2009 Planning Guide - My Gift To You!A Freaking DOS Attack
Want to Learn How to Build a Business Not Just a Blog.. for FREE? CLICK HERE Now to Find Out How!
So many of our faithful readers probably noticed that JohnCow was down all day on June 24th 2008.
Want to know why?
A freaking DOS Attack!
Here’s what happened. We came into the office yesterday and started our day and the first thing we noticed was that our website was down. So what did we do? We called our hosting company who then told us that we were hit by a DoS attack and hopefully our website should be up soon. Well our website came back up, at 5pm…. It was down our whole day.
Are you all familiar with what a DoS attack is?
Or actually another name for it is called ‘Denial-of-Service’ Attack. See what happens when this type of attack happens on a website is when somebody is constantly pinging the website over and over and over again. What this will then do is consume resources to the point that our website is shut down like it was all day yesterday. Our hosting provider (Liquid Web) had to reroute the IP that was getting hit, until the attack stops. This one was behind the MCI network and it took a few hours for MCI to take action.
Now normally these types of attacks generally happen to high-profile websites (We feel so Honored! Okay, not so much.), such websites as let’s say Banks or a website that will take credit card payments are often targets. It also appears that the attack was pointed towards a bunch of sites on sitepoint marketplace and since our Video Game Reviews blog from the COWpetition is on the same IP as JohnCow.. well we suffered. (Yes we are addressing this 
)
Now these DoS attacks are actually considered violations of: Laws of individual nations and IAB’s Internet proper use policy.
We thought we would look more into these DoS attacks and see what other websites had been crippled by them this year.
Well on May 29th 2008 – Revision3 posted about how their servers were crippled on Memorial Day weeks by DoS attacks. You can read all about their attack here:
http://revision3.com/blog/2008/05/29/inside-the-attack-that-crippled-revision3/
We also came across another post, here:
http://www.techcrunch.com/2008/04/23/slideshare-slammed-with-ddos-attacks-from-china/
That talks about how SlideShare was crippled by DoS attacks just one day before CNN was also crippled by a DOS attack http://edition.cnn.com/2008/TECH/04/18/cnn.websites/. Now this roughly happened around April 18th 2008.
How about a DoS attack that was set up to cripple the Church of Scientology but instead began to target a school in the Netherlands. http://blog.wired.com/27bstroke6/2008/01/anonymous-hacke.html
So if these attacks are violations, then what’s being done to prevent them?
There is a company out there called ‘Prolexic‘ that is available to help protect websites from these DoS attacks. Wondering how they work? Pretty simple actually, well when a website/server is being attacked they will actually substitue one of their servers.
But what about the actual people? Are we able to find these people who are actually doing the attacks and brand their behinds to teach them a lesson? Well chances are most of these guys are sitting in their parents basement with comic books stacked to the ceiling and have rerouted and cloaked themselves so well that it would be next to impossible to find them.
So the question to them is… imagine what you could accomplish if you actually spent that time doing something to generate income?
Have you ever had a DoS attack?
If you enjoyed this post, make sure you subscribe to my RSS feed!
DoS attacks suck big time…. what is the fun of doing that?? loosers…
cool John.
dos attack goes to popular site only
hope i got one too lol
Jacky Supits last blog post..The Contest Is Not Over Yet! I am fucked!
Why the heck would anyone do such a thing? This is terrible, I would hate to go through something as stupid as this. It is too bad they can’t be found and punished by law, maybe some day this will catch up to them.
I hope things are better for you
Myas last blog post..That was fast! Ezine is getting better and faster!
I’ve never encountered one yet, although my site isn’t nearly as popular to be a target. I was wondering why the site was down all day yesterday (as I became a “regular” yesterday aka bookmarked the site).
Glad to see you’re back John, keep up the quality work.
You are right John, you should be honored, since you are now one of the big boys. I remember ebay getting hit with it back in early 2000. It was shut down for a couple of days.
Think Like An SOBs last blog post..Free Landing Page Friday - Dating
I’m sure people will pop up on DigitalPoint offering DOS attacks as services
lol DP comes on bad voice
Make Money Talkss last blog post..List of quality webmaster freebies - part 3/5 (SEO & keyword research)
John,
Definitely makes you think about a backup server…wow. Digital graffiti is one of my hot buttons. It’s amazing how many ways it shows up. Writing to registry files is not cool, stuffing ads and links into the blog admin log is not cool, meaningless auto-noncomments to blogs is not cool, and DoS attacks are not cool. I would be great if we could catch the perpetrators. Let’s start with the buzzheads that sell them the software to do it? I am not sure they’d make it through the night, if I had anything to say about it! LOL!
Vicki Flaugher
Vicki Flaughers last blog post..Technology Challenged?
Obviously it was Garry Conn tryign to sabotage your sitepoint sale
…just kidding Garry haha
Jims last blog post..ClickBooth Affiliate Network Review
That sucks man!
I have never been under attack… It must be fun for them I don’t know…
Mr. Javos last blog post..Taking Your Blog To Another Level
Sorry to hear that man. I would not have given them credit by writing this post.. that is what they wanted you to do. Now they have proof to send to their script kiddie friends about their success.
Mark Fultons last blog post..Free $50 Credit for Facebook Advertising!
When Revision3 was DOSed it was from a company called MediaDefender that is the MPAAs bully. They have hundreds of servers that place fake packets into torrents and other P2P. Even though their trackers are only for there created content, the were still being attacked by them and supposedly it was an accident that they were DOSed. Unfortunately nothing will ever happen to companies like MediaDefender that do this.
Mark is correct. You have kind of provided an incentive after it has been done. Still, your post just reminded me of how Mozilla unintentionally triggered a DDOS-attack on themselves with the release of Firefox 3!
Fortunately, never been hit. It’s hard to understand the “logic” behind doing such things. Hackers, spammers, DDOS’rs, are the scum of the internet. Billions of dollars wasted every year on these low-life’s. Nuke ‘em all.
If I were you i’d delete this article, I used to DoS small school websites and crappy online gaming communities, you never know who might get pissed at you and DoS you again, and I do not live in my parents basement although I do live with them but that’s cause I’m 14 and I hate comic books.
Germzs last blog post..Cameroon, an Untapped African Gold mine.
Oh So you switch web hosting now. I thought your on a dedi at THC. why switch, John?
Charless last blog post..Lethal Combination: Manny Pacquiao vs David Diaz
I switched hosts because liquid web is much more stable and have an actual phone number you can call for support. THC had only virtual support and plus we already had 6 dedicated servers with liquid eb as well.
Hi there,
I’m CTO for Prolexic. Thanks for mentioning us! Mitigating DDoS attacks well is a tough problem, and (shameless plug) we’ve distributed what we call ’scrubbing centers’ all around the world to absorb attacks close to where they originate. To fight the attacks, we’ve got teams of people working at a carrier level as well as packet-jockeys analyzing multi-gigabit attacks in real-time and applying mitigation strategies using some really amazing technologies.
More often than not, the people behind these attacks are experienced, clever and devious (i.e. not in basements). You can see them adapt their attack strategies rapidly in response to defense strategies to such an extent one has to marvel at the resources at their disposal.
One thing though, it is possible to fight back, and there are groups around the world (both legal enforcement and at the carrier/ISP level) that are pretty quick with disabling classic C&C botnets. Every now and then people also go to jail. Just a few weeks ago Gregory King (in California) got 2 years prison for doing a DDoS. It seems, roughtly, that around the world, if you get caught doing a moderate DDoS and ‘conditions are right’ you land yourself 2 years in jail.
P
Paul, really appreciate the comment. Maybe you could share how your service works and if someone is under a DoS attack what they can do?
I am not that big at the moment and lucky enough never had a DoS, but not that long ago my webhost was hacked, my site was down for most of the day and the worst of it was the webhost didn’t even know they had been hackled!! Should I be worried ?
Hugh
Hugh Frasers last blog post..The Secret Affiliate Code Reveals All…
I too was the victim of a DOS attack, except my attacker was a 14 year-old kid who didn’t like my gaming forum. He decided to attack the site everyday for a month, I was kicked off multiple hosting companies and eventually had to desert the site.
It’s sad that these sort of attacks can’t be prevented, especially on powerful dedicated servers. Hopefully the creep doesn’t do it again, man. Good luck.
Why would they hack JohnCow. It’s pretty awful. I’ve stumbled upon DOS in our school lectures, i didn’t know the damage it actually does until you shared your experience
ragnarok guides last blog post..Ragnarok Database (finally!)
I suffered a DoS on one of my bigger sites earlier this year. I had a good idea who was behind it as I’d recently had some pretty big arguments with somebody over a link exchange I refused. Unfortunately for me the site in question was still on a shared hosting server, after 2 attacks in 2 weeks that both brought the server down the host booted me and I’ve now got that domain on a dedicated server. It’s ended up costing me quite a lot of money, wankers.
Money Making Schemess last blog post..Maybe I Was Wrong About Traffic Kahuna
I agree with what you say: what could you do with that kind of programming and server knowledge if you used it to make money? If I had those kind of skills I wouldn’t be using them to shut down other peoples blogs, I would use them to launch an online empire and make $$$$$$$$$$$$. What a waste.