals so easily.

Whittaker           :129.47.160.220-129.47.160.255





Offline birdman

  • Forum Member
Re: Illegal Attacks On The Network
« Reply #2 on: July 17, 2009, 10:42:42 am »
Ive been watching this attack on my firewall for a coupe of weeks now its non stop not just when opening the chat rooms lists its there all the time if you run primary

Offline wonderer

  • MX Hosts
  • *****
  • ***
Re: Illegal Attacks On The Network
« Reply #3 on: July 17, 2009, 01:07:22 pm »
I have extended the range a bit to 129.47.160.220-129.47.255.255 as they have been using the upper range too on my system a while ago.
They used to be not too clever by requesting from the same IP raising portnumbers by one in a unnatural speed.
The complete Whittaker range is 129.47.0.0-129.47.255.255 btw.

Offline Lagerlout666

  • Forum Member
Re: Illegal Attacks On The Network
« Reply #4 on: July 17, 2009, 01:47:01 pm »
We have never just blocked a full range just because they own it. The list has always been about what is active. An seen as it can be updated in seconds not days like other lists out their their is no need to be so brutal. An gives the block-list team something to hunt for.
The Solution to 99% of winmx problems

nap.winmxgroup.net        -ONLINE again YAY!!!!!! :D

Praise's daily at the church of "Kopimi"

Offline Ace

  • Forum Member
  • *****
  • Every new creation is the sum of old and new.
Re: Illegal Attacks On The Network
« Reply #5 on: July 17, 2009, 04:27:14 pm »
ill say block em  as in then min range first

if still ddossing then higher  the range 

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Illegal Attacks On The Network
« Reply #6 on: July 17, 2009, 05:31:58 pm »
I cant prove 100% this is media defender but I can prove it by the balance of probabilities, media defender used to use a 72 range and a 38 range then they shifted a few months ago to a new 174 range the other ranges disapearing on the exact day as the new one arrived, also a traceroute reveals the last step before the 174 IP was a media defender IP last used to set up a sting video upload site that failed, this then ties the changes and new IP together, the latest IP range to be active is the small whitaker  that appears on a few old emule block-lists for anti p2p2 activities, but on our network is a flooder in the main and all the primary dos attacks occur when they finds its floding attempts blocked, the initial trigger is a chat list request but they will as another poster mentioned continue throught your time online to disrupt the primary network.

once again as the whittaker IP is active on the same day the 174 range closed down, this then indicates its media defender and likley the whittaker company whos range is vastly larger, sublets a small portion to media defender or they have a proxy deal as media defender have used such services many times all to hide their original server IP's.

Lets be clear here so no one is confused, the blocklist team will only ever block network attackers and as the network is checked many times a day we do not need to block millions of IP's "just in case", the range thats attacking is being blocked nothing more and nothing less.

Offline Forested665

  • Forum Member
  • Linux:2003 FreeBSD:2004 Debian/BSD developer:2006
Re: Illegal Attacks On The Network
« Reply #7 on: July 17, 2009, 07:22:08 pm »
Unfortunately the FBI is a higher level of command then most citizens have access to, and FCC doesnt regulate the lines. Best course of action is to trace the IPs and report them to THIER ISP from there it is forwarded to the FBI, additionally you can contact your own ISP to see if they can stop the attacks on the line and not penalize you for the added bandwidth.

Ghostship if you will pm me on how to come under thier radar i will gladly subjectify myself to these attacks and file a report accordingly.
BSD -  The Daemons Are No Longer Just Inside My Head.

Offline Ace

  • Forum Member
  • *****
  • Every new creation is the sum of old and new.
Re: Illegal Attacks On The Network
« Reply #8 on: July 17, 2009, 07:58:19 pm »
there are allso spoken about on phoenixlabs and deff are on emule list s
and allso on list.iblocklist.com/  blocklist s
 
            


Whois

Details zur IP-Adresse 129.47.160.220

OrgName:    Whittaker Corporation
OrgID:      WHITTA
Address:    1955 North Surveyor Ave
City:       Simi Valley
StateProv:  CA
PostalCode: 93063-3386
Country:    US

NetRange:   129.47.0.0 - 129.47.255.255
CIDR:       129.47.0.0/16
NetName:    WCAIFHLS
NetHandle:  NET-129-47-0-0-1
Parent:     NET-129-0-0-0-0
NetType:    Direct Assignment
Comment:   
RegDate:    1987-07-31
Updated:    2007-05-22

 are 100% anti p2p   even if you google          " are Whittaker Corporation anti p2p "
 the list is hugh of em being added to blocklist s
 which is a subsidiary of penny stock ArtistDirect which allso part of mediadefender
http://finance.yahoo.com/news/ARTISTdirect-Announces-pz-14837970.html

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Illegal Attacks On The Network
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.02 seconds with 24 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!