Brad Fitzpatrick (bradfitz) wrote in news,
Brad Fitzpatrick
bradfitz

Fun with DDoS attacks

As mentioned earlier in lj_maintenance, the site's been under a Distributed Denial of Service (DDoS) attack the past few days. In a nutshell, a DDoS is when somebody takes advantage of hundreds or thousands computer across the Internet whose owners haven't applied the latest security fixes or run anti-virus programs. Then, the attacker instructs his or her army of "zombie" machines to all attack the target (in this case, us), sending bogus traffic to slow things down. This isn't a "hack". If a hack were breaking into somebody's car, this is analogous to releasing a herd of sheep onto a highway to bring it down from 70 mph to 1 mph.

While the attack did kill service for a good portion of the users for almost a day, there is an upside: We've now totally redone the configuration of our backend and setup new hardware/software to just ignore attacks like this in the future. We've also fixed a bunch of our load balancing bottlenecks which the attack highlighted.

As a result, the site is faster and more robust than ever.

We apologize for the downtime, though. We wish there was more we could've done to prevent this. We've extended the expiration date on all paid accounts by 4 days as way of saying sorry.
Subscribe
  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 283 comments
Previous
← Ctrl ← Alt
Next
Ctrl → Alt →
Previous
← Ctrl ← Alt
Next
Ctrl → Alt →