ddos

How the Spamhaus DDoS attack could have been prevented

Nearly 13 years ago, the wizardly band of engineers who invented and continue to defend the Internet published a prescient document they called BCP38, which described ways to thwart the most common forms of distributed denial-of-service attack.

BCP38, short for Best Current Practice #38, was published soon after debilitating denial of service attacks crippled eBay, Amazon, Yahoo, and other major sites in February 2000. If those guidelines to stop malcontents from forging Internet addresses had been widely adopted by the companies, universities, and government agencies that operate the modern Internet, this week's electronic onslaught targeting Spamhaus would have been … Read more

Did the spam cyber fight really slow down the Internet?

Reports from Internet monitoring services show that recent news of a cyber attack so big that it made the Internet slow to a crawl around the world was a bit dramatic.

The New York Times reported about spam-fighting nonprofit Spamhaus and a distributed-denial-of-service attack on the Dutch group's site that became the "largest computer attacks on the Internet" and caused a "widespread congestion and jamming crucial infrastructure around the world."

Matthew Prince, the CEO of CloudFlare, the company enlisted to fight the attacks for Spamhaus, told CNET today that the attacks -- which ceased yesterday … Read more

Cyberfight puts a drag on the Internet

A cyberwar is under way between two companies over a recent move made by one.

Spam-fighting organization, Spamhaus, which works with e-mail providers around the globe to block spam from entering in-boxes, has been in a battle over the last week that has seen distributed denial of service (DDoS) attacks exceed by several times the typical attacks inflicted on organizations.

Spamhaus hosts a blacklist made up of servers that, it believes, are designed to send spam around the world. Recently, the organization added a Dutch Web hosting company named Cyberbunker to its blacklist. Cyberbunker, which gets its name from its … Read more

Denial-of-service attack takes down JP Morgan Chase sites

The Web sites for banking giant JP Morgan Chase are offline this afternoon as the result of a distributed-denial-of-service attack, a representative told CNET.

The site's usual banking tools and content were replaced this afternoon with a message that said:

Our website is temporarily down, but our branches and Mobile Apps are available. Please try again later. The representative couldn't say how long the site had been down or how long it would be until service was resumed.

Hackers have ratcheted up their assaults on financial institutions in recent months, using DDoS attacks to take down Wells Fargo, … Read more

GitHub suffers through second day of denial-of-service attacks

GitHub, a leading repository of open-source code, has been hit by two days of denial-of-service attacks.

The attacks, which shut the service down temporarily on Thursday, and which slowed it down today before things returned to normal, were an odd turn of events for a site that's a favorite among coders, and an increasingly popular place to find programming talent.

According to GitHub's Liz Clinkenbeard, the service suffered a "major service interruption" due to a distributed denial-of-service attack yesterday, and a minor interruption on GitHub Pages today due to a denial-of-service attack. The service is back … Read more

Wells Fargo is latest bank to be hit by cyberattacks

Wells Fargo is the most recent mega-bank to be hit by a distributed denial-of-service attack. According to the Wall Street Journal, roughly 220 customers filed complaints of outages on its Web site today saying they had problems logging on.

"The amount of bandwidth that is flooding the websites is very large, much larger than in other attacks, and in a sense unprecedented," chief executive of private security firm CrowdStrike Dmitri Alperovitch told the Wall Street Journal.

Last week, similar attacks happened on J.P. Morgan Chase and Bank of America's Web sites. Users would try to log-on … Read more

Go Daddy-serviced Web sites go down; hacker takes credit

Web sites serviced by DNS and hosting provider Go Daddy were down for most of today, but were back up later this afternoon. A hacker using the "Anonymous Own3r" Twitter account claimed credit for the outage.

"Things are restored," Go Daddy spokeswoman Elizabeth Driscoll told CNET just before 5 p.m. PT today. She said she did not have many details and was hoping to be able to give an update with more information in the next 24 hours.

In an interview this afternoon, Driscoll reiterated that she could not say what the cause of the … Read more

Hackers hit Swedish Web sites in support of Assange

A group of supporters of WikiLeaks founder Julian Assange claimed responsibility today for hacking into and jamming several Swedish government Web sites, according to the Associated Press.

Initiating a denial-of-service attacks, the hacking group reportedly took down the Web sites of the Swedish government, armed forces, and the Swedish Institute for several hours.

According to the Associated Press, it isn't clear who was behind the attacks but an unidentified group announced responsibility on Twitter and told the Swedish government to take its "hands off Assange."

This is the second attack on government Web sites in Assange's … Read more

WikiLeaks endures a lengthy DDoS attack

It's unclear who or what is after WikiLeaks, but the document-leaking organization claims someone is.

According to its Twitter feed, the organization has sustained a several-day Distributed Denial of Service (DDoS) attack that has left its Web site effectually inoperable.

"The attack is well over 10Gbits/second sustained on the main WikiLeaks domains," read one of several tweets the organization posted on Friday. "The bandwidth used is so huge it is impossible to filter without specialized hardware, however... the DDoS is not simple bulk UDP or ICMP packet flooding, so most hardware filters won't work … Read more