The latest reported adult-related DDOS attack allegedly started on Jan.18 and involved two unidentified adult websites. The operator of one of the websites launched the attack in an attempt to shut down the other website, a competitor on Internet service provider ISPrime. The attack, which lasted about a day, was followed by another attack the next day. The attacks reportedly resulted in the occupation of about 5 GB/second of ISPrime’s bandwidth before the company was able to filter the hostile traffic.
“This attack was one of the larger and required a bit more effort for our support staff to deal with than typical attacks,” ISPrime CTO Phil Rosenthal told XBIZ, “and it certainly represents a disturbing trend in the sophistication of denial of service attacks, but it was still within our technological capabilities to countermeasure such attacks.”
Such attacks are expected by many to not only become more common, but also to become more sophisticated.
“The potential for being DDOS’d is a fact of life in this business,” affiliate program TopBucks Marketing Manager Q Boyer told XBIZ. “The attacks are actually a threat to everybody — not just our industry. Yahoo, CNN, etc., have had outrages due to DDOS in the past. It’s potentially a threat to anybody and everybody.”
The attacks involve “multiple locations, computers, networks, botnets [and such] sending traffic to your sites en masse in an attempt to overwhelm your infrastructure,” according to Boyer, who noted that he received help from a tech in the company’s department of system administration who preferred to remain nameless.
One form of a DDOS attack that has raised recent speculation is DNS amplification, which involves the implementation of DNS servers in the attack. This form was used in the ISPrime attack. Rosenthal said the latest attack involved about 750,000 legitimate DNS servers.
Regardless of form, DDOS attacks remain a threat that is constantly evolving just like worms and viruses because “people come up with new varieties all the time,” Boyer said.
Whether or not the attacks will become more common remains open to speculation, and the attacks are widely considered difficult to battle, but Boyer, as well as a number of DNS experts, noted that one of the best defenses webmasters can take is having “a good relationship with your upstream provider. Many attacks are unique, and without the help of your upstream provider, there might not be much you can do. The upstream provider can help filter legitimate traffic from the attack traffic.”
Boyer adds that, “Having a lot of available (i.e. excess) bandwidth helps, for sure, and good technical redundancy across your network helps, too. But the best way to prevent the attacks is to avoid making enemies, as strange as that might sound.”
