Comment Replies (3)
|
Replies to the user comment above. |
Msg # |
User |
Message |
Date |
1
|
damon21 (0) Webmaster
|
(part 1 of 2)
Dear Huge,
We are sorry that you having bad experiences with our wesites lately.
I will try to explain what is going on.
Our servers have again been under DDoS attacks for the last few weeks now. (Most likely caused by our competitors.)
For those who don't know much about DDoS attacks I've copied a part of the Wikipedia DDoS article here:
-------------------------------------------------------------------------------------
"Distributed attack - A distributed denial of service attack (DDoS) occurs when multiple compromised systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods. [...]
A system may also be compromised with a trojan, allowing the attacker to download a zombie agent (or the trojan may contain one). Attackers can also break into systems using automated tools that exploit flaws in programs that listen for connections from remote hosts. This scenario primarily concerns systems acting as servers on the web. [...]
These collections of compromised systems are known as botnets. DDoS tools like stacheldraht still use classic DoS attack methods centered around IP spoofing and amplification like smurf attacks and fraggle attacks (these are also known as bandwidth consumption attacks). SYN floods (also known as resource starvation attacks) may also be used. Newer tools can use DNS servers for DoS purposes. [...]
More sophisticated attackers use DDoS tools for the purposes of extortion — even against their business rivals.
It is important to note the difference between a DDoS and DoS attack [...] if an attacker uses a thousand zombie systems to simultaneously launch smurf attacks against a remote host, this would be classified as a DDoS attack.
The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track down and shut down. These attacker advantages cause challenges for defense mechanisms [...]"
(full article: http://en.wikipedia.org/wiki/Ddos#Distributed_attack)
-------------------------------------------------------------------------------------
We are working together with a traffic filtering partner (Prolexic) who is a market leader in the field of defending websites on the Internet. They have different techniques to separate 'bad' and 'good' incoming traffic. However there is no solution which meets all requirements - to filter all bad guys and to let all real visitors in.
|
03-06-08 11:47pm
Reply To Message
|
2
|
damon21 (0) Webmaster
|
(part 2 of 2)
Our partner filters our incoming traffic but when filtering 'bad' traffic some 'good' traffic is also filtered out, because it is really hard to decide which server request is for viewing the website content and which one is for overloading our servers (in other words: attacking us).
The worst thing is that attackers are simulating normal visitors' behavior very well.
The result of this filtering is what you see as unavailable or slow websites, problems with downloads, etc. However there are some lucky places on the planet where all seem to be almost ok.
We are about to invest more in defense solutions in order to have this situation resolved as soon as possible to be able giving the service we are here for. But we need some time to proceed with all this technical stuff and new partners.
I hope this post will clear up some things about the recent problems with our websites.
If you experience any malfunctions on our websites, please
- contact our customer support at support [@] 21sextury.com
- in the case you can't even reach our websites, please send us your IP so we can have our filtering partner to put it onto their whitelist
- if you'd like to get a refund, please let us know and we'll give you a refund
- when we'll back to full normal operation as a compensation we'll give away free access for active members to additional websites in our portfolio
We appreciate your understanding and we're sorry for the inconveniences these attacks are causing.
All the bests,
Damon Baker
21sextury.com
|
03-06-08 11:48pm
Reply To Message
|
3
|
huge (0)
|
REPLY TO #2 - damon21 :
The site has been much better over the last few weeks -- hopefully you are now over the worse of the attack.
|
03-25-08 04:04pm
Reply To Message
|
*Message rows highlighted in light orange are replies to replies. |
|