GPM Operational Issues

[daedaelus]

As im sure you guys know for the last 2 weeks we have been having a lot of issues with GPM. This is due to DDOSing and Hacking from a few former members of this community that feel we at GPM owe them something. For whatever reasons they have we feel GPM does not owe anyone anything we provide free downloads and a place for modders to host their mods without bandwidth limits and so mods can get the exposure they deserve. We have been working around the clock to add new countermeasures to stop these attacks. We know the identities of those doing this and have got law enforcement involved. We will continue to fight to counter attacks on GPM and just know we are not going anywhere. Please bare with us through this and understand that this site runs on ads and donations we are not a multi-million dollar company that has the money to hire a team of coders to solve these issues.

[Dhruv]

Scott,please don't take it as offensive,but I had a question in mind.
You said GPM 4.0 was based on VBulletin because it was more effective against the attacks than the IPB FS.Even still,we all are witnessing a massive affect of the DDoS attack on the site.
On the other hand,LCPD:FR was also attacked with the same denial of service attack shortly after GPM.But they managed to bring it back online,in just a matter of few hours.They're running it on IPB.How so?
I'm sorry,as I don't have full details of the attack on their site and I might be wrong because the attack on GPM may be more powerful and constant than on LCPD:FR,but if GPM's taken individually into account,its evident that even VBulletin is not proving much of a help,as I see it.Again,I might be wrong,but this is just my question/thought.

[Ryan01]

From My Understanding Our attack was much greater than the LCPDFR Attack. Another point you have to understand is that LCPDFR has a relatively small site, compared to ours witch is massive having a huge amount of posts and downloads.
So The software that we are using has little to no bearing to the state of the attacks.

[Dhruv]

Thanks for summing that up,sir.Doubts cleared :)

[Ryan01]

No Problem Sir, Have a good rest of your day. PM Me if you have any further questions.

[raggi5]

DDOS attacks focus on the server itself, not necessarily the software... software has little do do with DDOS attacks... however, vBulletin 4 is plagued with security holes.... most vbulletin forums get hacked eventually unless its an internet brands forum whom has a team of coders there to fix the exploits before they are used. as stated earlier, GPM doesn't have the resources to do that so they have to wait for patches from the software provider, (Internet Brands).

Just a helpful hint to the admins, disable vb blogs... its the most used route for exploits on vBulletin :)

[daedaelus]

Thanks for the tip we have disabled the plugins for the blogs along with several other things we felt necessary. Let me clarify, we are being DDOSed AND we the same people where exploiting. We mitigated the DDOS with a hardware firewall solution of which i wont name for security reasons. The exploiting we are working on but sadly out of all of them we feel VB is the most secure and what little techs we have are familiar with it.

[Mike]

Scott,please don't take it as offensive,but I had a question in mind.
You said GPM 4.0 was based on VBulletin because it was more effective against the attacks than the IPB FS.Even still,we all are witnessing a massive affect of the DDoS attack on the site.
On the other hand,LCPD:FR was also attacked with the same denial of service attack shortly after GPM.But they managed to bring it back online,in just a matter of few hours.They're running it on IPB.How so?
I'm sorry,as I don't have full details of the attack on their site and I might be wrong because the attack on GPM may be more powerful and constant than on LCPD:FR,but if GPM's taken individually into account,its evident that even VBulletin is not proving much of a help,as I see it.Again,I might be wrong,but this is just my question/thought.

A DDOS attack attacks the hardware network equipment, CPU and memory of the physical server and connected network equipment, such as the router, switches, and firewalls.
What CMS/Forum software you are using is not relevant when being attacked with a denial of service attack.
It sends unwanted traffic of abnormal size and quantity at abnormal periods of time, which causes the server itself to peak in CPU and memory usage, while the router will eventually overheat and break while it's trying to
figure out what packets are good and which are bad too fast.

LCPD:FR was also attacked, but not nearly as hard as GPM. GPMs attack casued physical (heavy duty) network-equipment to break at the datacenter which had to be replaced.
Now when we have made sure DDOS attacks isn't affecting us much anymore, they are trying to **** with us in other ways. Here the software matters.