
36 lines
4.2 KiB
Raw Normal View History

2023-03-26 10:32:30 +02:00
title: "A Letter To The DDoS Attacker"
date: 2023-03-26T09:52:00+02:00
- braindump
- vps
Dear attacker; we don't know each other well enough to start a letter with _my dearest friend_ but I do not want to come across as rude as you were so I will keep the salutation formal.
On Friday afternoon 24th, you were bored. I understand, I get bored all the time. I then sometimes try to fend off the feeling of uselessness by poking around in various code projects until none of my feeble ideas work to close the laptop in agony, resulting in boredom _and_ frustration. It seems that you instead decided to launch a DDoS attack on `` and see what happens.
Not much, except for this letter two days later. You see, your attempt failed. The website was never down. I admit, my hosting provider alerted me on time and temporarily disabled a few subdomains to keep their nameserver alive, otherwise all their clients would potentially be impacted. I can imagine a feeling of pride swelling up in your chest as you read this, but you'd be mistaken. Nothing really happened, except for my disappointment in your life choices. I'm sorry to disappoint you, but you started first.
I guess this is the part where we approvingly mumble how skilled your hacking knowledge is, except that it very well may not be. Perhaps you simply stole the laptop of your older brother, filled in a random domain name starting with B you thought was funny, and pressed the "start" button. Perhaps after seeing the progress bar getting stuck at 20%, you gave up ant went looking for another pastime.
What exactly were you trying to achieve, I wonder? To free the world of all pesky brain bakers that are a local pest in your hometown? To see whether or not you could spin up a few Docker containers behind a tunnel in different countries? To test your brother's keyboard? To funnel your frustration with this bleak world into a random attack that had zero effect? To amuse your friends and boast your skills?
Let me make a suggestion. It's never too late to change the way you live. You _can_ still do good and help brighten up the world. You can even keep your impressive skill set and use them for good. Why don't you attack a Russian government website, a fake news spreading node, or the online presence of a random venture capitalist proclaiming NFTs are the future?
I don't think you're likely to be familiar with the term _ethics_, so I will suggest a bit of reading material. Next time that sudden feeling of boredom strikes, rush to the library instead. Kantian ethics is a good place to start. If you like a challenge---I doubt you do, given the limited results of your DDoS effort---try his _Critique of Judgement_. If I somehow misjudged you and you're much more depressed than I initially thought, perhaps Arthur Schopenhauer's _The World as Will and Representation_ is a better fit.
Just in case you might think it's a good idea to try, and try again: I moved my nameserver to CloudFlare. That means you won't get to see the origin server IP ever again, although I'm sure you were smart enough to jot it down in your little red book titled "failed hacking attempts". That also means the nameserver now became plural, as CloudFlare uses an Anycast DNS system. You don't have to ask your brother what that is, reading [the CloudFlare docs]( will be sufficient. Additional security measures were taken, I will leave the discovery of those features to you. Consider it a parting gift.
Perhaps a few YouTube videos on how to bring down a server might help shave off those rough edges. Here's [a great tutorial to start with]( If you manage to make it to the end, they might even hand out a certificate.
Looking forward to hearing from you---preferably in the form of access denied log entries. It's up to you.
Kind regards,
Wouter Groeneveld
P.S. I forgot to say thank you. I was almost the victim of a nasty case of boredom myself, and your actions triggered a challenging---albeit a disappointingly small one---reconfiguration spree where I had the opportunity to learn more about correct web, DNS, and nameserver configuration.