DDOS Payback

[Luckybit]

How exactly do large scale companies deal with DDOS?

Like Banks, Ebay, US Gov sites, etc?

Clound computing and virtual machines. Also some kind of intrusion detection system.

[1714033742]

1714033742

[Luckybit]

Let me explain about DDoS (I know many here know).

The problem is it's like standing in the middle of a clear field against an unseen army in the forest. You have to stand in the field so people can find you, but you're completely exposed to attack. You just have to be able to take everything that comes your way.

Translated to Web technology this means most sites exposed to significant DDoS attack are effectively disabled. There are mitigation techniques/software to reduce the effectiveness of attacks, but as the link provided above, which gives good information, points out even spending thousands of dollars on expert defenses is not always enough. The only real answer, like standing in that field, is to be big enough and bad enough to take it, having loads of bandwidth, servers, software etc. to ride the attack out. Cloudflare is something that helps the issue greatly, because they take the expensive problem many have independently and address it with consolidated resources. Still, it's an underdog fight to start with.

So how to effectively address DDoS? You might try finding the attacker(s) using social means as mentioned. The problem there is you'll never find everyone if anyone. Pooling resources, money, brain power, etc. in the style of Cloudflare in more organized ways might help.

The problem is more systemic. For example, there are DDoS extortion cases where it's less costly for a victim site, like a profitable gambling one, to pay a ransom then suffer extended downtime.

I'd say you really have to take away the main weapon which is botnets. To do that you have to provided better security against computer sheeple allowing their computers to be used unwittingly. I actually had a business idea which was a computer that was virus proof (it basically stored files in a compartmentalized way, and clean re-installed the OS with a click or on automated schedule) but never developed it.

All you would have to do is build an OS which runs each file in a separate virtual machine instance. This would be equal to compartmentalizing on the file level. So the browser would run in a virtual machine, but so would every other piece of software and all of it in individual sandboxes.

[Luckybit]

speaking of,
i can't get access to https://blockchain.info for the past 40min...

This page (https://blockchain.info/) is currently offline. However, because the site uses CloudFlare's Always Online™ technology you can continue to surf a snapshot of the site. We will keep checking in the background and, as soon as the site comes back, you will automatically be served the live version. Always Online™ is powered by CloudFlare | Hide this Alert

To mitigate these types of attacks you just run multiple versions of the site in multiple virtual machines and simple pause one of them, take a snapshot, make the snapshot live. The data can be migrated in the background.  Basically the way to defeat the DDOS is by cloud based migration.

[Luckybit]

Is this a real attack or just exponential traffic growth?

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html

This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

The purpose is to kill off Bitcoin as a currency and as a community.

[flix]

To mitigate these types of attacks you just run multiple versions of the site in multiple virtual machines and simple pause one of them, take a snapshot, make the snapshot live. The data can be migrated in the background.  Basically the way to defeat the DDOS is by cloud based migration.

So you fight a distributed attack by becoming distributed yourself, becoming a moving target. Nice.

[tpantlik]

Almost every major Bitcoin website has been under DDOS attack over the past few days. It’s becoming a real problem, not just for the exchanges. It is also opening up other vulnerabilities.

Installing defensive tech (like cloudflare) is not enough. Isn’t the Bitcoin community supposed to include some of the best hackers in the world? We should set up a bounty and take the fight to whatever botnets are trying to mess with Bitcoin.

As long as attackers can get away with it for free, attacks will continue. Let's just readjust their incentives a bit  

I suggest setting up:

0. Reward for proving that there is a real attacker
1. Reward for whoever can identify the source of the attacks
2. Bounty for taking down (with prejudice) any major attackers


Considering the potential losses for major Bitcoin businesses if these attacks continue, I’m sure pledging a few coins each for this would be worthwhile. It might also be a good project for the Bitcoin Foundation...

DDOS could come from anywhere – about a month ago there were DDOS attacks on Czech internet banking sites, biggest search engine seznam.cz and some institutions sites. It lasted a FULL WEEK! Now the investigation come to results that those DDOSs comes from NORTH KOREA! Now tell me how you can find who is behind attacks and how do you (legaly) fight with Chinese or North Korea governmet, or Russin botnet operators with contacts to mafia. Hell, I can even imagine that this could be the work of CIA or some other shady organisation.

Fight fire with fire is not the answer, we can only make more exchanges so the attackers cannot DDOS them all. Or just use local/face2face exchanges.

Also if I remember it correctly the Gox is using Prolexic as an DDOS protection and it is used also by big banks around the globe. How is that possible that DDOSers were so succesful? Did the mass histeria and crowds trying to connect to Gox help them?

[tpantlik]

Is this a real attack or just exponential traffic growth?

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html

This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

The purpose is to kill off Bitcoin as a currency and as a community.

What if the mafia or criminal enterprises are finaly looking on Bitcoin as a tool for their shady financial activities. They want some coins for testing so they DDOSed and manipulated the price down, so they can bought a lot of them for cheap. 

[jaime]

Is this a real attack or just exponential traffic growth?

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html

This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

The purpose is to kill off Bitcoin as a currency and as a community.

What if the mafia or criminal enterprises are finaly looking on Bitcoin as a tool for their shady financial activities. They want some coins for testing so they DDOSed and manipulated the price down, so they can bought a lot of them for cheap. 

Lol, lets DDoS the NYSE

[Nite69]

99485 members on this forum and we can't even get a compelling answer to question 0: Is this a real attack or just exponential traffic growth?


(Personally and from what I've gathered from several webmasters this does look like an attack... but I want proof, not opinions).

Gox said 4 hours ago on their twitter feed that this was a DDOS.  Or are you suspecting that Gox is lying about that?  If so, the only people with access to this "proof" you want would be Gox, SoftLayer, Prolexic, or the person actually doing the attack.

Then I guess this is old information:
https://mtgox.com/press_release_20130411.html

[Jay_Pal]

Guys... guys... I have the solution.

Just reroute it all to Paypal.

Although funny that wouldn't be a solution.
It would be as bad we being DDoSed and unfair.
Agreeing or not with their policies, we have no right to desire harm to them.

While on a general level you are correct, and I was joking.... On a personal level, I don't think devoting the life of myself and a crack team of genius engineers to design a temporal displacement device so I could go back in time and cock block the founder of Paypal's father as he was concieving would be at all unjustified..... Just saying.  

Why not instead, use the Sonic Screwdriver™ and fix paypal on it's origins?
Believe me, eBay it's bigger on the inside!!!

[Jay_Pal]

Is this a real attack or just exponential traffic growth?

Related:


 - http://news.netcraft.com/archives/2013/04/11/mt-gox-victim-of-own-success-as-bitcoins-fall-in-value.html

This is true. I've seen all bitcoin related service suffer the same fate in the last few days, including Rugatu, and I don't seem to understand what is the purpose of this sustained attack.

The purpose is to kill off Bitcoin as a currency and as a community.

What if the mafia or criminal enterprises are finaly looking on Bitcoin as a tool for their shady financial activities. They want some coins for testing so they DDOSed and manipulated the price down, so they can bought a lot of them for cheap. 

Mafias, more than anything want liquidity and stability.
They won't enter the Bitcoin bandwagon until both are achieved.
They wouldn't spend money attacking something they don't believe.

[agaumoney]

First they ignore you. Then they ridicule you. And then they attack you and want to burn you. And then they build monuments to you.

Does that mean they are just about to build monuments to bitcoin?   

[Stunna]

If the reward got big enough though the DDOSer might just fake details, predict the next DDOS, claim the bounty and then lay low for a while happy and smug...

This would be a pretty big issue.

The only way to fight ddos is to better develop infrastructure which mitigates it. Current technology isn't powerful enough.

[freequant]

info on where they are getting DDOS'd from

Not sure you undertand what DDoS means...

I would gladly counter DDOS those servers, or help in other ways.

Good luck fighting back a bee swarm...

[freequant]

Almost every major Bitcoin website has been under DDOS attack over the past few days. It’s becoming a real problem, not just for the exchanges. It is also opening up other vulnerabilities.
Installing defensive tech (like cloudflare) is not enough. Isn’t the Bitcoin community supposed to include some of the best hackers in the world? We should set up a bounty and take the fight to whatever botnets are trying to mess with Bitcoin.

Nobody is messing with Bitcoin. Bitcoin is distributed, and so far it's doing fine.
DDoS's are targetting centralized weak-links in the Bitcoin economy, and putting into light how these centralized businesses ARE the real danger for the Bitcoin economy. We should be grateful greedy botnet operators are showing us what our achilles' heel is before this gets exploited mercilessly by our real ennemies. The only way to "fight back" is to make everything decentralized. As an individual, the best you can do is walk your talk and vote with your money by supporting innovative ideas that help decentralizing economic activity.

[TsuyokuNaritai]

I'm assuming for now that this document is FUD, but Timothy R. Wilson ‏(@BitInvestor) just tweeted this:

#Bitcoin DDoS plan possible tomorrow(as always). Do not fall into the trap and panic sell http://pastebin.com/QAPxhEbP  @MtGox @BitStamp @MaxKeiser

===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars

Anyone seen any bogus press about Gox under investigation by Japanese govt? 

[addi]

I'm assuming for now that this document is FUD, but Timothy R. Wilson ‏(@BitInvestor) just tweeted this:

#Bitcoin DDoS plan possible tomorrow(as always). Do not fall into the trap and panic sell http://pastebin.com/QAPxhEbP  @MtGox @BitStamp @MaxKeiser

===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars

Anyone seen any bogus press about Gox under investigation by Japanese govt? 

is supposedly still scheduled for today

[TsuyokuNaritai]

===OPERATION SHOCK AND AWE
===Date: Monday 2013-04-22
===Start time of event: 15:30 UTC
===Goal: Bring bitcoin price < $30 US dollars

I do not think chicken shit they used to pull on likes of PPC and TRC from  BTC-E trollbox  is going to work on Bitcoin.

A few sockpuppets tried it on in the trollbox and everyone laughed in their faces. More people seem to believe it in bitcointalk. Go figure.

[Zedster]

start a rumor that the guy doing the ddos did/said something extremely offensive to islam.  then let al queda behead him.

I like this one. or Make a cartoon of Allah DDoSing the Koran and put the attackers name to it?


On a more serious ignorant note.  Why is not possible to make a virus to disable botnets?  Can viruses (virii?) not be made for good proposes only bad?  This was kinda of discussed earlier in the thread but not exactly.  I would have no idea how to do such a thing but why couldn't a virus be made to disinfect botnet infected machines?  Frustrate the botnet ops like they frustrate those they attack.

[moni3z]

If they were seriously planning on dumping the price and making "$300k" in profits afterwards they wouldn't be telling the world beforehand. This is troolin, esp the "one-million botnet" part