February 21st, 2003

Fun with DDoS attacks

As mentioned earlier in lj_maintenance, the site's been under a Distributed Denial of Service (DDoS) attack the past few days. In a nutshell, a DDoS is when somebody takes advantage of hundreds or thousands computer across the Internet whose owners haven't applied the latest security fixes or run anti-virus programs. Then, the attacker instructs his or her army of "zombie" machines to all attack the target (in this case, us), sending bogus traffic to slow things down. This isn't a "hack". If a hack were breaking into somebody's car, this is analogous to releasing a herd of sheep onto a highway to bring it down from 70 mph to 1 mph.

While the attack did kill service for a good portion of the users for almost a day, there is an upside: We've now totally redone the configuration of our backend and setup new hardware/software to just ignore attacks like this in the future. We've also fixed a bunch of our load balancing bottlenecks which the attack highlighted.

As a result, the site is faster and more robust than ever.

We apologize for the downtime, though. We wish there was more we could've done to prevent this. We've extended the expiration date on all paid accounts by 4 days as way of saying sorry.