"Dorkslayers is dead and is unlikely to return."

Unprocessed output from a tcpdump command which captured 10 minutes of data beginning at 8:43 AM on Wednesday 21 May 2003 is now available. (right-click to initiate a download, else if you left-click then your browser may uncompress and display the text data "in-line". Lynx user? Well, you already know what to do).

NOTE: Compressed size is 26 MB, but it uncompresses to 134 MB. It's a text file containing ten minutes of packet data representing 1.1 million DNS queries. I kid you not. Lots and lots and lots of lines similar to

08:54:02.639486 12.7.36.2.3801 > 63.164.70.2.domain: 24462 [1au] A? 122.220.216.198.orbs.dorkslayers.com. (65) (DF)

We have gobs more of this evidence. (Metric gobs, mind you, not standard gobs). Be aware that lower-frequency white-hat queries will also appear in this data.

We believe this to be evidence of a distributed denial of service attack. That is, Dorkslayers was not a victim of its own "success." We would like independent confirmation, please.

If you examine the source addresses identified within the 10 minute data (linked above), you'll notice a statistically significant distribution by /16 sized netblocks. We're not going to say a lot publically, yet, but a post to nan-ae from Wednesday night (that was lost in the flood) is available here as 17 seconds that changed my world.

Opinions and analysis to litigation@goldinc.com.
Please.

Also, if you are licensed to practice law in the States of California, Washington or Oregon and would like to "join in the fun", please let us know.