I arrived at work this morning to see that the popular forums DSL reports had been disabled by a DDoS attack. The site was back online within a few hours, with site owner Justin providing some information. No motivations are immediately visible, however DSL reports operates a large, informative pool of forums and helps their community stay secure and online. It’s entirely possible that someone is just upset at their efforts.
Justin has provided the following 24 hour graphic showing the bandwidth consumed by the attack.
We have some data on the attacks, and have been actively working with the site owners and ISP operators around the world to help mitigate the attacks. The site admins have provided a list of IP addresses they suspect as being involved in the attacks. However, you can help by blocking TCP port 80 traffic to the IP 18.104.22.168, which is the controller behind the attacks. This is a busy DDoS net which has attacked numerous sites around the world.