Need help from admins, how can I stop an on coming DDoS attack or can you do something about it?

This threat is very real and I am lost as what to do.

Thank you,

Sam

P.S: Was wondering if it would be possible (because I have notified you in advance), by the small chance the attack goes through (I think the person is bluffing, I hope not though) would I be able to get 'refunded' for the bandwidth lost? (Not refunded financially, as it is a free account)

They are almost always bluffing sometimes they dont even know HOW to do it. even if you did DDoS a website, what would you gain? Honestly

He's doing it for shits and giggles and I believe this person is more then capable. Just wanted to make sure something could be done about it.

We have very advanced anti-DDoS scripts installed on our servers, and anyone's attempt to DDoS it will only result in an automatic IP ban.

Though you shouldn't go out of your way to be a target for a DDoS attacks, in most cases we can take it on just fine.

If your account is a constant target for DDoS attacks, and it begins to affect the server's performance, your hosting account may be suspended or terminated.

Just to add a little note to Victor's post, one DDOS attack against your account will get you banned from UnlimitedMB for life. If you are doing something to make people want to DDOS attack your site we don't want you hosted here.

If you honestly think you should get refunded for the bandwidth that you waste on a DDOS attack, do you think that we should charge you for the abuse to our server?

What on earth? Who said anything about me antagonizing him? Why would I WANT a DDoS? Thank you for the information though. This was a moron at school asking his friend to annoy me. I wasn't enemies with this person, nor were we friends. We talked, and there was NOTHING to provoke him into asking his friend to do this. I still have no reason why he's asked his friend to do it.

I would suggest that if you know who it is you contact the proper authorities. It is a violation of many laws to DDOS someone, it is very damaging. Just because you we can probably block it doesn't mean it has long term effects, it still hurts the server.

If I were you I would contact your principal or SRO to try to prevent the kid from doing it.

Most people assume that someone isnt going to DDOS attack another person unless something was done to cause it. People usually don't DDOS attack people they dont want to harm.

Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act.

Taking this issue to the proper authorities would be a good way to get him to stop.

http://img384.imageshack.us/img384/6930/roflsmashtsr9.jpg

This is an image that this person has (somehow) posted on my forums, even after a hostname & IP ban.

How on earth is he getting into the FTP?
Edit: Don't worry, found out from a friend that he was just using an FTP reply, completely harmless.

Edit:
I know for certain now that this person is just a script kiddie, and is using someone else's "hacks". I have been re assured that the most damage this person can do, is crash the server & it would restart, but to him it would seem as though he'd successfully DDoS'd.

Edit:

Was wondering if I am able to access any logs concerning connections to the server? Wanting to look through to see what files specifically this person is targeting.

(Btw, have already contacted the police in my area and they say in the event that an attack does occur, the person will be taken in for questioning).

All DDos'ing does to a website is crash it for 2 secs the guy gets a error then it starts back again.. see? pointless lol

At the momment, we're catching him running bots to just load images from the forum over and over.

warn.gif (1.53 KB, 56x19 - viewed 33 times.)

* warn.png (4.15 KB, 56x19 - viewed 32 times.)

Since there is only 4 admins who can view it, and it gets cached, obviously somethings going on that shouldn't be.

He obviously knows that DDoSing isn't going to work here, and that he's in legal risk, so he's trying to find the biggest files he can find on your account, and load them continuously.

The images he's using are so small, he'll die before he can use up your bandwidth.

On a more serious note, he's trying to make you think he's in through FTP. Let me assure you, he's not. The only reason he has that list of images, is because he used a website copier, such as "HTTrack Website Copier", which downloads your whole site to his computer (or at least the parts that it can see) and all images associated with those pages.

For now my best advice would be to ignore the situation, you have already brought it to the police, and if anything more happens, you report it to them. By worrying, and spending so much time on the situation, you are doing exactly what he wants you to do.

He's obviously harmless at this point, so there shouldn't be much of a problem unless things escalate.

All DDos'ing does to a website is crash it for 2 secs the guy gets a error then it starts back again.. see? pointless lol

While that may seem like pointless and no big deal to you that is a big deal. He can bring down thousands of websites, if not tens of thousands of web sites depending on how he attacks the servers and if we can or cant defend them.

That is also not the only thing that happens. When a server has to put up with that abuse it is hard on the equipment itself.

The attack is happening as we speak, 35 guests, and bandwidth has jumped 300mb.

Edit:

Have found out he's mass downloading all files from the server using the bots.

Example:

Yesterday:
warn.gif (1.53 KB, 56x19 - viewed 33 times.)

* warn.png (4.15 KB, 56x19 - viewed 32 times.)

Today:
* warn.gif (1.53 KB, 56x19 - viewed 75 times.)

* warn.png (4.15 KB, 56x19 - viewed 74 times.)

Tomorrow, am having a meeting with principle to see if he can persuade the friend of the hacker to give the hackers address to police.

Edit:

Bandwidth has jumped to 3.14gb.

I want to take the initiative, I am requesting logs of all access attempts to the server @ dougamer.ulmb.com so I may forward them to my local police. I am hoping that I may be able to slow / actually teach this smart ass a lesson.

I am also involving any websites he may be signed upto (such as myspace, whom I have already messaged). I will need as much evidence as I possibly can to even start thinking about involving the police).

We do not keep any logs.

LMAO yes, but not all DDOS attack are due to people being hated!! some are done because they think their are king tut of shit island becuase they can do it. And if someone got banned because people are doing DDOS attacks because you do soemthing better then them.. then theirs something messed up. But theirs more then one way to stop this. My cousin friend stops people from DDOS alot of sites so ima ask what programs hes has and let you know. I use to do my own hosting off my Computer, But i reformmated my pc and lost the program. It gets all their Information while this is occuring in the mean time of getting info it see's what hes targeting VERY HELPFUL.

Very rarely is one attacked without cause. We have anti-DDoS protection, but the attacks still do damage to the server.