Statement Regarding GRC DDoS Attack

Wrong wrong wrong.
Wrong wrong wrong.

On February 16, 2016, Steve Gibson announced on Security Now that GRC was offline due to a DDoS attack. He said that he went to the data center and captured packet logs and determined that it was a DNS reflection DDoS attack.

He began discussing the issue in his GRC newsgroup and later named TotalDrama.net specifically as the attackers.

We want to be very clear. Total Drama had nothing to do with any attacks on GRC, Total Drama would never engage in illegal attacks such as this, and we do not condone and strongly condemn this behavior.

Steve Gibson apparently got his information second-hand from someone monitoring our IRC chat and may have misinterpreted jokes or other discussion. It seems that Steve is walking back the accusation, realizing the information was inaccurate, but we did not want to let this kind of misinformation fester.

We have been very supportive of Steve Gibson in the past. We have consistently brought up others defaming and insulting him as wrong acts. We have no motive whatsoever to attack Steve.

We don’t know that the TotalDrama.Net people have anything to do with these attacks on GRC… but it would be apparent to ANYONE that the TotalDrama.Net people are indeed holding onto that scale of animus and hatred and WOULD (and have) gone to any extremes available to hurt Leo and TWiT.

Steve Gibson

We don’t hate Leo and we don’t want to “hurt” Leo or TWiT. We want TWiT to return to greatness. We report the truth and people just don’t want to believe it. In each post where we make a claim, we present video and/or photographic proof.

We encourage whoever is performing the attacks to cease immediately — if they have not done so already.

55 thoughts on “Statement Regarding GRC DDoS Attack”

  1. Fuck Gibson! As you mention, we have defended that dullard time and time again. Just because we are vociferous in reporting TWIT’s downfall does not equate to our DDoS-ing him. We have no interest in such behavior. Evidently, that chatterbox has no analytical skills to note that others may have it out for him for whatever reason. With no proof, these are just allegations.

      » Quote comment

    1. holden said:
      With no proof, these are just allegations.

      Exactly. I am encouraged to see that however late to the party you are, Holden, you have finally come around to the view that it is wrong to accuse people of serious matters without proof of the allegations. I am sure that your future comments will reflect your newfound sense of responsibility and good citizenship. Congratulations.

        » Quote comment

      1. I think it is permissible to publicly hate an individual and unless you are threatening, either physically or verbally a protected social group such as gays, blacks, Jews, disabled people, actors, fat people, redheads etc, then a passive expression of hate is protected under freedom of speech laws.

        I believe only Muslims now enjoy a universal prohibition in many western countries of any expression of disapproval toward them of any kind. Thus they can now (and are) demanding more and more special and unique treatment, services and dispensations to the detriment of every other group.

        So until Steve Gibson or Leo Laporte convert to Islam, then saying ‘I hate him…’ should be allowed. Repeating this however at every opportunity, over and over can start to look a little obsessive.

        TL:DR

        ‘I hate Leo Laporte and Lisa Laporte (nee Kentzell)’ but they are both welcome to come ’round for tea and biscuits!

          » Quote comment

  2. I enjoy his podcast but wish he had another co-host. The type of content makes or obvious that Leo is clueless when he interjects trolling comments and remarks.

    It is simplified and often the same topics rehashed, sometimes wrong when it comes to the technics technical details but I get the security headlines at least.

    A side note, did anyone hear Leo in the last SN episode when they talked about the DDoS? Steve explained that a DNS reflection attack can amplify the attack bandwidth so that one user could leverage his bandwidth. Leo went “so it could be that it’s only #oneass!!!”

      » Quote comment

    1. I could get through SN in half the time if they would offer a version with Leo edited out completely from the podcast.

      His pathetic and ineffective attempts at comic relief belie his wealth of insecurities, no doubt brought on by his two-inch micropenis.

      Steve has some interesting things to say, but the show is much less enjoyable when Liar LeWhore is constantly derailing it.

        » Quote comment

  3. The guy is full of shit. I don’t see a retraction of his accusation, maybe some doubt where earlier he was sure it was TD.

    As LeoLaporteFraud pointed out on Twitter, the funniest part of this is Leo thinking he’s so special that it has to be one of his ‘trolls’ who attacked GRC because of his association.

      » Quote comment

  4. Steve needs another co-host who actually cares and has some knowledge to carry a conversation. Even better to record it himself and publish it an all the major platforms audio only. If needed some Patreon support. Better to control your own destiny than to depend on Twit.

      » Quote comment

  5. I don’t think TD needs to defend itself. There have been large numbers of DDOS attacks in the last 48 hours, and it would make sense that Gibson might look into one of those as the source.

    But no, he would rather be a reactionary fool, trying to stir up hatred against people who have nothing to do with his site being down.

    All those people who slam TD for saying irresponsible things – let’s see you now post on Steve’s site (or here) condemning what he’s said – because his words will have a REAL effect, given the size of his audience, as opposed to the effect that this tiny corner of the Internet has.

    Of course, none of the people who condemn TD will ever speak against Steve for doing this. They won’t be able to see what hypocrites they are.

      » Quote comment

  6. Anyone who has listened to Security Now for two seconds knows Steve is not a reactionary type. He never claimed that it was TD performing the attacks. He only made the comment that someone else brought it to his attention that we were probably watching the NNTP, which we obviously are.

    That said, yes, I think he would do better with a different co-host and apart from TWiT, and yes, I would like to be able to fund his show more directly, but realize his show is one of the few valuable podcasts on TWiT. Whereas Leo may have sold out, Steve is consistent in his commitment to good technology content. Let’s not be too quick to condemn him.

      » Quote comment

    1. I agree with you on all counts, Steve could move to a different network but he would have to leave behind the legacy of SN on TWiT, I wonder if he holds the copyright on all the transcripts and audio of the shows?
      I think also a public renouncement of Laporte and SN would be required to clear the air too, a public falling out. Then move on to newer and hopefully better things.
      Steve may be ready to retire anyway, who knows.

        » Quote comment

    2. There’s no question: I would pay $5 or even $10 per month for SN, so long as it had nothing to do with Leo, Lisa, or TWiT.

      I find the content on SN of some value nearly every week, and it’s hardly inconsistent for me to simultaneously dislike Leo while liking Steve.

        » Quote comment

  7. I miss SN but I refuse to listen to it anymore because Leo is involved. I LOVED it when Tom was host, because he actually was interested in the topics and understood what Steve was saying but was able to ask questions in a way that catered to the less tech involved in the audience. Leo is there just for ego purposes.

      » Quote comment

    1. I enjoyed SN when Iyaz Akhtar hosted in Leo’s absence as well, Fr Robert Ballecer was interested in the subjects also.
      Leo just seems mostly absent without leave, a vacuous lump eating and talking to people in the studio during the show and his disrespect for Steve is so obvious, Steve is just a cash cow to him nothing more.

      OK, so I like Steve Gibson (shoot me) but he has given so much over the years, he does work hard for the show, no one can deny that, it pays his bills, so what? We all need some income don’t we?

        » Quote comment

      1. NicoRudy said:
        I enjoyed SN when Iyaz Akhtar hosted in Leo’s absence as well, Fr Robert Ballecer was interested in the subjects also.
        Leo just seems mostly absent without leave, a vacuous lump eating and talking to people in the studio during the show and his disrespect for Steve is so obvious, Steve is just a cash cow to him nothing more.

        OK, so I like Steve Gibson (shoot me) but he has given so much over the years, he does work hard for the show, no one can deny that, it pays his bills, so what? We all need some income don’t we?

        Even Gum acted like he gave a damn when he subbed for Leo!

          » Quote comment

    2. I’m a casual listener to Security Now and listened to TWiT for a while, and I don’t even like Leo Laporte. I’m not sure who would be better for Steve Gibson, but I’d like to think just about anybody.

      However, his statement that CloudFlare protection would tank his company seems disingenuous considering their 100Gbps DDoS protection is $200 per month and he was attacked under 12Gbps load. I’m just scratching my head on this, and it’s making me wonder how much more seriously I should take his detractors.

        » Quote comment

      1. GRC.com has some very specialized TCP tools for testing your exposure on the network. I don’t think Cloudflare DDOS protection is compatible with the types of low-level services offered on GRC. For example, he packet-probes your router on every single TCP service port. (see Shields Up!)

          » Quote comment

        1. Adding Cloudflare would not break any of this. It simply acts as a layer between clients and the server for incoming requests. Outgoing traffic from the server does not have to go through Cloudflare. So he could have all traffic to grc.com go via Cloudflare and his ShieldsUp outgoing traffic could go directly from his server. You’d then instigate firewall rules to only accept responses from those scans back to the server. All other attempts to contact the server directly would be blocked.

          Steve’s server set up seems quite old school and therefore vulnerable to attacks like this. Server configs have moved on a lot in recent years, but as Steve doesn’t work in enterprise and clearly never has, it’s a bit out of his comfort zone.

            » Quote comment

  8. Steve Gibblestone’s main claim to fame was writing a stupid little program “Shields Up” which simply turned on Windows Firewall if it was not already on. Which anyone could do via the Control panel.

    And his follow up is a disk utility which reads a sector and either verifies it and/or re writes it. Like all the miracle additives to motor oil, there are no measurable benefits of doing this. He even has the balls to say it benefits SSD’s.

    His moon-landing-denying followers lap this shit up.

    Hardly the making of a security expert.

    And his ridiculous posting of the 16kb audio and typed transcripts of SN is appealing to the 2 people that actually download them.

      » Quote comment

      1. I subscribe to the podcast (auto-updates in my podcast app) and sometimes replay them to understand the info better, and have on several occasions wished I could just read a transcript so I can do web searches better, but my preliminary searches for them got frustrating (his show notes are like in PDF or something archaic), so maybe I’ll try again, but don’t feel so bad.

          » Quote comment

      2. I used to download them, but now I find it easier to just read up on the security issues of the day. I am reading, “Hack The Stack” instead of wasting time with podcasts lately.

          » Quote comment

        1. Norton/Morse Hater said:
          I used to download them, but now I find it easier to just read up on the security issues of the day. I am reading, “Hack The Stack” instead of wasting time with podcasts lately.

          I started doing the same thing with tech news and all but stopped listening to DTNS. I can’t take all the b team hosts and thier vapid discussion .

            » Quote comment

          1. Lk said: I started doing the same thing with tech news and all but stopped listening to DTNS. I can’t take all the b team hosts and thier vapid discussion .

            Nailed It.

            If i wasn’t so committed to seeing TWiT sink…. this would be my habits as well.

              » Quote comment

          2. Lk said: I can’t take all the b team hosts and thier vapid discussion

            ^This^
            I really wanted to like DTNS, to support Tom Merritt and do still watch from time to time, I just wish Tom would be more selective with his guests, I could honestly listen to him on his own every day, but the guests make it impossible.
            Less is definitely ‘more’ in this case.

              » Quote comment

          3. NicoRudy said: ^This^
            I really wanted to like DTNS, to support Tom Merritt and do still watch from time to time, I just wish Tom would be more selective with his guests, I could honestly listen to him on his own every day, but the guests make it impossible.
            Less is definitely ‘more’ in this case.

            So true. I enjoyed it much more when it was just Tom.

              » Quote comment

    1. I’m afraid you really don’t know what you’re talking about and are now making yourself look silly. But I do however agree with much of what you post on other subjects so I don’t hate you…Promise!

        » Quote comment

    2. Your post contains slight inaccuracies:

      1. Shields Up is a web service, used to check public IP addresses
      for listening ‘open’ ports.

      2. SpinRite has enabled me to ‘fix’ and get data from HDDs that the original OS would not read, so as a purchaser of the product I can vouch that it does what it claims.

      3. typed transcripts allow Google to index the content of the podcast.
      e.g. search “vigilante worm” and grc Security Now! #528 is on the first results page

        » Quote comment

  9. Good post TD, the attacks on Steve are terrible (and illegal)

    And to give TD more credit I have enjoyed it more over the past few months, the level of conversation has definitely been on the uptick. There are still a few commenters that are pretty vulgar and unnecessary, but TD has turned to a place where we can lament about how much we miss the old twit

      » Quote comment

    1. kelso said:
      lol everyone knows it was TotalDrama.

      You realize that TotalDrama is just a publication that editorializes the pathetic life of Leo Laporke and his downward spiral into obscurity right?

      I think we found the real dumbass hacker. Go fuck a goat keslo.

        » Quote comment

  10. I have nothing against Steve Gibson and GRC, believe it or not I was one of the original users of spin rite when mfm and rll sea gate hard disk drives necessitated the need to input a bad sector list and hard disk “type” in the bios. I can vouch for it working on troublesome drives back in the day. Whether they work on SSDs may be a bit of a stretch but what do I know. Now, we all know LL has thrown SG under the bus SO many times before. All I can say SG must have drank LL cool aid, to me he seems like he’s better off on his own. You can hear LL munching on his salads while he Steve is being the “explainer in chief” lol, I say SG leaves now before LL dumps him like a bad habit. Just one man’s opinion.

    TYFC

      » Quote comment

    1. Mark Pugner said: You can hear LL munching on his salads while he Steve is being the “explainer in chief”

      Leo Laporte has to keep eating, topping up the tank or else he would be so thin, he would be hidden behind his fat microphone, much like Frank Sinatra, back in the day.

        » Quote comment

  11. Sorry but Steve Gibson needs a real apology. His statement is shameful. A whole post saying, I have zero proof of anything but, TotalDrama could have done it, and Leo may have knowledge that they did. This is a travesty.

    That is like writing an article that Padre is a possibly a child a molester based on nothing.

      » Quote comment

  12. https://archive.is/RuFHI

    ‘But what I don’t think many people understand is that the
    podcast is SpinRite’s only real marketing and that’s all that
    supports me, GRC, everything here, Sue, Greg, and even to some extent Elaine.
    It’s absolutely true that without the podcast, GRC as we know it today would not exist…’

    So he probably won’t take SN or similar elsewhere, it will end eventually and he will retire. Nothing lasts forever as Steve says.

      » Quote comment

  13. Steve Gibberish Gibson, like nearly all the talking head pundits on twat, absolutely loves the soundsong of his own voice. Which is why he craps on and drones from hours. He’s a human sleeping pill.

      » Quote comment

    1. why denigrate Steve, do you have difficulty understanding what he says ? If you have questions on technical topics you could try posting on one of the excellent stackexchange sites

        » Quote comment

      1. Tiberius said:
        why denigrate Steve

        It’s just becoming an echo, it is human nature to follow the crowd, I’ve done it myself, guilty as charged.
        Steve is suffering from the toxic shadow of Leo Laporte being cast upon him.

          » Quote comment

  14. “They got to Leo by hurting me and GRC.”

    If Steve really thinks Leo has been upset or even disturbed by the attack on GRC, he is deluded.

    I doubt Leo even took a pause from his constant grazing to sympathize with Steve’s predicament. If he did he might have offered support. What’s 200US$ per month to TWiT or compared to Leo’s murse budget, if it would protect GRC’s survival and the SN ad revenue stream.

      » Quote comment

  15. I’m not happy that Gibson said totaldrama claimed responsibility and is later saying something different. Claimed responsibility means something quite specific. It’s clear that didn’t happen.

    Gibson also doesn’t seem to understand that Leo’s belief the attack on Steve was due to his association to twit is based on theory and isn’t from Leo having information he isn’t revealing.

    I think it’s great totaldrama put out their statement. You aren’t speaking to Leo or Steve when you do that. You’re speaking to the attacker should they be using your name. It seems clear now that didn’t happen, but it’s still good to let your statement stand.

      » Quote comment

  16. Should these TotalDrama-guys seek medical help, especially from mental health care-professionals? Can it really be sane to claim to want to help Twit by throwing dirt at its management / founders?

    If these fired guys were really so good at podcasting, why don’t they set up their own competing shop?

    In my humble opinion, this strong feelings they have for Leo are only experienced in narcissistic disorders when the perpetrators feel their bloated ego has been insulted. I mean life handed them a smelly pile, why not move on instead of rubbing their faces in it?

    And stop taking your pitiful crazy grievances at Security Now podcasters (everybody knows its TotalDrama). I used to listen to more than that podcast but now it’s my only twit-show favourite.

      » Quote comment

    1. Also, are you a fan of DarksydePhil [DSPGaming] on YouTube? He also called his critics, and people who got sick of his shit “mentally ill detractors”.

      After most of DSP’s community left, some went on and made a community called Sons Of Kojima. They even have a podcast, and they don’t sound mentally ill. It’s a pretty good community, they even do giveaways.

      The whole DSP/SoK thing is exactly the same situation as TWiT/TD, just that the subject matter is different (gaming).

      It’s so easy to come here, sit on your keyboard, and assume people on here are mentally ill isn’t it?

      This community has good people, I’ve seen no evidence whatsoever in the comments anyone is mentally ill, sarcastic yes, but mentally ill, no.

      I’d love to do a podcast about TWiT and it’s stupidity, I’ve got nothing to hide. If ever such thing happens, maybe you can come on the podcast. Don’t worry, you’ll be treated fairly.

      This message was brought to you by a TWiT mentally ill detractor, and Soup Co.

      Sponsored by Schmucks Inc.

        » Quote comment

  17. I don’t dislike Steve. But he has made SN into a parody of tech. Reading verbatim blog posts? Is that really useful? Spending an hour talking about how his DDOS was mitigated? Hint: It wasn’t . Level3 just turned his network route off, so to speak. Mitigation is actually keeping the site up while shoving garbage out the side.

    I always felt that a good security show would hit the breaking topics and maybe do a bit of in-depth on something. But Steve’s reading tech articles and adding little doesn’t do it for me.

    And in the end Leo doesn’t respect Steve. He only cares about the downloads. Or purported downloads. No-one besides whoever hosts those downloads really knows.

      » Quote comment

    1. Jim said:
      You don’t hate Leo or Twit yet you write these immature rantings? This site is about as pathetic as they come.

      Are you going to assume that people on here who were fans of TWiT need to seek professional medical help too?

      You can pay for mine if you want, instead of sending money to TWiT.

        » Quote comment

  18. WOW. I just sort of wandered into this site, and I’m a little curious why so many folks are expending so much emotion and energy over a couple of guys on a podcast.

    Yes, Leo is annoying, and detracts from the quality of the conversation. But the world is full of “managers” who degrade the signal to noise ratio.

    Yes, Steve is an old fart (so am I). Sometimes he has great info, and sometimes he goes off in the weeds. Sometimes Leo leads him into those weeds.

    But so what? I’m guessing that most people would have trouble being totally riveting week after week, and that sitting in front of a mike trying to fill two hours might lead most of us into the occasional stupid statement.

    Over all, I don’t have the energy for any drama. When the show gets on my nerves I fast forward or simply bail. But getting all worked up about anything as trivial as a podcast is just beyond my understanding.

    Hope everyone can find a little more inner peace.

    Respectfully,
    A Passerby

      » Quote comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Exposing The Dark Underbelly of TWiT, Leo Laporte, and Failed CEO Lisa Laporte