Buckeye Firearms Association DoS Attack for Zimmerman Post

BFA is under attack from an unknown outside entity. The website is down and communications systems are non-functional. They’ve issued this press release:

Here’s what we know so far . . .

If you’ve tried to visit our website today, you know it’s not there any more. At some time this morning, it came under attack from an outside source. FACTS:

Our IT guy says it’s a “denial of service” or DoS attack. This is not the ordinary “hack” attack that we’ve experienced many times in the past. A DoS attack involves using significant resources to bombard a server to temporarily or permanently disrupt service.

This attack took out our websites, both Buckeye Firearms Association and Buckeye Firearms Foundation.

Our email communication services also went down. Leaders are located all over the state of Ohio, so we’ve had to set up a temporary alternate email list to stay in touch as we work through this issue.

This attack was so overwhelming, it took down the entire company that hosts our website. Thousands of IP addresses have been caught up in the digital bloodshed.

Shortly after all the company servers went down, their power went down. And our IT guy says his cell phone service vanished.

We don’t yet know where this attack came from, but we find it hard to believe that it is a coincidence that it’s happening at the very moment a story went national about raising funds to enable George Zimmerman to purchase a new firearm after Eric Holder and the DOJ decided to prevent him from getting his personal property back. We’ve received threats, hate male, and angry late night phone calls. We’re sending you this message to let you know what’s going on just in case they take out more of our resources and we are unable to communicate with you.

REST ASSURED: We are working on getting our website back up. And the work goes on to push pro-gun legislation, meet with law makers, and defend the Second Amendment. We may communicate online, but our strength has always been in our vast grassroots and our personal relationships with your representatives in government. The check to Zimmerman is being sent to him as you read this. We collected $25,000 from our recent gun raffle. Our events and teacher training classes are moving forward. We CANNOT be stopped by technological temper tantrums like this.

We’re posting updates on our Facebook page as we know more. You can visit it here: https://www.facebook.com/pages/Buckeye-Firearms-Association/343253480089DeanMarketing & Communications Director

 

comments

  1. avatar Marcus Aurelius says:

    “Digital bloodshed?” C’mon guys, We don’t need silly over-blown rhetoric like this.

    1. avatar William Burke says:

      It’s called a “metaphor”, and it’s a perfectly legitimate one. That’s this company’s life blood, lying digitally broken and bleeding, on the digital floor. See, that there last was another one of them metaphors.

      They are unable to do business. That’s “digital bloodshed”. Maybe you should take a creative writing class at the community college in order to understand.

      1. avatar SnJohnson says:

        I thought “hate male” was pretty creative and funny. And unless they’re skilled in precision rifle, I find the death threats against gun rights organizations to be laughable.

      2. avatar ServerSpace says:

        You’re right William, ‘Digital Bloodshed’ is apt! We’ve likened these attacks previously to ‘cyber terrorism’. The financial losses felt by businesses both during and after these attacks is untold.

    2. avatar RedirectYourIre says:

      You realize that the phrase you take issue with WASN’T WRITTEN BY TTAG, right?

      At the very least, complain to the correct author(s).

    3. avatar Ralph says:

      We don’t need

      Who is “we?”

      1. avatar Tom in Oregon says:

        It’s the same as “they”. Similar to when “they say…blah”
        It’s a guy in a basement, saying stuff.

        http://s282.photobucket.com/user/jagisthlm/media/Gary_Larson.jpg.html#/user/jagisthlm/media/Gary_Larson.jpg.html?&_suid=1374697685701006951624938653233

      2. avatar Joke & Dagger says:

        Yeah, a freaking guy with the name “Marcus Aurelius” wants less “over-blown rhetoric”? How’s this metaphor: “Whatever”?

        1. Best response ever, “We are they.”

          Who said it where?

          and why did shake Dale up so much when they said it?

        2. avatar ensitue says:

          pherhaps he thinks he’s the new leader of an Empire?

        3. avatar Ropingdown says:

          Of course. Wishing to invoke a technological Marcus Aurelius, he appropriately counsels a stoical calm in the face of digital bloodshed barbarian onslaughts. Admittedly, he doesn’t write in Greek as Roman Marcus did, but frankly I find that convenient. Wait until his ox is gored. Then we’ll see how ‘golden’ he is.

  2. avatar tangledthorns says:

    They may be able to get DDOS protection from their ISP but that costs money.

    1. avatar Daniel Silverman says:

      It is two lines in a control list, that should be there anyways.
      Just dump all malformed packets right away. Problem solved..
      That should be done on the ACL on the edge router. Any self respecting hosting service will have done this already.
      DDOS is script kitty bull crap. Now power going out and cell service cut, hmmmm…
      Do I need my Tin Foil Hat????

      1. avatar Ralph says:

        Daniel, I wish I knew what you were talking about, but you lost me right after “It is.” 🙁

        1. avatar pwrserge says:

          Basically, there are very easy to spot indicators that allow you to identify and spot most DDOS attacks. It’s a technique that has fallen out of favor with “professionals” lately because countermeasures exist and have been generally implemented. It can still be pulled off, but requires massive resources that most “professionals” can use far more effectively. A “script kitty” (I generally use “script kiddie”, but both are correct) is a “hacker” who has only a rudimentary knowledge of real network intrusion techniques and relies overly on canned attack software that they did not write themselves and often do not fully understand.

        2. avatar Daniel Silverman says:

          pwrserge I agree. If it were a really bad attack you would never know they were even there until it was all over..

      2. avatar it guy says:

        access control lists wont block legitimate server requests, which is what most current denial of service attacks on websites use, not “malformed packets”. it may be “script kitty bull crap” as you call it, but it works and thats all that matters. BFA is staffed by volunteers and funded by donations. If you’d like to help them secure their site, feel free to contribute time or money.

        1. avatar pwrserge says:

          Except that to launch that sort of attack requires far more resources than a typical group would have access to. You would need to prep the ground work for days if no weeks or use resources you already have in place.

        2. avatar Daniel Silverman says:

          Been battling Anon myself.. no time really…
          If they use a botnet then they can use a normal packet, lets say port 80, etc. That makes sense but you need a large number to in fact hold open the connections.
          Anon hit us once, and they used a botnet. they hit us on 80, 443, and 25 TCP, with malformed large packets. Besides the fact they were pushing the bandwidth, the malformed packets held open the connection so it took far less to bring us down.
          They should be able to throttle the number of requests from a single source as well. It isn’t hard with the right hardware.
          I am by no means harping on them it guy. Most folks don’t ever think about it until something like this happens. We were down for almost a day when we got hit so believe me I feel the pain.
          Easiest thing for the IT guy to do is just reset everything if he has direct control of the servers. Any edge routers need to have at minimum their network services restarted, although with a power outage, I am sure folks at the data center are running around like crazy people.
          Also one other thing the BFA might want to consider is use a separate hosting service for their website, and any internal items like email etc are completely separate. We split ours off following the attack. If they bring our main site down who cares so long as I can send email.

        3. avatar JAS says:

          Power outage would not injure the servers – most have backup power. It is what it is. IT thinking this can’t happen to us and such. Like Daniel said, unless it is an extremely sophisticated DDOS most server software already has the means to counter them.

          The 600 pound gorilla question is: where did the requests originate. That should be proxies but those can be tracked too.

        4. avatar Jus Bill says:

          Anon (and pretty much any other entity) rents their botnets. Use once and walk away clean.

      3. avatar Thomas M. says:

        A real DDoS is much more complicated to block than two config lines on a border router.

    2. avatar Jason says:

      Should we hold a gun raffle to raise money for that?

  3. avatar William Burke says:

    Every time you think you’ve seen the nastiest, most corrupt, most MORALLY BANKRUPT administration in U.S. history, you’re soon enough proved wrong.

    And come ON, we know that these attacks come from within the Obama administration, and, in all likelihood, from within the White House itself.

    And I don’t mean Michelle. Who’s got the “conspiracy theorist” and “tinfoil hat” accusations? Surely you brought them…

    1. avatar Jeff says:

      no, they are coming from liberal activist black-hat hacker groups like certain offshoots of anonymous.

      1. avatar JT says:

        It takes a lot of resources to cut power and cell phone service.

        1. avatar Jeff says:

          I didn’t notice that part of the original story until later. Given that, DDoS attack seems pretty unlikely – more than likely is that their ISP’s redundancy for anything sucks, or they lost their comms circuits.

        2. avatar JT says:

          Jeff, from what I have read, the power went out a short time AFTER the DDoS started and that the website was already down when they lost the power.

      2. avatar Jason says:

        Anonymous has shown a pretty strong pro-gun stance. Mainly because the recognize that a well armed populace is the greatest protection against tyranny.

        1. avatar William Burke says:

          Absolutely pro-2A, Anonymous is.

        2. avatar Jus Bill says:

          Remember how CYBERCOM was bragging that they have this nifty OFFENSIVE toolkit?

    2. avatar RedirectYourIre says:

      Tinfoil hat? You, sir, are either a master of satire and irony, or need a straight jacket. Everything comes back to the president, and it’s a great joke, or a cry for help and attention. You do realize that the death threats to Buckeye HELP the administrations gun control efforts, right? So, taking down the site doesn’t benefit Obama, or anyone with real power.

    3. avatar jwm says:

      William, if 1 person calls you a tin foil hat nutter there’s room for argument. If everybody tells you that it may be time to take a time out and evaluate your life and choices.

      1. avatar Joke & Dagger says:

        Everybody has got a freaking label with you. Is that a left-over from your prison days?

        1. avatar jwm says:

          J&D, I was answering the mans question. Sounded to me like he was reaching out for help. Now quit stalking me you crazy [email protected] cracker!

      2. avatar JPD says:

        jwm:

        I was not stalking you Bubba!! My comment was to William. How it ended up under yours, I have no idea.

        Now, if I wasss stalking you, hmmmm, do you wear a hoodie? Any skittles? Bad ass wannabe thug posts on your facebook? Hang out in my neighborhood?

      3. avatar jwm says:

        JPD, reread my stalking comment. I was answering J&D. And yes, I do wear a hoodie. No skittles or facebook.

    4. avatar JPD says:

      William:

      “nastiest, most corrupt, most MORALLY BANKRUPT administration in U.S. history”

      Sorry, a simple google search will show that when it comes to what you just wrote, Obama is a piker. Wannabe bad guy that cannot cut it. The list of corrupt Presidents, and the consequences is beyond belief. History is a great teacher. Too bad very few learn anything from it.

      You want to know the single act that gutted our Constitutional rights? One that rivals what took Hitler 8 years to accomplish against the rights of the German people?

      Sit down and REALLY read the Patriot Act. Then get back to me.

      1. avatar Cliff H says:

        Better yet, Google “Woodrow Wilson”, then get a copy of “Liberal Fascism”.

        BO Is trying very hard to surpass Woodie, but he is and underachiever, thank goodness.

      2. avatar Jason says:

        Lincoln.
        * Arrested journalists for writing editorials against the war: check.
        * Shut down opposition newspapers: check.
        * Deported a sitting Congressman for opposing a war: check.
        * Wrote (but never issued) an arrest warrant for the Chief Justice of the US Supreme Court: check.
        * Started a war to force anti-tariff states to pay the tariff: check.
        * Violated Christian just-war doctrine by specifically targeting civilians, burning homes, burning crops, and slaughtering livestock: check.

        If any politician talks about admiration for Lincoln (BushBama and Hitler come to mind), be very scared.

        1. avatar Bob says:

          Don’t they all worship Lincoln? And don’t you know that it’s blasphemy to criticize him?

        2. avatar Gtfoxy says:

          Got in this “Conversation” about Lincoln the other day when someone said “He was one of the greatest presidents. ” of-course I laughed out loud. And reminded them that “those that win the wars get to write the history books how they see fit to hide the lies of their civil wars.”

          Slavery wasn’t the issue. I don’t by any means condone or admonish what Booth did but I find it very interesting that he made sure that people knew his mind: “May no man Judge me, but only God judge me.” To that he had a good understanding.

          Lincoln was just another casualty of the war he started and proliferatied. Ironic Justice, perhaps?

        3. avatar William Burke says:

          There is still time. MORE THAN ENOUGH time, I am afraid. And if Obama goes for broke (after next month’s NSA documents that DWARF the ones so far) and goes the confo route, you will all be eating crow.

          No, I mean REALLY eating crow.

        4. avatar jwm says:

          So. WB, in one month if we’re not eating crow will you go cold turkey from the conspiracy stuff? Or will you just invent another theory to explain the failure of the last one?

  4. avatar c4v3man says:

    They said the entire webhost went down… there’s always a chance they weren’t targeting the BFA at all, and are just a victim of an attack on someone else. Unless they look at the logs for their particular server and determine that the attack was specifically directed at their server/virtual server, being the victim of a DDOS attack is unfortunately growing more common nowadays.

    1. avatar William Burke says:

      Yeah, it must just be a coincidence that they were sending $25,000 to Zimmerman….

    2. avatar JMS says:

      Yeah agreed. Saying “This attack was so overwhelming, it took down the entire company that hosts our website. Thousands of IP addresses have been caught up in the digital bloodshed.” makes it sound like it could have been the hosting company itself that was targeted, or any other one of the thousands of other clients. Maybe there’s more to it that they didn’t share…

      1. avatar Ropingdown says:

        If cybercrime is behind this, we can all feel a sense of peace knowing the DoJ will pursue the malefactor with the greatest urgency.

        “One nation, indivisible” unless you’ve got a copy of the manual.

  5. avatar anon says:

    I wonder what os their servers are running? Also I really want a look at those logfiles (if apache) I mean it is not hard to figure out who is hitting you unless it is a botnet, but if that is the case time to do some hosts.deny

    1. avatar William Burke says:

      I’m pretty sure a DOS can be done from behind one or several firewalls.

    2. avatar Daniel Silverman says:

      It can be hidden yes, but I am guessing a few things.
      1. They are 100% hosted. Meaning they do not have on premiss equipment. This also means that they don’t have DIA with with isolated fiber trunks to their cage, they are shared with others.
      2. While hitting up /var/log/ is always a start, I am assuming they are running apache on some form of Linux. Your best bet is look at the firewall logs. Really it doesn’t matter where it comes from, you need to protect yourself from such attacks. See previous comment on malformed packets.
      3. I am guessing their mail whether Squirrel or Exchange was on the same network, soooo one went down it all went down.
      4. Loosing power to a data center is rare. I don’t know what tier data center this is, but the fact the power died is unusual. Yes we need more information as to the how, etc.
      5. Cell service? I understand in the data center I work in cell service stinks, but that is normal. I don’t know where this person resides, but if it was malicious that is a bit frightening. NOTE: Always carry a burner phone with separate cell service.

      1. avatar B says:

        They hacked the servers, then they hacked the smart meters for the data center…

      2. avatar anon says:

        Funny how we both assume they are running linux (go freedom XD) I don’t know how big of an operation they are but I wonder if it is possible to have a backup server located elsewhere, maybe just an old desktop with debian or ubuntu server and apache, so that if the provider gets dossed they just update the dns to point somewhere else.

        Personally I have not had too much server admin experience, but I know enough to get into trouble.

        hey My. Farago wanna start “the truth about servers”?

        1. avatar William Burke says:

          Get in line. There is only me ahead of you. Coming in the fall, THE TRUTH ABOUT CIGARS.

          If all goes well.

      3. avatar Jus Bill says:

        I’d bet their host’s servers were Windoze. Sounds like a sorta Mickey Mouse low-budget hosting service, so the odds of them having a competent admin who can do command line are slim.

  6. avatar JT says:

    The fact that the power went out tells me this is more than a normal DDOS.

    1. avatar Blehtastic says:

      Seriously, that’s pretty funny. Guessing we’ll never catch who’s doing this or even really hear about it anywhere else since no boring emails from the elite were leaked.

  7. avatar ThomasR says:

    It’s the Chicago way; if you haven’t already figured out that Obama and his Just-Us Department is at war with the foundations of our traditional American way of life, you haven’t been keeping up with current events.

    1. avatar RedirectYourIre says:

      Yes, their resources are being directed toward local firearms associations, because DoS attacks win elections… durHur?

      It isn’t enough that Buckeye was taken down, somehow it has to be Obama…

      For Pete’s sake, he’s not doing a good job, and he’s screwing with the 2nd, but take off your shiny headwear and think. Cost/benefit doesn’t favor an administration taking down small websites, especially when the attack is only temporary. Now, if all the people there had died….

      1. avatar Jus Bill says:

        Small site, but big political return.

        And a good, deniable training run for CYBERCOM. Rent a botnet for a few hours from a throwaway Google account with a prepaid credit card, TELNET from there through a couple of servers on island nations on the other side of the world to start up the botnets and fire away, then act surprised and deny any knowledge if you’re accused and blame Anonymous or the Chinese. Script kiddie k-8 difficulty level…

      2. avatar neiowa says:

        he’s not doing a good job Yeah I gues you could say that. Or “he’s not doing a good job” perhaps might be a bit of an understatement.

    2. avatar William Burke says:

      “Just-Us”. Excellent! Just us and the criminal banking cartel we work for.

  8. avatar Ralph says:

    It wouldn’t surprise me in the least if the IRS is also up the BFA’s @ss.

  9. avatar DIrk Diggler says:

    hate male directed at them? Al sharpton is in ohio?

    1. avatar William Burke says:

      Wherever downtrodden people… BLACK people are. There is Al. Unless it’s Africa, his homeland. Whenever, whenever black people oppress or kill other black people, NO HARM.

      1. avatar Jus Bill says:

        BTW, did you see the hair stylist he dumped his wife for? Could be his daughter…

  10. avatar Tom in Oregon says:

    Agreed. It may not be BFA that is the target. Last year “anonymous” targeted godaddy. That effictively took out our email for a bit over 24 hours. We do about half our business via email. That hurt.
    Hopefully they will be back up soon, or they may want to find another host/server.

  11. avatar Matt in FL says:

    Have you noticed that while we think they are stupid and nonsensical, our side doesn’t generally do things to silence the opposition? That is virtually always the action of those trying to prevent the dissemination of truth. You don’t see us crashing Brady’s servers. You don’t see us crashing Feinstein’s website. In fact, the more they talk, the less believable their tripe becomes.

    1. avatar jwm says:

      True, facism does not tolerate dissent or another view. They crush it. Something we do not do. Being the good guys can be tough at times.

      1. avatar William Burke says:

        It can be downright DEADLY sometimes.

    2. avatar Old Ben turning in grave says:

      And that is one of the big advantages Progressives have over Americans in this ideological struggle. We must play by the rules or we risk undermining the very system we wish to preserve. Progs, on the other hand, only have a single, two part rule: If it furthers their agenda and they think they can get away with it, they do it.

    3. avatar Jason says:

      Why bother? In fact, we should help them get their message out. People aren’t stupid (just lazy enough to not actively research stuff). When they hear the big-government message (from progressives or neo-cons), they smell the bullsh!t. When they hear the American message (from minarchists and libertarians), they are responsive.

    4. avatar Bob says:

      Good ideas don’t require force to propagate.

  12. avatar thingi says:

    They’ll probably want something like Amazon Web Services.

  13. avatar Andy says:

    This is probably a take down by the Administration,they are the ones behind the stirring of the racial animosity that is going on now.I do not trust this government at all anymore,I had my doubts before Mr. Snowden but since he told us what is going on,I have lost all faith and from this day forward consider the Adminstration as tyranny within the nation that needs to be removed,that our Bill of Rights gives all citizens the Right to do!No matter that laws against doing this,passed after the Bill of Rights was enacted,I consider to be Unconstitutional,due to the citizens are the ones who have the last say about how this government should be run,and which direction we should go!Be prepared and ready.Keep your powder dry.

  14. avatar Jus Bill says:

    Here’s where it gets ironic:
    They need to
    -Contact the media;
    -Report the attacks and outages to:
    US-CERT (DHS) for the DDoS;
    FBI and Secret Service (DOJ) for the phone outages;
    The local police for all of it, to provide the Feds with a local POC.
    THAT’s the drill. And they should report progress (or lack thereof) back to the media. Often.

    1. avatar Ropingdown says:

      Never waste a crisis….

      1. avatar William Burke says:

        The best way to not waste a crisis is to create it yourself. Then you have everything in place before it begins.

  15. avatar ensitue says:

    It’s just a Beta Run

  16. avatar anon says:

    btw I have nothing to do with the group anonomous.

    maybe I should pick a new screen name hmm.

    1. avatar Jus Bill says:

      Wise move.

  17. avatar Shire-man says:

    Oh noes the site is down!
    Give the children a couple of days and they’ll move on.
    For all the attention things like DDOS attacks and dumps of passwords (that are mostly encrypted anyway) get I dont think anything substantial has ever occurred due to these annoyances. Even the mighty US gov partnering with Mossad to unleash the nuclear Stuxnet didnt really accomplish anything.

    So far all of this “cyber” warfare and terrorism seems very half-assed and impotent.
    I’m not saying it cant be powerful and destructive. It simply doesnt seem to be at this point in time.

  18. avatar Lee Duran says:

    Cloudflare, they should look into it. Robert, might not be a bad idea for you too!

  19. avatar mina says:

    I’m in IT and if an entire block of IPs have gone down, there is just as high a likelihood that 1. another site on his host’s network was the target 2. they lost a switch that took out a bank of servers 3. They lost part of their DNS database 4. all of the IPs in question share a host and the server went down

    … in essence, the possibilities are ENDLESS!

    Let’s not all start whining like a bunch of little girls so early in the game, K?

    1. avatar William Burke says:

      Who’s whining? Oh. I get it now. You meant “shut up”.

    2. avatar Jus Bill says:

      So am I, and I’ve been hit by the best. It smells like a pro job, especially with the phones going down.

      1. avatar mina says:

        ok tin foil hat people. LOL

        power went out. cell phone service failed. the servers are down. we must be really important – professional hackers.

        yeah yeah.

        can’t wait to see the RCA a couple of days from now.

        1. avatar Ropingdown says:

          Mina, that you said “like a bunch of little girls” was special. They’re suppose to whine, its cultural. Gun guys aren’t.

        2. avatar mina says:

          yeah, well if there wasn’t a lot of whining I’d not have noticed it, right?

        3. avatar mina says:

          and, yes, the fact that little girls whine and gun guys aren’t supposed to was pretty much my point.

  20. avatar Tom RKBA says:

    The site should be load balanced locally and have at least two clusters tied together with GSLB or similar. The servers won’t be dedicated to that one site, but the switches should have DDOS protection enabled at various levels. Not doing this in 2013 invites this sort of mischief.

    1. avatar mina says:

      ha. not for the $30 every-other-year hosting fee service

  21. avatar mina says:

    so far, it looks like they bagged their old domain name and are redirecting everything to Buckeye Firearms Foundation. they have a place-holder web page up and running.

    my guess is their entire hosting service experienced some sort of snafu and they are in DR mode.

Write a Comment

Your email address will not be published. Required fields are marked *

button to share on facebook
button to tweet
button to share via email