BFA is under attack from an unknown outside entity. The website is down and communications systems are non-functional. They’ve issued this press release:

Here’s what we know so far . . .

If you’ve tried to visit our website today, you know it’s not there any more. At some time this morning, it came under attack from an outside source. FACTS:

Our IT guy says it’s a “denial of service” or DoS attack. This is not the ordinary “hack” attack that we’ve experienced many times in the past. A DoS attack involves using significant resources to bombard a server to temporarily or permanently disrupt service.

This attack took out our websites, both Buckeye Firearms Association and Buckeye Firearms Foundation.

Our email communication services also went down. Leaders are located all over the state of Ohio, so we’ve had to set up a temporary alternate email list to stay in touch as we work through this issue.

This attack was so overwhelming, it took down the entire company that hosts our website. Thousands of IP addresses have been caught up in the digital bloodshed.

Shortly after all the company servers went down, their power went down. And our IT guy says his cell phone service vanished.

We don’t yet know where this attack came from, but we find it hard to believe that it is a coincidence that it’s happening at the very moment a story went national about raising funds to enable George Zimmerman to purchase a new firearm after Eric Holder and the DOJ decided to prevent him from getting his personal property back. We’ve received threats, hate male, and angry late night phone calls. We’re sending you this message to let you know what’s going on just in case they take out more of our resources and we are unable to communicate with you.

REST ASSURED: We are working on getting our website back up. And the work goes on to push pro-gun legislation, meet with law makers, and defend the Second Amendment. We may communicate online, but our strength has always been in our vast grassroots and our personal relationships with your representatives in government. The check to Zimmerman is being sent to him as you read this. We collected $25,000 from our recent gun raffle. Our events and teacher training classes are moving forward. We CANNOT be stopped by technological temper tantrums like this.

We’re posting updates on our Facebook page as we know more. You can visit it here: & Communications Director


Recommended For You

93 Responses to Buckeye Firearms Association DoS Attack for Zimmerman Post

    • It is two lines in a control list, that should be there anyways.
      Just dump all malformed packets right away. Problem solved..
      That should be done on the ACL on the edge router. Any self respecting hosting service will have done this already.
      DDOS is script kitty bull crap. Now power going out and cell service cut, hmmmm…
      Do I need my Tin Foil Hat????

        • Basically, there are very easy to spot indicators that allow you to identify and spot most DDOS attacks. It’s a technique that has fallen out of favor with “professionals” lately because countermeasures exist and have been generally implemented. It can still be pulled off, but requires massive resources that most “professionals” can use far more effectively. A “script kitty” (I generally use “script kiddie”, but both are correct) is a “hacker” who has only a rudimentary knowledge of real network intrusion techniques and relies overly on canned attack software that they did not write themselves and often do not fully understand.

        • pwrserge I agree. If it were a really bad attack you would never know they were even there until it was all over..

      • access control lists wont block legitimate server requests, which is what most current denial of service attacks on websites use, not “malformed packets”. it may be “script kitty bull crap” as you call it, but it works and thats all that matters. BFA is staffed by volunteers and funded by donations. If you’d like to help them secure their site, feel free to contribute time or money.

        • Except that to launch that sort of attack requires far more resources than a typical group would have access to. You would need to prep the ground work for days if no weeks or use resources you already have in place.

        • Been battling Anon myself.. no time really…
          If they use a botnet then they can use a normal packet, lets say port 80, etc. That makes sense but you need a large number to in fact hold open the connections.
          Anon hit us once, and they used a botnet. they hit us on 80, 443, and 25 TCP, with malformed large packets. Besides the fact they were pushing the bandwidth, the malformed packets held open the connection so it took far less to bring us down.
          They should be able to throttle the number of requests from a single source as well. It isn’t hard with the right hardware.
          I am by no means harping on them it guy. Most folks don’t ever think about it until something like this happens. We were down for almost a day when we got hit so believe me I feel the pain.
          Easiest thing for the IT guy to do is just reset everything if he has direct control of the servers. Any edge routers need to have at minimum their network services restarted, although with a power outage, I am sure folks at the data center are running around like crazy people.
          Also one other thing the BFA might want to consider is use a separate hosting service for their website, and any internal items like email etc are completely separate. We split ours off following the attack. If they bring our main site down who cares so long as I can send email.

        • Power outage would not injure the servers – most have backup power. It is what it is. IT thinking this can’t happen to us and such. Like Daniel said, unless it is an extremely sophisticated DDOS most server software already has the means to counter them.

          The 600 pound gorilla question is: where did the requests originate. That should be proxies but those can be tracked too.

        • Anon (and pretty much any other entity) rents their botnets. Use once and walk away clean.

  1. Every time you think you’ve seen the nastiest, most corrupt, most MORALLY BANKRUPT administration in U.S. history, you’re soon enough proved wrong.

    And come ON, we know that these attacks come from within the Obama administration, and, in all likelihood, from within the White House itself.

    And I don’t mean Michelle. Who’s got the “conspiracy theorist” and “tinfoil hat” accusations? Surely you brought them…

        • I didn’t notice that part of the original story until later. Given that, DDoS attack seems pretty unlikely – more than likely is that their ISP’s redundancy for anything sucks, or they lost their comms circuits.

        • Jeff, from what I have read, the power went out a short time AFTER the DDoS started and that the website was already down when they lost the power.

      • Anonymous has shown a pretty strong pro-gun stance. Mainly because the recognize that a well armed populace is the greatest protection against tyranny.

    • Tinfoil hat? You, sir, are either a master of satire and irony, or need a straight jacket. Everything comes back to the president, and it’s a great joke, or a cry for help and attention. You do realize that the death threats to Buckeye HELP the administrations gun control efforts, right? So, taking down the site doesn’t benefit Obama, or anyone with real power.

    • William, if 1 person calls you a tin foil hat nutter there’s room for argument. If everybody tells you that it may be time to take a time out and evaluate your life and choices.

        • J&D, I was answering the mans question. Sounded to me like he was reaching out for help. Now quit stalking me you crazy a@s cracker!

      • jwm:

        I was not stalking you Bubba!! My comment was to William. How it ended up under yours, I have no idea.

        Now, if I wasss stalking you, hmmmm, do you wear a hoodie? Any skittles? Bad ass wannabe thug posts on your facebook? Hang out in my neighborhood?

      • JPD, reread my stalking comment. I was answering J&D. And yes, I do wear a hoodie. No skittles or facebook.

    • William:

      “nastiest, most corrupt, most MORALLY BANKRUPT administration in U.S. history”

      Sorry, a simple google search will show that when it comes to what you just wrote, Obama is a piker. Wannabe bad guy that cannot cut it. The list of corrupt Presidents, and the consequences is beyond belief. History is a great teacher. Too bad very few learn anything from it.

      You want to know the single act that gutted our Constitutional rights? One that rivals what took Hitler 8 years to accomplish against the rights of the German people?

      Sit down and REALLY read the Patriot Act. Then get back to me.

      • Better yet, Google “Woodrow Wilson”, then get a copy of “Liberal Fascism”.

        BO Is trying very hard to surpass Woodie, but he is and underachiever, thank goodness.

      • Lincoln.
        * Arrested journalists for writing editorials against the war: check.
        * Shut down opposition newspapers: check.
        * Deported a sitting Congressman for opposing a war: check.
        * Wrote (but never issued) an arrest warrant for the Chief Justice of the US Supreme Court: check.
        * Started a war to force anti-tariff states to pay the tariff: check.
        * Violated Christian just-war doctrine by specifically targeting civilians, burning homes, burning crops, and slaughtering livestock: check.

        If any politician talks about admiration for Lincoln (BushBama and Hitler come to mind), be very scared.

        • Don’t they all worship Lincoln? And don’t you know that it’s blasphemy to criticize him?

        • Got in this “Conversation” about Lincoln the other day when someone said “He was one of the greatest presidents. ” of-course I laughed out loud. And reminded them that “those that win the wars get to write the history books how they see fit to hide the lies of their civil wars.”

          Slavery wasn’t the issue. I don’t by any means condone or admonish what Booth did but I find it very interesting that he made sure that people knew his mind: “May no man Judge me, but only God judge me.” To that he had a good understanding.

          Lincoln was just another casualty of the war he started and proliferatied. Ironic Justice, perhaps?

        • There is still time. MORE THAN ENOUGH time, I am afraid. And if Obama goes for broke (after next month’s NSA documents that DWARF the ones so far) and goes the confo route, you will all be eating crow.

          No, I mean REALLY eating crow.

        • So. WB, in one month if we’re not eating crow will you go cold turkey from the conspiracy stuff? Or will you just invent another theory to explain the failure of the last one?

  2. They said the entire webhost went down… there’s always a chance they weren’t targeting the BFA at all, and are just a victim of an attack on someone else. Unless they look at the logs for their particular server and determine that the attack was specifically directed at their server/virtual server, being the victim of a DDOS attack is unfortunately growing more common nowadays.

    • Yeah agreed. Saying “This attack was so overwhelming, it took down the entire company that hosts our website. Thousands of IP addresses have been caught up in the digital bloodshed.” makes it sound like it could have been the hosting company itself that was targeted, or any other one of the thousands of other clients. Maybe there’s more to it that they didn’t share…

      • If cybercrime is behind this, we can all feel a sense of peace knowing the DoJ will pursue the malefactor with the greatest urgency.

        “One nation, indivisible” unless you’ve got a copy of the manual.

  3. I wonder what os their servers are running? Also I really want a look at those logfiles (if apache) I mean it is not hard to figure out who is hitting you unless it is a botnet, but if that is the case time to do some hosts.deny

    • It can be hidden yes, but I am guessing a few things.
      1. They are 100% hosted. Meaning they do not have on premiss equipment. This also means that they don’t have DIA with with isolated fiber trunks to their cage, they are shared with others.
      2. While hitting up /var/log/ is always a start, I am assuming they are running apache on some form of Linux. Your best bet is look at the firewall logs. Really it doesn’t matter where it comes from, you need to protect yourself from such attacks. See previous comment on malformed packets.
      3. I am guessing their mail whether Squirrel or Exchange was on the same network, soooo one went down it all went down.
      4. Loosing power to a data center is rare. I don’t know what tier data center this is, but the fact the power died is unusual. Yes we need more information as to the how, etc.
      5. Cell service? I understand in the data center I work in cell service stinks, but that is normal. I don’t know where this person resides, but if it was malicious that is a bit frightening. NOTE: Always carry a burner phone with separate cell service.

      • Funny how we both assume they are running linux (go freedom XD) I don’t know how big of an operation they are but I wonder if it is possible to have a backup server located elsewhere, maybe just an old desktop with debian or ubuntu server and apache, so that if the provider gets dossed they just update the dns to point somewhere else.

        Personally I have not had too much server admin experience, but I know enough to get into trouble.

        hey My. Farago wanna start “the truth about servers”?

        • Get in line. There is only me ahead of you. Coming in the fall, THE TRUTH ABOUT CIGARS.

          If all goes well.

      • I’d bet their host’s servers were Windoze. Sounds like a sorta Mickey Mouse low-budget hosting service, so the odds of them having a competent admin who can do command line are slim.

    • Seriously, that’s pretty funny. Guessing we’ll never catch who’s doing this or even really hear about it anywhere else since no boring emails from the elite were leaked.

  4. It’s the Chicago way; if you haven’t already figured out that Obama and his Just-Us Department is at war with the foundations of our traditional American way of life, you haven’t been keeping up with current events.

    • Yes, their resources are being directed toward local firearms associations, because DoS attacks win elections… durHur?

      It isn’t enough that Buckeye was taken down, somehow it has to be Obama…

      For Pete’s sake, he’s not doing a good job, and he’s screwing with the 2nd, but take off your shiny headwear and think. Cost/benefit doesn’t favor an administration taking down small websites, especially when the attack is only temporary. Now, if all the people there had died….

      • Small site, but big political return.

        And a good, deniable training run for CYBERCOM. Rent a botnet for a few hours from a throwaway Google account with a prepaid credit card, TELNET from there through a couple of servers on island nations on the other side of the world to start up the botnets and fire away, then act surprised and deny any knowledge if you’re accused and blame Anonymous or the Chinese. Script kiddie k-8 difficulty level…

      • he’s not doing a good job Yeah I gues you could say that. Or “he’s not doing a good job” perhaps might be a bit of an understatement.

    • Wherever downtrodden people… BLACK people are. There is Al. Unless it’s Africa, his homeland. Whenever, whenever black people oppress or kill other black people, NO HARM.

  5. Agreed. It may not be BFA that is the target. Last year “anonymous” targeted godaddy. That effictively took out our email for a bit over 24 hours. We do about half our business via email. That hurt.
    Hopefully they will be back up soon, or they may want to find another host/server.

  6. Have you noticed that while we think they are stupid and nonsensical, our side doesn’t generally do things to silence the opposition? That is virtually always the action of those trying to prevent the dissemination of truth. You don’t see us crashing Brady’s servers. You don’t see us crashing Feinstein’s website. In fact, the more they talk, the less believable their tripe becomes.

    • True, facism does not tolerate dissent or another view. They crush it. Something we do not do. Being the good guys can be tough at times.

    • And that is one of the big advantages Progressives have over Americans in this ideological struggle. We must play by the rules or we risk undermining the very system we wish to preserve. Progs, on the other hand, only have a single, two part rule: If it furthers their agenda and they think they can get away with it, they do it.

    • Why bother? In fact, we should help them get their message out. People aren’t stupid (just lazy enough to not actively research stuff). When they hear the big-government message (from progressives or neo-cons), they smell the bullsh!t. When they hear the American message (from minarchists and libertarians), they are responsive.

  7. This is probably a take down by the Administration,they are the ones behind the stirring of the racial animosity that is going on now.I do not trust this government at all anymore,I had my doubts before Mr. Snowden but since he told us what is going on,I have lost all faith and from this day forward consider the Adminstration as tyranny within the nation that needs to be removed,that our Bill of Rights gives all citizens the Right to do!No matter that laws against doing this,passed after the Bill of Rights was enacted,I consider to be Unconstitutional,due to the citizens are the ones who have the last say about how this government should be run,and which direction we should go!Be prepared and ready.Keep your powder dry.

  8. Here’s where it gets ironic:
    They need to
    -Contact the media;
    -Report the attacks and outages to:
    US-CERT (DHS) for the DDoS;
    FBI and Secret Service (DOJ) for the phone outages;
    The local police for all of it, to provide the Feds with a local POC.
    THAT’s the drill. And they should report progress (or lack thereof) back to the media. Often.

  9. Oh noes the site is down!
    Give the children a couple of days and they’ll move on.
    For all the attention things like DDOS attacks and dumps of passwords (that are mostly encrypted anyway) get I dont think anything substantial has ever occurred due to these annoyances. Even the mighty US gov partnering with Mossad to unleash the nuclear Stuxnet didnt really accomplish anything.

    So far all of this “cyber” warfare and terrorism seems very half-assed and impotent.
    I’m not saying it cant be powerful and destructive. It simply doesnt seem to be at this point in time.

  10. I’m in IT and if an entire block of IPs have gone down, there is just as high a likelihood that 1. another site on his host’s network was the target 2. they lost a switch that took out a bank of servers 3. They lost part of their DNS database 4. all of the IPs in question share a host and the server went down

    … in essence, the possibilities are ENDLESS!

    Let’s not all start whining like a bunch of little girls so early in the game, K?

    • So am I, and I’ve been hit by the best. It smells like a pro job, especially with the phones going down.

      • ok tin foil hat people. LOL

        power went out. cell phone service failed. the servers are down. we must be really important – professional hackers.

        yeah yeah.

        can’t wait to see the RCA a couple of days from now.

        • Mina, that you said “like a bunch of little girls” was special. They’re suppose to whine, its cultural. Gun guys aren’t.

        • and, yes, the fact that little girls whine and gun guys aren’t supposed to was pretty much my point.

  11. The site should be load balanced locally and have at least two clusters tied together with GSLB or similar. The servers won’t be dedicated to that one site, but the switches should have DDOS protection enabled at various levels. Not doing this in 2013 invites this sort of mischief.

  12. so far, it looks like they bagged their old domain name and are redirecting everything to Buckeye Firearms Foundation. they have a place-holder web page up and running.

    my guess is their entire hosting service experienced some sort of snafu and they are in DR mode.

Leave a Reply

Your email address will not be published. Required fields are marked *