http:
//news.zdnet.com/2100-1009_22-6068344.html
By Joris Evers
CNET News.com
Published on ZDNet News
May 3, 2006
About 10 million LiveJournal and TypePad blogs were offline
or barely
reachable for several hours Tuesday as the result of a
massive
denial-of-service attack.
The attack started around 4 p.m. PDT, targeting the popular
blogging
services and the corporate Web site of their provider Six
Apart,
company vice president Anil Dash said in an interview
Wednesday.
Service was back to normal at midnight, according to Six
Apart's Web
site.
"Any large service tends to have a pretty constant
level of attacks,
but this was on a scale that I don't think anybody could
have
anticipated," Dash said. "I think it is of a
scale that would have
impacted any large site on the Web."
In a distributed denial-of-service, or DDoS, attack the
target is
overloaded with requests for information. The requests come
from a
large number of hosts, typically compromised computers. As a
result,
legitimate users can no longer access the site.
Six Apart intends report the attack to the authorities, such
as the
FBI, but hasn't done so yet, Dash said. "We have not
yet had the time
to think about the next steps yet," he said. The San
Francisco company
has some theories on the origin and motivation of the
attack, but Dash
declined to speculate.
Unlike large online businesses, Six Apart isn't typically
the object
of large-scale onslaughts, Dash said. If it does face an
attack, often
the problem is related to the content posted on one of the
blogs it
hosts, he said.
Six Apart's main hosting facility is in a large data center
located at
365 Main in San Francisco. The attack morphed as the blog
company
tried to respond, making it more challenging to deal with.
"They were changing pretty rapidly," Dash said.
"We have learned
enough that if it does happen again, we know what to
do."
Six Apart plans to make amends to its customers, but has not
yet
decided how. Late last year, when it had some performance
issues, it
let its users decide how they wanted to be compensated, Dash
said. "We
will definitely do whatever makes things right for
them," he said.
_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com
|