RIAA site intermittently available, now running Linux

The Recording Industry Association of America (RIAA)'s site is now transiently available after an extended outage and now appears to be running Linux.

Inevitably, this will lead to speculation that SCO might add the RIAA to the list of Linux using organizations currently receiving attention from its lawyers.

Of course, the RIAA is itself well endowed with lawyers should it need to defend itself, and just yesterday announced the latest in its own series of lawsuits against Internet users it believes are improperly sharing copyrighted music files.

RIAA site performance

The RIAA site has been offline since March 17 in an outage that closely tracked a scheduled distributed denial of service (DDoS) attack from computers infected by the MyDoom.F virus.

If MyDoom.F was indeed the culprit, it raises an ongoing threat for the RIAA site, as the malware is programmed to launch its DDoS between the 17th and 22nd days of every month.

ASP Cookies offered by the site indicate that the Linux machine has probably been inserted as a reverse proxy in front of the existing Windows servers as part of an attempt to improve site availability.


% telnet www.riaa.com http
HEAD / HTTP/1.1
Host: www.riaa.com

200 OK
Cache-Control: private
Connection: keep-alive
Date: Wed, 24 Mar 2004 17:06:46 GMT
Accept-Ranges: none
Server: TST-SECURE-OS
Content-Length: 15036
Content-Type: text/html
Expires: Wed, 24 Mar 2004 17:06:46 GMT
Client-Date: Wed, 24 Mar 2004 17:06:36 GMT
Client-Peer: 146.82.174.10:80
Client-Response-Num: 1
Set-Cookie: ASPSESSIONIDACCAQQTA=JFDOPGDADGIMCADEOPMCBFCI; path=/
Set-Cookie: tstid=1e1bcc1010b6de32734c584317443b31.00.2618aad9df7cdf5ccc840a9df9a5275f; 
domain=.riaa.com; path=/ Set-Cookie: tstid_wat_.riaa.com= ASPSESSIONIDACCAQQTA=ec9f3581e5a946cc2f1de6fb0600d9c1; domain=.riaa.com; path=/