For a few weeks now we've been seeing IPs from Canada attempting to flood the site. (Thus the crazy member counts!) The main IP involved in this mess it: [b]24.112.8.87[/b]
It's a linux box running a simple DOS script aimed at the website. The ISP info for the user is none other than Canada's most popular ISP.
[red]Domain Name: ROGERS.COM
Administrative Contact:
Rogers Shared Services - IT (AD2981-ORG)
[email protected] Rogers Shared Services - IT
45 Esna Park Drive
Markham, ON L3R 1C9
CA
(905)513-5047 fax: - (905)513-5012
Technical Contact:
Technical, Domain (TD299-ORG)
[email protected] Rogers Shared Services - IT
45 Esna Park Drive
Markham, ON L3R 1C9
CANADA
(905)513-5047
Fax- - - (905)513-5012[/red]
While they are not doing much damage, they are eating up resources (which will change with the upgrade coming in) and they are eating up BW. (Which will change when we block the IP at the firewall.) I have kept the IP free in order to gather as much information on the attacks as possible, I am now tired of doing so as Rogers seems to not care about it.
While I don't enjoy sharing private information like this, the IP above has not stopped their actions and so they are fair game as far as I'm concerned.
The site should only be down for about 10-20 minutes while the update goes in. [=)]