PractiScore Hack attempt

[Burk Cornelius]

[From Ken Nelson - PractiScore]

The site has been re-hosted to another cloud provider and the clubs and results systems are up and running smooth.

I’ll have a longer “what happened” note, and then a “what are we doing so it never happens again” note later today.

The short story is that the DDOS attack, while irritating, really wasn’t the problem. The core problem was our cloud provider, Digital Ocean. They had very solid reputation for being a top, developer friendly, cloud host when we moved to them. That proved quite wrong for us.

Many thanks to Dave & Josh, our web team, who worked a long hours last 3 days overcoming initially a DDOS attack and then a disreputable vendor.

Ken Nelson

 

[Wall]

It wasn't hacked. There was an attempt but it was unsuccessful. They also moved to a different host to help make things more secure.

 

[Burk Cornelius]

I wanted to post that longer explanation that Ken posted on Facebook but I could do it from my phone. Can you cut and paste it, Tony?

 

[poopgiggle]

First Doodie then Practiscore.

Some botherder really hates action shooting sports.

 

[Burk Cornelius]

First Doodie then Practiscore.

Some botherder really hates action shooting sports.

for the uneducated masses (like me):

botherder: someone who manages and controls a botnet, a network of zombie computers which can be used to launch DDoS attacks, spam campaigns or search the network for systems vulnerable to attack

 

[SpaceFlunky]

[From Ken Nelson - PractiScore]

The site has been re-hosted to another cloud provider and the clubs and results systems are up and running smooth.

I’ll have a longer “what happened” note, and then a “what are we doing so it never happens again” note later today.

The short story is that the DDOS attack, while irritating, really wasn’t the problem. The core problem was our cloud provider, Digital Ocean. They had very solid reputation for being a top, developer friendly, cloud host when we moved to them. That proved quite wrong for us.

Many thanks to Dave & Josh, our web team, who worked a long hours last 3 days overcoming initially a DDOS attack and then a disreputable vendor.

Ken Nelson

 

[Burk Cornelius]

nerd

 

[Burk Cornelius]

They were just hit again about 15 minutes ago (according to Ken). No breach in data but the site is down

 

[Tech]

for the uneducated masses (like me):

botherder: someone who manages and controls a botnet, a network of zombie computers which can be used to launch DDoS attacks, spam campaigns or search the network for systems vulnerable to attack

Thank you!

 

[mikey80]

Brett Russo and Bobby Keigans be hatin'

 

[Burk Cornelius]

I was gonna ask if anyone knew where Robert McDaniel was.

 

[poopgiggle]

I found the source of this and cannot stop laughing https://www.youtube.com/watch?v=Js02m-7qHyE

 

[poopgiggle]

also who hates practiscore, seriously?

it's pretty easy to come up with a list of people who would be pissed at Doodie Project but practiscore isn't offensive.

fake edit: i mean tons of people hate practiscore but those are people who can't figure out how to set up a match properly so I don't think they can orchestrate cyber attacks

 

[toothandnail]

The NEW server/colud whatever isn't any better, it's been down much of today as well.

ETA; it's back up again, this is getting really tiresome.

 

[Wall]

I guess they pissed somebody off

 

[wav3rhythm]

On the bright side... I learned how to work the iPad and score this weekend... But I swear this wasn't my fault!

 

[Raford]

On the bright side... I learned how to work the iPad and score this weekend... But I swear this wasn't my fault!

You are just upset that a Revolver took a stage win and are trying to fix the scores! Admit it!

 

[Wall]

latest update:


The results system remains down for hardening. I'll update you through the day. Just a couple items remain and then we bring it back up.

Just a quick word on these website attacks. First off, I've no idea why somebody is doing this. Nor have I spent much time thinking about it.

I'm a "wherever you are, that's where you start" kind of guy. So while the process is a bit uglier than I would have hoped, we are committed to channeling it into some good. So when I look forward a bit, I see the result of this attack as a more robust, faster, stronger solution for clubs and shooters. Which is all I ever wanted to build anyway.


Thanks to all who have expressed support publicly and privately. And we also thanks those that have helped behind the scenes. We've had some pretty solid folks, with serious computer / hacking security experience, step up to help guide us with this. We thank them for the help and expertise, which is part of the good coming out of this.