06.28.15

Gemini version available ♊︎

DDOS Attacks Against Techrights

Posted in Site News at 9:03 pm by Dr. Roy Schestowitz

Knocking the site over intentionally

Chess board

Summary: Information about some of the most recent DDOS attacks against this Web site and the steps to be taken next

THERE is a long history of DDOS attacks against Techrights, going back to 2008 or thereabouts. There were also press articles about DDOS attacks against the site (based on evidence provided to journalists upon request). Pinpointing who’s to blame for an attack is a lot harder than combating an attack (one way or another) and holding someone accountable is virtually impossible. People don’t just give themselves away so willing.

Over the past week there was a new pattern of DDOS attacks and they came from AWS servers, so I was able to file abuse reports and pursue this complaint (still work in progress). At this stage I am still hoping to see who or what group (or company) is behind it. This is clearly malicious.

Over the past few months I lost a lot of time (maybe hundreds of hours) due to DDOS attacks. It’s financially damaging and emotionally exhausting. I have been privately advised to file a report with the Dutch authorities over various DDOS attacks, which some told me might be connected to the EPO (or particular high-level staff at the EPO). Nonetheless, these efforts are usually a waste of time (I last tried around 8 years ago), so I did not bother. It’s a patience-draining experience that usually yields no results at all. It’s mostly symbolic. I did plan to write about this at some later stage and I even told one person that I might write more about intricate details of the attacks one day, maybe after the storm is settled at the EPO (giving too much information away usually helps the attacker). Today I would like to share some information about recent DDOS attacks and patterns that were noticed. This is information that won’t help the attacker; rather, it might discourage the attacker.

Referring to our DDOS complaints (IP addresses of the EPO hammering on our server quite heavily) and my recent “tweet”, one person told me that “The EPO IU is based in Munich but that doesn’t really tell you anything about what IP addresses are going to appear on traffic from the EPO.

“As far as [I'm] informed much of the EPO’s IT infrastructure is located in the Hague (Rijswijk) office. So even Internet traffic from Munich may be routed through a proxy in the Hague and appear with a Netherlands IP address. In any case the IU (in Munich) could presumably delegate tasks to an IT department (which could be based in the Hague).

“But the fact that you seem to be identifying IP addresses assigned to the EPO is in itself revealing.

“A lot of EPO addresses begin with 145.64 [...] You can find many of the address blocks in the db-ip.com database. For example: https://db-ip.com/all/145.64.0

“But it’s important to note that the geographical location nominally associated with the EPO IP address (e.g. Rijswijk/Hague) doesn’t really tell you where the user of the IP address is physically located (e.g. whether in Munich or the Hague).”

More technical information about the nature of the DDOS-induced strain can be published when the storm at the EPO is over. I can only speculate about who’s behind the attacks and weigh the probabilities. There is no ‘smoking gun’ just yet.

Some things, like the nature of attacks on this site, can be published upon key events, such as key facts about SIPO/Željko Topić corruption being published after a defamation trial reveals that allegations have merit and are most likely true. It would be safer for Techrights to limit sharing of information temporarily and to do so (against accusations or retaliatory tactics) only until perceived foes are powerless and widely scrutinised.

“You could try filing a criminal complaint with the Dutch authorities,” one person told me. “It seems that they have take action against DDOS attacks in the past.

“The EPO will probably try to hide behind its “immunity” but that should not protect it in this case as DDOS is not part of its official functions.”

DDOS attacks are very hard to analyse for original sources, speaking as a system administrator here. As far back as pre-2010 I have tried complaining to British authorities and it never led to the slightest of actions. They don’t even know what DDOS means, until or unless it attacks some major business or a governmental institution. Experience teaches that it’s a waste of time to even initiate action and I already have a big battle with BT (since March) and another one brewing with Amazon (over the latest DDOS against Techrights). Amazon will hopefully unmask (perhaps under increasing pressure) the identity of the account behind it all. This needs to happen soon, maybe this week.

“You may be right,” wrote to us another person with some background in this area. “It’s probably easier just to block the addresses.” Well, it’s not always possible, not with AWS anyway (far too many IP addresses).

Speaking again with one who is familiar with the EPO’s network, I begin to consider filing a complaint directly with the EPO. “As mentioned previously,” wrote to us one person, “as far as we can determine, most officially registered EPO addresses begin with 145.64.

“See here: http://bgp.he.net/AS28756#_prefixes

“Also here: https://ipinfo.io/AS28756

The E-mail addresses listed for the Network Administrators at the EPO under the second link above are rather clear.

ywoue@epo.org and wherler@epo.org (that’s Wolfgang Herler) will soon be contacted.

We found two further E-mail addresses here: jbielsa@epo.org and nderuiter@epo.org (that’s Niek de Ruiter).

There is also an “impersonal” E-mail address for Network Administration: admin_network@epo.org

Once I get to the bottom of the DDOS attacks from Amazon AWS I may also make time to file a detailed complaint to the above addresses, complete with a list of offending EPO IP addresses (which automatically got banned by our security software/defences, based on their erratic behaviour).

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day

  2. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”

  3. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day

  4. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023

  5. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"

  6. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.

  7. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software

  8. Debian 11 on My Main Rig: So Far Mostly OK, But Missing Some Software From Debian 10

    Distributions of GNU/Linux keep urging us to move to the latest, but is the latest always the greatest? On Friday my Debian 10 drive died, so I started moving to Debian 11 on a new drive and here's what that did to my life.

  9. Stigmatising GNU/Linux for Not Withstanding Hardware Failures

    Nowadays "the news" is polluted with a lot of GNU/Linux-hostile nonsense; like with patents, the signal-to-noise ratio is appalling and here we deal with a poor 'report' about "Linux servers" failing to work

  10. Microsofters Inside Sirius 'Open Source'

    Sirius ‘Open Source’ has been employing incompetent managers for years — a sentiment shared among colleagues by the way; today we examine some glaring examples with redacted communications to prove it

  11. Links 29/01/2023: GNOME 43.3 Fixes and Lots About Games

    Links for the day

  12. The Hey Hype Machine

    "Hey Hype" or "Hey Hi" (AI) has been dominating the press lately and a lot of that seems to boil down to paid-for marketing; we need to understand what's truly going on and not be distracted by the substance-less hype

  13. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023

  14. Unmasking AI

    A guest article by Andy Farnell

  15. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage

  16. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day

  17. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023

  18. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)

  19. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan

  20. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)

  21. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)

  22. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023

  23. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape

  24. Geminispace Approaching Another Growth Milestone (2,300 Active Capsules)

    The expansion of Geminispace is worth noting again because another milestone is approached, flirted with, or will be surpassed this coming weekend

  25. [Meme] Cannot Get a Phone to Work... in 2022

    Sirius ‘Open Source’ wasted hours of workers’ time just testing the phone after it had moved to a defective system of Google (proprietary); instead of a rollback (back to Asterisk) the company doubled down on the faulty system and the phones still didn’t work properly, resulting in missing calls and angst (the company just blamed the workers who all along rejected this new system)

  26. [Meme] Modern Phones

    Sirius ‘Open Source’ is mistaking “modern” for better; insecurity and a lack of tech savvy typically leads to that

  27. The ISO Delusion: Sirius Corporation Demonstrates a Lack of Understanding of Security and Privacy

    Sirius ‘Open Source’, emboldened by ISO ‘paperwork’ (certification), lost sight of what it truly takes to run a business securely, mistaking worthless gadgets for “advancement” while compelling staff to sign a new contract in a hurry (prior contract-signing scandals notwithstanding)

  28. Links 26/01/2023: LibreOffice 7.4.5 and Ubuntu Pro Offers

    Links for the day

  29. Links 26/01/2023: GNU poke 3.0 and PipeWire 0.3.65

    Links for the day

  30. IRC Proceedings: Wednesday, January 25, 2023

    IRC logs for Wednesday, January 25, 2023

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts