Sustained LiveJournal DDoS attack continues
7th December, 2011
Blogging site LiveJournal is still being hammered by a distributed denial of service attack which started 10 days ago.
On November 28, the LiveJournal Status website announced in both English and Russian that the site was under a DDoS attack.
The attack appears to have continued over the past 10 days, causing some significant outages and slowdowns. Nonetheless, LiveJournal did manage to stay online throughout most of this period, although the company had to disable support for third party services such as Facebook, Twitter and Google yesterday.
LiveJournal has been owned by Russian media company SUP since 2007, and there has been much speculation that this latest attack could be related to recent elections in Russia. LiveJournal was subjected to a series of similar attacks in March and April this year, which LiveJournal attempted to counter by upgrading their servers.
At 13:15 UTC today, LiveJournal again confirmed that the site was up, but still under a DDoS attack.
Posted by Paul Mutton in Performance
Sustained DDoS attack against 4chan
15th November, 2011
A sustained distributed denial of service attack against 4chan has kept the site's message boards mostly offline since the weekend:
4chan's status page, which is hosted on Google's Blogger platform, announced on Sunday 13 November that the site was down due to a large DDoS attack. 4chan today revealed that the ongoing DDoS attack consists of a UDP packet flood on port 80. Such attacks typically aim to disrupt normal operation of a website, either by saturating all available bandwidth, or by exhausting the processing capacity of a web server, thus denying service to legitimate users.
The attack also affected 4chan's main page at www.4chan.org, which has been intermittently unavailable during the same period:
Many popular internet memes are believed to have originated from 4chan's message boards, including Lolcats and the practice of rickrolling. The boards were also used to recruit volunteers when the group Anonymous carried out a series of DDoS attacks against MasterCard, Visa and PayPal last year. When 4chan itself subsequently suffered a similar attack at the start of this year, 4chan made light of the fact that it had joined "the ranks of MasterCard, Visa, PayPal et al.–an exclusive club!".
Posted by Paul Mutton in Performance
Staples website knocked offline by demand
27th October, 2011
Office product company Staples.co.uk has been knocked offline by the popularity of its own discount voucher codes. The UK website became flooded with traffic after a £20-off voucher code appeared on several popular bargain-hunting sites, including HotUKDeals and the MoneySavingExpert.com forums.
The £20-off voucher code – which did not require a minimum spend – allowed customers to claim up to £20 worth of items for free, leaving only the delivery charge to pay. Although the code could only be used once per customer, several users successfully bypassed that restriction by placing several orders from multiple accounts. Larger discounts and free delivery were available on more expensive items by adding one of several other voucher codes on top of the existing £20 reduction:
A large volume of HTTP requests originating from many different locations can often have the same effect as a deliberately planned distributed denial of service (DDoS) attack, but it is clear that no such attack took place; the site was simply swamped with legitimate requests from its own customers, who were keen to snap up some bargains. It is not yet clear whether orders placed using these vouchers will be honoured – order confirmations have been emailed to customers, but such orders remain subject to approval.
Several other technology retail websites, including Staples, were affected by similarly huge demand in August, when the price of the 16GB HP TouchPad tablet was slashed to only £89. That was also viewed by many as an unmissable opportunity, with a single HotUKDeals forum post alone attracting more than 60,000 comments while its members discussed where they could buy one. The demand continued long after they were sold out, with some TouchPads being resold on eBay for more than twice the original cost.
The Staples UK website became responsive once more around lunchtime today, following the deactivation of the original £20-off voucher code:
Posted by Paul Mutton in Performance
Leader.ir under attack?
16th June, 2011
The website of the Supreme Leader of Iran, Sayyid Ali Khamenei, has been responding very slowly or not at all for most of the day, which is often symptomatic of a distributed denial of service (DDoS) attack. However, with nobody claiming responsibility for such an attack – which is rather unusual lately – there could well be a less nefarious reason for the problems.
Earlier this year, the 'hacktivist' group Anonymous orchestrated a DDoS attack against leader.ir in support of Operation Iran, which accused Iran of operating an illegal regime for the past 32 years. This attack was not successful, but a separate attack against the Islamic Republic of Iran Broadcaster (irib.ir) did appear to succeed.
Posted by Paul Mutton in Performance
Blogger maintenance causes extended outage
13th May, 2011
Blogger is currently experiencing an extended outage after Wednesday's scheduled maintenance introduced some problems. The site was taken down again at approximately 20:00 UTC on Thursday and is still unavailable to blog authors.
Blogger is running in read-only mode while the problem is resolved. This means blogs can still be visited, but authors cannot write new posts and visitors cannot submit comments.
The Blogger Status blog, which is itself hosted on the Blogger platform, has not been updated since Monday. The most recent post read, "Blogger will go into read-only mode Wednesday (5/11) 10:00PM PST for about an hour for maintenance".
There has been speculation that the current outage was caused by a new user interface being rolled out; however, Blogger confirmed through its Twitter stream that this was not the cause.
Some users have expressed anger at losing posts and comments. A Google employee confirmed that Blogger had rolled back to a previous maintenance release, causing all posts and comments made after 7:37 am PDT on May 11 to be removed. The most recent tweet from Blogger suggests that these have only been temporarily removed.
Posted by Paul Mutton in Performance
Fire at data centre sends Aruba offline
29th April, 2011
Italian hosting company Aruba was knocked offline for a few hours today after a fire broke out in the centre of a server farm.
Aruba said the fire involved UPS batteries and confirmed that no servers had been damaged; however, the fire alarm system caused the power to be cut, sending many websites offline. Aruba started restoring power once it was deemed safe to do so.
At the time of writing, Aruba has restored 2 out of 3 data rooms and warns that the ongoing UPS restoration may result in unexpected downtime if there are any further power interruptions. Further updates can be found on Aruba's Twitter page.