use the following search parameters to narrow your results:
e.g. subreddit:pics site:imgur.com dog
subreddit:pics site:imgur.com dog
advanced search: by author, sub...
~0 users here now
This is Saidit's main sub for things related to the saidit.net website itself.
If you need help with using this website or related tools, post in /s/help. If you want a place to post any topic to the community, try /s/whatever or /s/asksaidit. If you want to create a wiki page, use /s/wiki.
Worst DDOS attack in saidit's history blocked 6 hours ago
submitted 3 years ago by magnora7 from self.SaidIt
view the rest of the comments →
[–]moblack 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - 3 years ago (15 children)
How do you guys learn this, Im trying to get into cybersecurity and will accept any help I can get.
[–]magnora7[S] 15 insightful - 4 fun15 insightful - 3 fun16 insightful - 3 fun16 insightful - 4 fun - 3 years ago (14 children)
I learned it by making a website that got popular enough to be attacked constantly, and I was basically forced to learn it, haha. But I do enjoy it, it's a lot like the cool computer stories I used to read about as a teenager, where you can see all this connecting activity happening to the server and you have to come up with tricks and tools to prevent each type of weakness in the system as the problems arise in real-time.
If you want to learn the basics, I suggest reading about cloudflare, and all the hundreds of settings that can be set within that commonly-used firewall program. If you understand all the options within cloudflare, you're very well on your way to having a good understanding of cybersecurity. Cloudflare sits in front of the server, and if we get a billion requests it can deal with that and only let the appropriate traffic through. The hard part is coming up with good rules for what is considered "appropriate traffic", which is often unique to every site
[–][deleted] 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - 3 years ago (1 child)
i dont no if it would be helpful or not, but i use a 4g connection and i noticed when these attacks were happening i was getting caught up in the couldflare blockages, i dont no much about all this cyber stuff but if the info helps you stop them. it occured to me they may have been using a similar connection. at least before the vpns. the cell towers would be quite hard to track i would imagine. just figured id mention in case the info was useful.
[–]magnora7[S] 4 insightful - 4 fun4 insightful - 3 fun5 insightful - 3 fun5 insightful - 4 fun - 3 years ago (0 children)
Thanks!
[–]Extract 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - 3 years ago (11 children)
Oh, so you are merely using CF?
From what you wrote earlier, I thought you actually wrote your own (or used open source) FW, complete with efficient ML models to study the attacker's patterns and get better over time.
Since you are actually just using all those features provided by CF, I got a question - what will you do if CF decides to stop protecting your your site? After all, they did drop 8chan (now 8kun) after enough pressure.
[–]magnora7[S] 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - 3 years ago* (10 children)
I did write my own scripts, it just interfaces with CF. If they stop we can change providers
[–]Extract 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago (7 children)
Then I hope those scripts are modular enough to work with open source solutions.
Those DDOS attacks were just the beginning - when the hostile parties see they aren't working well enough, the next step will be to smear this site in various "journalistic" outlets, then pressure various 3rd parties (CF, Visa, PayPal, and the rest of the usual companies) to de-platform you while providing them the manufactured outrage as an excuse.
[–]magnora7[S] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - 3 years ago* (0 children)
I think they are, they can be easily adapted to other firewall services, especially if they use JSON-formatted APIs.
Yeah I know we're likely to face various troubles as we grow, I've watched what's happened to gab and voat and so on
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (5 children)
they will try to go through the hosting provider and get it kicked off that way, like they did with gab
[–]Extract 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (4 children)
That is a pretty bad way, as there are actually countless international hosting providers outside the GCP/AWS/DO, and even more national ones.
He should be more vary of the actual danger.
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (3 children)
hm. it seemed like gab had a lot of trouble with this though. are you sure it's not something to worry about and prepare against?
[–]Extract 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (2 children)
Of course it's something to prepare against. I'm just saying, preparation should not be hard - if you don't believe me, you can easily find many storage providers in relatively "safe" countries, this being one example I found after a quick search.
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - 3 years ago (1 child)
Why did gab have a difficult time with it then? Was stuff like this not available a few years ago? I guess gab didn't go down for very long but it seemed like there was somewhat of a struggle and they were extremely grateful to find a company willing to host them when they did. I didn't follow all the details but that's what I remember.
[–]beermeem 2 insightful - 3 fun2 insightful - 2 fun3 insightful - 2 fun3 insightful - 3 fun - 3 years ago (1 child)
Change on Thursday
Don't ask me how I know
[–]magnora7[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - 3 years ago (0 children)
Why would we do that?
view the rest of the comments →
[–]moblack 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - (15 children)
[–]magnora7[S] 15 insightful - 4 fun15 insightful - 3 fun16 insightful - 3 fun16 insightful - 4 fun - (14 children)
[–][deleted] 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - (1 child)
[–]magnora7[S] 4 insightful - 4 fun4 insightful - 3 fun5 insightful - 3 fun5 insightful - 4 fun - (0 children)
[–]Extract 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - (11 children)
[–]magnora7[S] 6 insightful - 3 fun6 insightful - 2 fun7 insightful - 2 fun7 insightful - 3 fun - (10 children)
[–]Extract 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (7 children)
[–]magnora7[S] 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 1 fun4 insightful - 2 fun - (0 children)
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (5 children)
[–]Extract 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (4 children)
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (3 children)
[–]Extract 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (2 children)
[–]yellow_algebra_31 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 0 fun2 insightful - 1 fun - (1 child)
[–]beermeem 2 insightful - 3 fun2 insightful - 2 fun3 insightful - 2 fun3 insightful - 3 fun - (1 child)
[–]magnora7[S] 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 1 fun3 insightful - 2 fun - (0 children)