[ISN] Cyberattack knocks millions of blogs offline

From: InfoSec News (isn@private)
Date: Thu May 04 2006 - 01:16:44 PDT


http://news.zdnet.com/2100-1009_22-6068344.html

By Joris Evers
CNET News.com 
Published on ZDNet News
May 3, 2006

About 10 million LiveJournal and TypePad blogs were offline or barely
reachable for several hours Tuesday as the result of a massive
denial-of-service attack.

The attack started around 4 p.m. PDT, targeting the popular blogging
services and the corporate Web site of their provider Six Apart,
company vice president Anil Dash said in an interview Wednesday.  
Service was back to normal at midnight, according to Six Apart's Web
site.

"Any large service tends to have a pretty constant level of attacks,
but this was on a scale that I don't think anybody could have
anticipated," Dash said. "I think it is of a scale that would have
impacted any large site on the Web."

In a distributed denial-of-service, or DDoS, attack the target is
overloaded with requests for information. The requests come from a
large number of hosts, typically compromised computers. As a result,
legitimate users can no longer access the site.

Six Apart intends report the attack to the authorities, such as the
FBI, but hasn't done so yet, Dash said. "We have not yet had the time
to think about the next steps yet," he said. The San Francisco company
has some theories on the origin and motivation of the attack, but Dash
declined to speculate.

Unlike large online businesses, Six Apart isn't typically the object
of large-scale onslaughts, Dash said. If it does face an attack, often
the problem is related to the content posted on one of the blogs it
hosts, he said.

Six Apart's main hosting facility is in a large data center located at
365 Main in San Francisco. The attack morphed as the blog company
tried to respond, making it more challenging to deal with.

"They were changing pretty rapidly," Dash said. "We have learned
enough that if it does happen again, we know what to do."

Six Apart plans to make amends to its customers, but has not yet
decided how. Late last year, when it had some performance issues, it
let its users decide how they wanted to be compensated, Dash said. "We
will definitely do whatever makes things right for them," he said.



_________________________________
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.
www.blackhat.com



This archive was generated by hypermail 2.1.3 : Thu May 04 2006 - 01:38:02 PDT