Posted on February 2, 2010 - by Venik
Novaya Gazeta and DDOS Attack
The Register, among others, reports that the Web site of one of Russia’s leading independent newspapers – the Novaya Gazeta – came under a distributed denial-of-service (DDOS) attack. Currently the newspaper’s site is unstable. The reason I even noticed this news item is not because I am a big fan of Novaya Gazeta. It is a relatively small outlet financed by American billionaire and stock investor George Soros. NG’s publications are invariably sensationalist and unreliable. This small newspaper is number one among Russian periodicals in the number of lawsuits filed against it and the amount of court-ordered retractions and apologies it had to print over the years. No, the reason I bring this up is because I know a guy who used to support their Web server.
DDOS attacks are relatively common. All those viruses you install on your PC when browsing for porn and searching for free stuff online help hackers take control of your computer and use your networking resources. Usually you don’t suspect a thing. A hacker initiates a DDOS attack through a number of “handlers”: networked servers that connect to compromised PCs all over the Internet and use them to assault a particular system, network segment or Internet Service Provider. There are effective defenses available again DDOS attacks. Most of these defenses, however, have to be implemented several levels higher than the target Web server.
Here’s an example: my site is hosted by Bluehost.com – a crappy shared hosting provider from Utah with which I am stuck for another year due to the terms of contract. Should someone launch a DDOS attack against my site, there is really nothing I can do to fight it. I have no control over the server or the network. But even the server admin at Bluehost would not be able to do much. A large scale DDOS attack can generate upwards of a million requests per second. The problem with DDOS attacks is identifying which incoming traffic is legitimate and which traffic is a part of the attack. Analyzing a million requests per second is no trivial task. This is usually handled by the ISP and not the hosting provider, the sysadmin or the Webmaster.
And this brings me back to my friend who used to work for Novaya Gazeta. He told me that these attacks were fairly common due to the scandalous nature of the newspaper. Usually the attacks were not intensive enough to cause any significant downtime. However, my friend urged his bosses to reconsider their choice of ISP because their current provider – Relline – paid little attention to defending against DDOS attacks in the past. My friend also argued for a mirror server to be installed on a different network – preferably with a much larger provider in the US. The logic is simple: when a DDOS attack is launched, it usually targets a specific IP address or IP range. DDOS attacks rarely target the domain name (a domain name is linked to a specific IP address).
When a DDOS attack occurs and you have a mirror server located on a different network, all you need to do is to update DNS (domain name service) records to point your domain name to the IP address of this new server. NG’s management was too cheap to procure a backup server or to find a more reliable provider and is now losing revenue because the paper’s site is down. Naturally and as usual, Novaya Gazeta prefers to blame the dark forces inside the Kremlin for all of the world’s problems:
“Evidently, it was not amateurs, not hooligans (that) did this,” the paper’s deputy editor, Andrei Lipsky, told the Associated Press. “It is a deliberate act. We can only guess who stands behind this.”
KGB, no doubt…
Popularity: 2% [?]
Join the forum discussion on this post - (1) PostsRelated posts:
0 Comments
We'd love to hear yours!
Leave a Comment
Here's your chance to speak.
News from Russia- Fire at Moscow nuclear institute, Russia says no risk
(Reuters) February 5, 2012MOSCOW (Reuters) – There was no risk of a radiation leak after a fire broke out at a Moscow nuclear research center housing a non-operational 60-year-old atomic reactor Sunday, said officials, but Greenpeace Russia expressed serious concern about the incident. The fire broke out early Sunday in a part of the Alikhanov Institute of Theoretical and Experimenta […]
- Anti-Putin protesters show staying power in Russia
(Reuters) February 5, 2012MOSCOW (Reuters) – Vladimir Putin's opponents vowed on Sunday to press on with demonstrations against his 12-year domination of Russia after tens of thousands attended a march which kept up the momentum of their protest movement. "We'll be back," the organizers said on a social network site, one day after demonstrators defied the cold to […]
- Moscow support for Assad well-calculated
(AP) February 5, 2012MOSCOW – By bluntly using its veto power to block a United Nations resolution urging Syrian President Bashar Assad to step down, Russia has shown a willingness to defy the West at a scale rarely seen since the Cold War times. The price Russia will have to pay in international condemnation of its action clearly doesn't seem excessive to the Russian leade […]
- Russia protest movement shows its staying power with massive rally
(The Christian Science Monitor) February 4, 2012Moscow – Defying predictions that Russia's protest movement had run out of steam, or that bone-chilling winter cold would keep them away, tens of thousands of people converged on downtown Moscow Saturday to demand fair elections and an end to political corruption. Estimates of the pro-democracy crowd ranged from […]
- Russians stage rival protests over Putin
(Reuters) February 4, 2012MOSCOW (Reuters) – Tens of thousands of Russians defied bitter cold in Moscow on Saturday to demand fair elections in a march against Vladimir Putin's 12-year rule, while supporters of the prime minister staged a rival rally drawing comparable numbers. Smaller protests were held in other cities across the vast country maintaining pressure on Putin one m […]
- Fire at Moscow nuclear institute, Russia says no risk
(Reuters) February 5, 2012
Site stats
