It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


Counter Terrorism group attacked/probed my servers

page: 1

log in


posted on Sep, 19 2008 @ 04:01 PM
I was going to post this as a reply in the "phone tapped" thread. But seeing as it wasn't, I decided to open a new one.

THREE of my dedicated hosting servers were attacked/probed a few days ago from an IP pointing towards: ""
Should I worry?
None of our clients have anything remotely close to anyone saying anything anti-gov/us even. They mostly are your run of the mill "Fan pages". Though one of the pages they kept hitting over and over was a off-topic post in a client's forum where a visitor posted one of those "truth about palin" youtube videos (before the youtube video was pulled that is)... Looks like they were trying to DDos it.

When I saw the IP in my log (which couldn't have been spoofed) it peeked my attention/curiousity.

posted on Sep, 19 2008 @ 04:49 PM
Well, apart from the possibility that someone spoofed the IP, it doesn't seem the server that probed yours has any relation to the government or counter terrorism - it seems to be part of the social sciences faculty ( - although there is no website there to prove it.

Anyway, I took the chance of probing the server myself (after surfing to the address, which showed the standard 'It's working' from apache), and it seems to be running Windows and FileZilla ftpd - just tiny indicators that this is a private server, counterterrorism being just a name (some people choose weird subdomainnames for their servers - it's not their fault they're weird ;D! ).

I don't think there is anything to worry about. Especially since your servers are clean :] .. If they are powerful and such, I guess I'll notice soon, having probed them! ;D

posted on Sep, 19 2008 @ 05:40 PM
Ehrm, was gonna edit my previous post but after deleting almost every sentence, I thought it would be better to post a new message.

I found the website's address, . There's also something called InvestigatorTools at , a listing of urls to databases per state. So it actually does tie into the government, at least when it comes to academic research. But still I do not think they use their webserver to find terrorists - especially since the server itself isn't too secure.

Still I think you needn't worry - I'm just a bit less sure about myself now ;D

posted on Sep, 19 2008 @ 06:44 PM
Thank you scraze for the responses. I'm a little more at ease now.
The system I have setup on the servers - I'd say 70% of the time if the attacker uses a proxy or spoof IP it will still show the original source IP as well in the logs. The IP for the above mentioned hostname was both in the IP and referrer fields. Which is a good indicator it's valid.
What bugs me the most is their DOS attempt that went on for about 2 hours on a client's (celebrity fan based) forum that had the "Truth about Palin" whatever video.

Maybe I'm a bit too conspiratorial... But... It almost seems "they" are protecting her over and above for some reason.

Not tinfoil hat time..............Yet...........

[edit on 9/19/2008 by justme2]

posted on Sep, 19 2008 @ 06:57 PM
to me they sound like a political attack dog given spying powers under anti terrorism laws.

they probably see palin as a vital cog in thier partys re election therefore are researching and attempting to silence any criticism of her using laws passed only to fight terror offences.

if in anyway this could be oh my what a field day that would be!.anti terror laws being used for purely party political reasons, whoh!!!

posted on Sep, 19 2008 @ 07:21 PM
reply to post by welivefortheson

That would be something. All I have though are the logs.
In this day and age, it seems my mantra as of late has been "Nothing would surprise me anymore".
I just thought it odd that they kept hitting (thousands of times w/i a couple hours) the same page with the Palin thing. I know their goal was to crash the servers. But.........They have been globally blocked

I let it go on for those couple of hours just to see what they were up to/what methods/etc. As each attempt is basically a learning experience for me to keep up on what the latest tactics are/to fortify the defenses. Or I would have blocked them sooner.

posted on Sep, 19 2008 @ 07:31 PM

I wonder if this is an official program sponsored by the university or a private site hosted on the university server?

posted on Sep, 19 2008 @ 07:37 PM
reply to post by clay2 baraka

That's an interesting question. I will attempt to call the university on monday since I have free long distance.

top topics


log in