06.28.15

Gemini version available ♊︎

DDOS Attacks Against Techrights

Posted in Site News at 9:03 pm by Dr. Roy Schestowitz

Knocking the site over intentionally

Chess board

Summary: Information about some of the most recent DDOS attacks against this Web site and the steps to be taken next

THERE is a long history of DDOS attacks against Techrights, going back to 2008 or thereabouts. There were also press articles about DDOS attacks against the site (based on evidence provided to journalists upon request). Pinpointing who’s to blame for an attack is a lot harder than combating an attack (one way or another) and holding someone accountable is virtually impossible. People don’t just give themselves away so willing.

Over the past week there was a new pattern of DDOS attacks and they came from AWS servers, so I was able to file abuse reports and pursue this complaint (still work in progress). At this stage I am still hoping to see who or what group (or company) is behind it. This is clearly malicious.

Over the past few months I lost a lot of time (maybe hundreds of hours) due to DDOS attacks. It’s financially damaging and emotionally exhausting. I have been privately advised to file a report with the Dutch authorities over various DDOS attacks, which some told me might be connected to the EPO (or particular high-level staff at the EPO). Nonetheless, these efforts are usually a waste of time (I last tried around 8 years ago), so I did not bother. It’s a patience-draining experience that usually yields no results at all. It’s mostly symbolic. I did plan to write about this at some later stage and I even told one person that I might write more about intricate details of the attacks one day, maybe after the storm is settled at the EPO (giving too much information away usually helps the attacker). Today I would like to share some information about recent DDOS attacks and patterns that were noticed. This is information that won’t help the attacker; rather, it might discourage the attacker.

Referring to our DDOS complaints (IP addresses of the EPO hammering on our server quite heavily) and my recent “tweet”, one person told me that “The EPO IU is based in Munich but that doesn’t really tell you anything about what IP addresses are going to appear on traffic from the EPO.

“As far as [I'm] informed much of the EPO’s IT infrastructure is located in the Hague (Rijswijk) office. So even Internet traffic from Munich may be routed through a proxy in the Hague and appear with a Netherlands IP address. In any case the IU (in Munich) could presumably delegate tasks to an IT department (which could be based in the Hague).

“But the fact that you seem to be identifying IP addresses assigned to the EPO is in itself revealing.

“A lot of EPO addresses begin with 145.64 [...] You can find many of the address blocks in the db-ip.com database. For example: https://db-ip.com/all/145.64.0

“But it’s important to note that the geographical location nominally associated with the EPO IP address (e.g. Rijswijk/Hague) doesn’t really tell you where the user of the IP address is physically located (e.g. whether in Munich or the Hague).”

More technical information about the nature of the DDOS-induced strain can be published when the storm at the EPO is over. I can only speculate about who’s behind the attacks and weigh the probabilities. There is no ‘smoking gun’ just yet.

Some things, like the nature of attacks on this site, can be published upon key events, such as key facts about SIPO/Željko Topić corruption being published after a defamation trial reveals that allegations have merit and are most likely true. It would be safer for Techrights to limit sharing of information temporarily and to do so (against accusations or retaliatory tactics) only until perceived foes are powerless and widely scrutinised.

“You could try filing a criminal complaint with the Dutch authorities,” one person told me. “It seems that they have take action against DDOS attacks in the past.

“The EPO will probably try to hide behind its “immunity” but that should not protect it in this case as DDOS is not part of its official functions.”

DDOS attacks are very hard to analyse for original sources, speaking as a system administrator here. As far back as pre-2010 I have tried complaining to British authorities and it never led to the slightest of actions. They don’t even know what DDOS means, until or unless it attacks some major business or a governmental institution. Experience teaches that it’s a waste of time to even initiate action and I already have a big battle with BT (since March) and another one brewing with Amazon (over the latest DDOS against Techrights). Amazon will hopefully unmask (perhaps under increasing pressure) the identity of the account behind it all. This needs to happen soon, maybe this week.

“You may be right,” wrote to us another person with some background in this area. “It’s probably easier just to block the addresses.” Well, it’s not always possible, not with AWS anyway (far too many IP addresses).

Speaking again with one who is familiar with the EPO’s network, I begin to consider filing a complaint directly with the EPO. “As mentioned previously,” wrote to us one person, “as far as we can determine, most officially registered EPO addresses begin with 145.64.

“See here: http://bgp.he.net/AS28756#_prefixes

“Also here: https://ipinfo.io/AS28756

The E-mail addresses listed for the Network Administrators at the EPO under the second link above are rather clear.

ywoue@epo.org and wherler@epo.org (that’s Wolfgang Herler) will soon be contacted.

We found two further E-mail addresses here: jbielsa@epo.org and nderuiter@epo.org (that’s Niek de Ruiter).

There is also an “impersonal” E-mail address for Network Administration: admin_network@epo.org

Once I get to the bottom of the DDOS attacks from Amazon AWS I may also make time to file a detailed complaint to the above addresses, complete with a list of offending EPO IP addresses (which automatically got banned by our security software/defences, based on their erratic behaviour).

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New

  1. [Meme] EU Assurances

    The EPO‘s staff cannot be blamed for losing patience as elected public representatives completely fail to do their job (with few exceptions)

  2. Clare Daly (GUE/NGL) Does What Every Public Official in Europe Should Have Done About EPO Shenanigans

    There’s another (new) push to hold the EPO accountable, seeing that the overseers clearly do not do their job and instead cover up the abuses

  3. Links 7/12/2021: Firefox 96 Beta and Fedora 37 Abandons ARMv7

    Links for the day

  4. Links 7/12/2021: Plasma Mobile Gear 21.12 and Tails 4.25

    Links for the day

  5. All IRC Logs Now Available as GemText Over Gemini Protocol

    Today we've completed the transition from plain text over gemini:// to GemText over gemini:// for IRC logs

  6. IRC Proceedings: Monday, December 06, 2021

    IRC logs for Monday, December 06, 2021

  7. [Meme] Rowing to the Bottom of the Ocean

    The EPO‘s Steve Rowan (VP1) is failing EPO staff and sort of “firing” workers during times of crisis (not at all a crisis to the EPO’s coffers)

  8. EPO Gradually Reduced to 'Fee Collection Agency' Which Eliminates Its Very Own Staff

    Mr. Redundancies and Mr. Cloud are outsourcing EPO jobs to Microsoft and Serco as if the EPO is an American corporation, providing no comfort to long-serving EPO staff

  9. Linux Foundation 2021 Annual Report Made on an Apple Mac Using Proprietary Software

    Yes, you’re reading this correctly. They still reject both “Linux” and “Open Source” (no dogfooding). This annual report is badly compressed; each page of the PDF is, on average, almost a megabyte in size (58.8 MB for a report of this scale is unreasonable and discriminates against people in countries with slow Internet connections); notice how they’re milking the brand in the first page (straight after the cover page, the 1991 ‘creation myth’, ignoring GNU); remember that this foundation is named after a trademark which is not even its own!

  10. Links 7/12/2021: OpenIndiana Hipster 2021.10 and AppStream 0.15

    Links for the day

  11. Microsoft “Defender” Pretender Attacks Random Software That Uses NSIS for installation; “Super Duper Secure Mode” for Edge is a Laugh

    Guest post by Ryan, reprinted with permission

  12. Links 6/12/2021: LibreOffice Maintenance Releases, Firefox 95 Finalised

    Links for the day

  13. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission

  14. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already

  15. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?

  16. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him

  17. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)

  18. Links 6/12/2021: HowTos and Patents

    Links for the day

  19. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021

  20. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://

  21. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day

  22. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day

  23. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large

  24. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)

  25. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary

  26. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)

  27. IRC Proceedings: Saturday, December 04, 2021

    IRC logs for Saturday, December 04, 2021

  28. EPO-Bribed IAM 'Media' Has Praised Quality, Which Even EPO Staff (Examiners) Does Not Praise

    It's easy to see something is terribly wrong when the people who do the actual work do not agree with the media's praise of their work (a praise motivated by a nefarious, alternate agenda)

  29. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.

  30. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts