Fubar Times issue 44 by FUBAR Times

INSIDE AW SUMMIT GAELIC CON LALEXPO XBIZ CAM CON

DDoS

Volume 27 | Issue 4 | 2016

PUBLISHER

Jaguar Web Media

EDITOR

Julius F. Kedvessy

COPY EDITOR

Michelle Leekam

PROOF READER Cindy

PHOTOGRAPHERS JFK

FEATURES DDoS . . . . . . . . . . . . . . . . 24

HOSTING

National Net

CREATIVE DIRECTOR Keith Campbell

PRINTING

SHOWS 24

Get It Done Bindery

DIRECTOR OF OPERATIONS Howling Dogs Enterprises

AW SUMMIT. . . . . . . . . . . . 4

WEB COORDINATOR

GAELIC CON. . . . . . . . . . 30

Sandra J. Kane

LALEXPO . . . . . . . . . . . . . 54

Submissions cia U.S. Mail will not be returned unless requested, and accompanied by an S.A.S.E. Fubar Times reserves the right to revise any accompanied material(s) to fit editorial guidelines. Submission implies the work is original. Those submitting bear the responsibility of any copyright infringement.

XBIZ CAM CON. . . . . . . . 82

The products and services available herein are not to be purchased by minors. The articles and editorials are meant for entertainment purposes only and do not necessarily represent or reflect the opinions of Fubar Times, its affiliates and/or subsidiaries. This publisher in no way offers any recommendation, endorsement or guarantees of any kind in regard to any service, product or person advertised or mentioned within. Therefore, Fubar Times and its publishers may not be held responsible liable or responsible, in any way, for any actions ensuing from advertising. For questions and comments on this publication, please contact us at: 551 N.E. 28th Court, Pompano Beach, FL 33064.

Copyright © 2016 No part of this publication may be reproduced without the express written permission of its publisher)(s). The publisher(s) reserve the right to refuse any advertisement or submission for any reason, including, but not limited to, content or design, with no further responsibility beyond a refund or any payments made. The publisher(s) assume no responsibility for errors and/or omissions or inability to publish due to mistake or any other reason caused or suffered by themselves or their sub-contractors. Such an occurrence will not constitute a breach of any contract and the publisher(s) will be liable only for the price of the ad space ad may, at their option, run a “make good” ad of the same size in a subsequent issue. No right to discount or credit will be given. The advertiser is solely responsible for ad content and photos, and or artwork submitted for their advertisement and shall indemnify and hold harmless the publisher(s) from and against any legal actions resulting from statements, photos or artwork run in their ad due to copyright or trademark infringement, lack of proper releases, slander, libel, unfair trade practices, etc. The advertiser also assumes and takes full responsibility for keeping all records as to the age and identity of all models in submitted photos, as required by law, and providing that all models are 18 years of age or older.

82 2

To contact Fubar Times, or to send questions, comments and submissions, write to: Fubar, 551 N.E. 28th Court, Pompano Beach, FL 33064

AW SUMMIT | 2016

asacp.org | Association of Sites Advocating Child Protection

ASACP needs YOUR vital help and support now! INCREASINg DEmANDS UPON ASACP SERvICES

DECREASINg INDUSTRY fINANCIAL SUPPORT

ASACP Child Exploitation Tipline — over 1 million reports to date Supporting RTA label services – billions of hits monthly to RTA labelled pages/apps Increasing demands by international governments and policy makers for industry regulation to protect children in their digital lives

Fewer industry companies to support our mission Industry consolidations Tougher industry economic challenges

Help ASACP to PROTECT CHILDREN from sexual exploitation, report child sexual exploitation crimes, protect children in their digital lives, PROTECT YOUR BUSINESS AND INDUSTRY by;

Joining ASACP as an approved member or sponsor!

Increase your level of financial support!

Donate to the ASACP Foundation!

(http://www.asacp.org/ index.php? content=donate)

Contact: tim@asacp.org We simply cannot continue to do this without YOUR criticalfinancial support now! It’s the right thing to do! ASACP is extremely grateful for the support shown by our Sponsors, Members and Donors. THANK YOU!!!

PLATINUM Adult Webmaster Empire • MindGeek • Epoch TITLE CCBill • Adult Centro • Southern Charms • Cam4 CORPORATE affil4you • AdamEve.com • AdultWebmasterNet • YourPaysitePartner.com • Rabbit’s Reviews • Cherry Pimps Sextronix • Dating Gold • Gamma Entertainment • OrbitalPay • GTBill, Ltd • I.M. Live • Fleshlight ABOOM • The Lions Den • Porn.com • TUBO • Limited • Sexsearch • SDC.com • Netbilling • MojoHost IN-KIND MEDIA 7 Veils • The European Summit • AVN Media Network • Cybersocket • FUBAR • XBIZ • YNOT

AW SUMMIT | 2016

ecently the digital world was rocked by the largest distributed denial of service (DDoS) in history. The attack again DYN started at approximately 7:00AM on

10/21/16 and originated from at least one Mirai Internet of things (IoT) botnet, with Dyn originally estimating as many as 100,000 endpoints involved. There have been unverified reports published online claiming tens of millions of IP addresses were used to generate attack traffic volume that reached as high as 1.2 TBPS.

As Scott Hilton, Executive Vice President of Products at Dyn explained in a written statement online: â&#x20AC;&#x153;Early observations of the TCP attack volume from a few of our data centers indicate packet flow bursts 40 to 50 times higher than normal. This magnitude does not take into account a significant portion of traffic that never reached Dyn due to our own mitigation efforts, as well as the mitigation of upstream providers. â&#x20AC;&#x153; The attack forced massive traffic sites including Twitter and many others to be knocked offline for extended periods of time, as Dyn (a company that prides itself on its reputation for mitigating DDoS attacks) struggled to restore normal traffic patterns. This fact pattern left many wondering, just how secure are their traffic channels and what else can be done to prevent these kinds of attacks from doing serious damage to

companies that make money moving ad revenue and sales from point A to B online every day? A group calling itself NWH too credit for this particular attack, and made matters infinitely worse by releasing the source code for the BotNet used in this DDoS attack online via github. Now it’s a matter of when copycat attacks will happen, and who will be behind them, not if they will happen or how they will be distributed. In preparing this news report for Fubar Magazine readers, we contacted several hosting companies, cybersecurity firms and high traffic websites. We also spoke with ad networks and media buyers. The one nearly universal reply we got from all of them was that we could use their comments in the article to help inform the public, but only on the condition that we did not name any of their sites or companies in the article because they did not want to bring unwanted attention to their digital properties by taunting potential attackers. What most people do not understand is that even the most robust network of sites can be brought down with a relatively inexpensive attack that turns otherwise useful devices into a nearly endless pool of distribution points echoing the same requests. All those Wi-Fi connected smoke detectors, cameras, thermostats, and home automation apparatus can be weaponized into an army of signal senders for site owners to defend against. One well-informed expert told us point blank “We recently have had DDoS greater than 60 gigabit. Historically, we haven’t been subjected to many because we have an amazing neighborhood of clients doing good business. Thankfully, we learn more with each attack. Most attacks cause no disruption to client service. The worst ones have been minimally disruptive, with the worst being about 25 minutes out of a 5-hour attack using multiple vectors. In

even the most robust network of sites can be brought down with a relatively inexpensive attack…

consideration of the facts, I thought we did great.

that would be fixed, and that’s something few people

Many hosts blow smoke. I think it’s best to be honest

will support. With a few exceptions a packet is a

and realistic. The new reality is these can happen to

packet. While some attacks have a specific signature

anyone or any network. All site owners should make

there are many ways to use legitimate requests as

sure they are watching emails for threats using the

your attack. This is no different than the Reddit hug

keywords “DDOS”, “attack” or “bit coin” so that they

of death, crashing a website because it got on the

don’t miss them. If you receive such a notice, discuss

front page and everyone tried to view the content. It’s

with your host and make preparations, as needed.

a DDOS attack too.”

We continue to enhance routing policies, work with carriers and expand our DDOS mitigation toolset for the benefit of our customers and network.”

As to preparedness, the answers are obvious, but they are also expensive and still remain far short of

Another well know cyber security expert who deals

being perfect. One site owner confirmed that his site

with adult brands pointed out “DDoS is now a major

“was hit pretty hard for about a week, at which point

factor in security, we deal with it on a daily basis,

our host recommended we jump onto Cloudflare

some large some small, some targeted and some just

immediately. We got signed up with the business plan

obliterating everything in its path... Luckily we have

and kept it active for a couple of months. That solved

access to many of the private secure channels where

the DDoS problem almost immediately, and after

these groups that run these fragmented packet

those first two months I just reverted the plan back

attacks hang out, which gives us a unique ability to

to a free account, which I have been at since. I would

mitigate attacks for clients direct from the source

highly recommend Cloudflare just for easy DNS

should they be affected.”

management, which comes with the free plan (and other helpful tools as well). If I were to be attacked

Anyone interested in seeing the path and intensity

directly again, I would upgrade to the business plan

of an attack should take a look at http://www.

and repeat.”

digitalattackmap.com which allows you to monitor Cyber attacks through multiple Military websites such

However others have explained that Cloudflare is far

as US CyberCom, Army Cyber Warfare operations,

from being a simple catchall solution for all DDoS

Homeland Security Cyber Security and GNSOC

attacks. In fact, several raised the possibility of

(Global Network Operations Security Command).

state sponsored attacks, and international terrorism using DDoS as a way to damage the economy of

The core of the problem comes from how easily an

other nations. Going a step further, one expert raised

attacker can create the attack. For starters, “there’s

awareness of the enormous financial stakes involved

always an attack vector if you have enough traffic”

with large-scale DDoS assaults. “Even if you do not

according to an experienced IT professional. “Just

want to consider the idea that it is state-sponsored,

opening a socket connection uses a resource.

look no further than pure old school unadulterated

Open enough and you’ve done the job. No payload

greed. Someone could make a lot of money using

required. Open networking requires you to trust the

large scale DDoS attacks in four easy steps... Step

requestor to some extent. Device identifiers could be

1: Wait for positive quarterly earnings, Step 2: Short

spoofed. Unless you’re advocating closed systems

those stocks, Step 3: Launch a crippling cyber attack

against those companies, Step 4: Buy a yacht and

business as usual was restored. I see DDoS attacks

cruise into international waters.”

like hurricanes, they come through and do a lot of damage but then things get rebuilt and are put back

There are many brilliant minds hard at work trying to

on track. They’ll get better at knocking things down,

solve the current crisis caused by DDoS attacks, but

but we’ll also keep improving at putting them all back

it is fair to say that there just as many brilliant minds

up better than they were before….”

competing with them as hackers continue to threaten the underpinnings of the Internet we have all become

The hurricane analogy is a poignant one. When a

increasingly reliant upon.

large storm would blow through parts of Florida once every few years it wasn’t much of a concern

There is perhaps one important silver lining worth

for most of the world. However, raise the planet’s

mentioning. “People are saying how horrible this

temperature just a few degrees and you start seeing

way, but the truth is it’s actually really good news

horrific weather patterns on a global scale. Now that

overall” said one business owner. “If people were

the DDoS storm is out of the bottle, nobody knows if

still serving data from single points, one computer

it will be an occasional day where Twitter service is

to another, an attack like this could have caused

being rained out, or if outages and ransom notices

permanent damage. The Internet actually did exactly

are about to become the new normal for large traffic

what it is intended to do, by allowing data to be

publishers and consumers world wide.

rerouted and protected until the attack died out and

19. - 21. June 2017 New spectacular location more panels, more party

more Ireland

gaelicwwwconference.com

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

March 23-25 2017

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

LALEXPO LALEXPO

LALEXPO | 2016

| 2016

Podcast • Live Streams

Inside the Industry • News

‘THE VOICES OF THE INDUSTRY’