Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Constantinosnowyfail strikes again - Main site taken down with 2GBPs DDoS. - Page 4
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Constantinosnowyfail strikes again - Main site taken down with 2GBPs DDoS.

124»

Comments

  • I'm not entirely convinced the new attacks are related. Despite my (very) aggressive investigations and probing after the initial attacks, we haven't had any more real hits. Either he's realized that a 10$ botnet really isn't going to do anything more than give our IRCd indigestion, or he's trying to save up to pay for a decent sized net.

    Or, potentially arrested.

  • There is a 4th thing that could have happened. Murdered/Suicided.

  • CVPS_ChrisCVPS_Chris Member, Patron Provider

    @VMPort said: Our site was taken down with a 2Gbps DDoS attack last night, we are working with our provider to get some source IP porn. If any other providers that were involved in this have any info that might help, please get in touch :)

    Everything seems back to normal, for now.

    We were hit also, but absorbed that like a clean tampon.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @CVPS_Chris said: We were hit also, but absorbed that like a clean tampon.

    It's easy to 'absorb' when the flood is only 120 seconds at a time. :P

    Whoever is doing it is just using a dumb booter.

    Francisco

  • @CVPS_Chris - You should get with us and the others with the IPs that hit you. We're working on getting a good section of these nets taken offline.

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @liam said: So? He already knows hes F***ed. Many people are capable of paying $10 for a botnet and launching an attack. Obviously some provider or individual who has it in for you.

    There's only so many booters, and most booters we've had to deal with have shared 'members'. On hackforums you can buy 'rooted udp shells' for however much and you can 'build your own booter!'. The boxes aren't dedicated though and it's almost always hacked OVH boxes.

  • How come everyone blames that guy, Const. ? Is he targeting all the hosts in LET, if someone has some time, please explain shortly what is he doing, what he took down (except LEB) and etc.

    We also have been hit multiple times (more than usual) the past week, however we managed to handle the attacks with less than an hour of downtime of our main website. However I am pretty sure that it was not Const. (cant spell hsi full name, got no idea how it is spelled), we have been posted months ago on here, so he can't be targeting us though. Anyway, if someoen can share the IPs that he uses to attack, would be great.

  • No offense mec, but I believe you misspelled your username.

    I doubt that the recent attacks are directly from Constantinos. More likely, he has indirectly shown several groups of skiddies that many hosts are not on quality lines, and can be easily be brought offline (or at the very least, eat through bandwidth) by using cheap booters.

    No responsible host would publicly share a list of attacking IPs. C&C nets are composed of compromised machines... posting that list would be a veritable buffet of easy-access targets for skids.

    With that being said... a handful of folks with professional experience in dealing with these types of issues are handling these attacks through proper channels. If you have any information you'd like to put forward to help get these botnets shut down, kindly email the details to myself ([email protected]) or @Chief. I've already made my actions on this public.. but in the interest of keeping the others out of the spotlight, I'm not going to name them, so kindly refrain from asking.

  • BernardooBernardoo Member
    edited March 2012

    @LiqiudSolutions

    He made a company called HostRail that made close to no profit and it ended up closing down with allot of debts and he didn't refund the customers after just closing it down. ( Threads: http://www.lowendbox.com/blog/hostrail-1-20-256mb-openvz-vps-exclusive-offer/ and http://www.lowendbox.com/blog/hostrail-1-05-256mb-openvz-vps/ and http://www.lowendbox.com/blog/deadpool-june-2011/ and http://www.webhostingtalk.com/showthread.php?t=1060255 ).

    Not long ago he started another company with someone else where he always said that he was never involved but the LowEndTalk community ended up finding that was also involved and actively participating on this company ( Threads: http://www.lowendtalk.com/discussion/1365 and http://www.lowendtalk.com/discussion/1570 )

    After this the company ended up closing because no one got a VPS from him due to his previous scam, and he blames lowendtalk for it and starts sending DDoS to it and any company related with it he also sent DDoS to webhostingtalk ( threads: http://www.lowendtalk.com/discussion/1714 and http://www.lowendtalk.com/discussion/1718 and http://www.lowendtalk.com/discussion/1713 and http://www.lowendtalk.com/discussion/1715 wht: http://www.webhostingtalk.com/showthread.php?t=1133121 )

    i think this is it.

    EDIT:

    I forgot to say he also started another company in the mean while called sturdyvps that most likely already closed tho.

  • @DotVPS

    Not much it was all about searching HostRail/HostSnowy/SturdyVPS and they all popped up after a quick search.

    The story itself was also really easy i was here seeing it all but i guess about 4 minutes.

  • Constantinos [I presume] attacked me about 2 days back. I kept this mostly quiet after mitigating his attack, but since it was kinda a fail attack... Let's just say putting in place measures for port 80 after bringing it down for a little did the trick :)

  • It looks like everyone is blaming constantinos for any downtime they have... it gets funny now...

  • FLVPSFLVPS Member

    @Naruto said: My cat likes to fluff and lick my neck, lick my armpits hard, and if I burp she likes to smell it.

    You remind me of the guy who disappeared off of IRC so we took all his logs, made an IRC bot to randomly say his randomness (he was a drug addict), and nobody noticed for about 2 years.

    Anyone up for completing such a task?

  • I am already a bot.

  • MaouniqueMaounique Host Rep, Veteran

    @FLVPS said: You remind me of the guy who disappeared off of IRC so we took all his logs, made an IRC bot to randomly say his randomness (he was a drug addict), and nobody noticed for about 2 years.

    Really :o Ppl are crazier than I thought :o
    M

  • JacobJacob Member

    We have KS2 down due to a 2Gbit DDOS, Not sure what IP this was aimed at as of yet just waiting to see the port graphs. But a entire IP Range was nullrouted due to this so I'm just going to go ahead and put the blame on Constantinos.

  • @Jacob

    We wouldn't have it any other way :3

  • Ash_HawkridgeAsh_Hawkridge Member
    edited March 2012

    @liam

    Seriously what is your problem with me, you follow me round like a little puppy dog. I didn't know aldryic was the only person allowed to use smiley's. Honestly i would love to know though (What your issue is).

  • You added the ":P Are you servers up yet?" after i posted that so don't try to make me look like a mug :)

  • I wonder if Constantinos is under 7 proxies.

    /lame4chanjoke

  • @liam said: I don't think you can have '.' after a smiley and the start of the question began where the capital letter was 'Are'.

    What are you going on about? Originally your post was just;

    Stop copying @aldryic :3

    Then you added the;

    :P Are you servers up yet?

    After i posted, what's so hard to understand about that. If you would have put that originally i would have known you were joking, but you didn't. Or are you now going to claim im lying? Because im sure we can get somebody to check if your post was edited after you posted it.

  • Ash_HawkridgeAsh_Hawkridge Member
    edited March 2012

    Nah its cool man. And your right it did look arsey until you added that haha and if that's how the original post that i saw was i would have known you were joking :)

    Forget about it, just another common internet misunderstanding lol

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @liam said: I literally edited it a few seconds after publishing - you're too on the ball!

    More like his F5 key is burned out. :3

    Francisco

  • what's up guys? :3

    Thanked by 1Ash_Hawkridge
  • @Mon5t3r

    Thank you for the LOL :)

  • So many notifications -_-;

  • @Aldryic said: So many notifications -_-;

    So little time?

Sign In or Register to comment.