21SexturyCash...up or down for you?
 

Is: http://21sexturycash.com/ working for anyone? I haven't been able to reach it all day and was just wondering if it's me or not.

http://www.just-ping.com/index.php?v....com&s=ping%21

Santa Clara, U.S.A. Packets lost (100%)
Vancouver, Canada Packets lost (100%)
Austin, U.S.A. Packets lost (100%)
Florida, U.S.A. Packets lost (100%)
Stockholm, Sweden Packets lost (100%)
New York, U.S.A. Packets lost (100%)
London, United Kingdom Packets lost (100%)
Madrid, Spain Packets lost (100%)
Nürnberg, Germany Packets lost (100%)
Paris, France Packets lost (100%)
Kraków, Poland Packets lost (100%)
Cologne, Germany Packets lost (100%)
Amsterdam, Netherlands Packets lost (100%)
Cagliari, Italy Packets lost (100%)
Singapore, Singapore Packets lost (100%)
Amsterdam3, Netherlands Packets lost (100%)
Munchen, Germany Packets lost (100%)
Hong Kong, China Packets lost (100%)

Looks like they are down :(

Jim

Thanking you Jim!

down for me :(

They've been down all day long :(

Still down for me... not good.

Also didn't they launch that asian site a little while ago... dirtyorientals.com? What happened to that one? It started returning 403's about 24 hours after its launch.

EDIT: sorry, old thread I see.. anyway, they're down for me again.

Down :/ ...

down for me

Yup down, again...

Down here trying to use their hosted galleries ;(

Same thing happened yesterday or the day before.

Still down here......

Still down.

:disgust

Yeah this is getting old fast... :(

Bump

No-one's representing them here on GFY?

looks like guys are sleeping..

still down

Down here also since yesterday :(

Fix Your Shit!!!

Your site are going up and down ....please fix

bump fart

this is now the 4th day of probs - their NATS is fucked so are your sales - there under some kind of DOS attack - was going to be fixed 'soon' they 'hoped'

That Asian site dirty orientals came and went - fuck knows what happened there

I'm here, I was just sleeping :)

I copy paste the latest announcement from 21sexturycash.com:

05/31 - Frontend is under massive DDoS attack
Dear partners,
unfortunately we have some problems with our NATS frontend due to a massive DDoS attack.
We're working hard on it and it'll be resolved soon.
When NATS frontend is not accessible, NATS is not able to track clicks and it is not possible to sign up for our sites.
Sorry for the inconveniences this may caused and thank you for your patience.

We'll compensate everyone shortly for the last 2 days' missing incomes.

A DDoS can be a major pain, agreed. And still going on, so it seems. Note that affiliates can't read the news on the website while it's under attack. If you sent out mails and I missed it, my bad, but if not: you should do some mailing.

What happened to dirtyorientals ?

Fuck... I Hate The Dos Attacks

up for me. but loads very slow.

How are DDoSes handled ? Load balancing and huge pipes only ? Or are the zombies weeded out and blocked ?

Sighs... More links to pull...

Damn... I just have to remove my blog post or something.

I still can't connect to the site :/

Error:
403 Forbidden
nginx/0.5.22

saturday morning 21st sextury and flash the money are fucked again

Hi Guys,

Gero from 21sextury. The issue right now is, that we fix one type of attack, then new type of attacks are coming. It started with a zombie-like DDOS against the front ends, we fixed that, then we faced an another attack against the load balancers. We fixed that as well.

Lately the attackers are going after our NATS/join/singup page. So they try to block only the sign up processes. Right now our admins are working on fixing this problem.

I don't know if we ever did against anybody to give them a reason for hating us this bad. We are not being such an agressive and big program what would harm somebody's business. That's for sure that the people who are coming after us must have some kind of experience how affiliate programs / NATS work.

We sorry for these problems, this is a major pain in th *ss for everybody. Once we are back up and operate safely, we will find the way to compensate our affiliates for their losses.

Gero

We had to suspend the site official opening for the request of the producer. It will reopen soon in a few weeks.

Just a little follow up. It seems almost sure that the attackers are from the industry. Because they use NATS specific codes for the attacks. So it can be anybody who used NATS before, who knows how NATS works from the code side.

After we could defend the attack against the join form they went against the NATS login form. We could stop them for now. We are wondering what's coming next.

Sounds like these guys are having a ball. Imo it doesn't have to be someone (or a group) from within the industry. All it takes to get a hold of a NATS copy is the intrusion of a server running it. Or am I wrong ? Then, if needed, some reversing and bada-bing.

Maybe it's worth documenting the measures taken against the different attacks. I'm sure many folks would be interested.

Well we have some ideas who might be these guys, because previously happened to us an intrusion to NATS few months ago. That intrusion happened with an admin level password/username what you could dump out if you knew the code. And we caught the people there who did this intrusion. Former employees of our company who runs now their own affiliate program on NATS. So we will see what happenes, right now it's silence and things working.

They didn't intrude to our servers, the boxes itself. They couldn't enter the servers on admin level. Nor before and nor this time.

Previously these people could get into only the admin area of nats, which is software level access. Not hardware level.

The hardware level access to the boxes are only by our hosting company Cavecreek and 2 of our admins. Our admins also only from our office.

NATS is a week side of our business, all the time we get attacks from there. :(

I was just talking to our admins. They will make a document in details what has happened. Once we are over with this whole issue, and poor guys can sleep a bit we will put it online. They slept total 10hrs per person in the past 4 days.

Anyways are you interested only in the NATS specific attacks or the whole story? It's a well developed attack. Included a wide range of everything what you can imagine. They go step by step on all possible attack options.

Sorry if I wasn't clear. I didn't mean to imply they gained access to your servers. I was saying anyone (within the industry or not) could investigate the intricacies of NATS by gaining access to *any* server running it.

These stories always make for interesting reading. I meant you could put up a page outlining the story and countermeasures taken. Might generate some webmaster traffic. Just a thought.

Damn... I hate those fucking hackers!

Gotcha. This makes total sense.

About posting "our story" on this attack I thought to help people who might face such problems now or in the future. That's why I was asking if there is any specific issue what might be interesting for you. :)

The problem with this attack - what the hackers don't consider - is that they make problems to people who are totally innocent on an issue like this. The hacker won't see any financial benefit from this whole thing I'm sure. They just destroy lives and cause problems to nice and total innocent people.

For example one of our admins just had a newborn baby. And instead of being at home, helping his wife, spending his time with his family he was away from his beloved ones for 4-5 days so far because of this problem on 10hrs of total sleep. And to all of the other everyday people at our company, same thing.

So all in all this is one big issue I don't understand about these hackers. How would they feel if this would happen to their family? Maybe I'm too naive.

Wow will this ever be fixed? Seems to be getting worse not better, it's now been 4/5 days!

yes, I got gero in touch with my friend from prolexic.com and they should start working on it any time now....prolexic is fucking amazing, so it should have everything running again soon

We contracted prolexic, they guaranteed to put us back up in 24hrs.

That IS good news! I've been promoting you guys for a long time now and your program is one of my very favourites! Best of luck and I hope this drama ends for you soon!

UH OH!!!!

http://www.21sexturycash.com/

BACK!

This is only ours for the time being. :)

In 24hrs our affiliate system will be protected via Prolexic, then the sites. We invest lot of money into protection against ddos, so hopefully this issue won't happen again.

That sucks but this seems to be your only choice.

We have finished migrating our affiliate programs under the Prolexic protection network. So the affiliate programs are up and running. Now we started to move all of our websites under this protection umbrella. But it will take a couple of days to finish the migration of all the websites. Hopefully no more than 2 days! After that, everything will be ok as it was before!