

The Twitter DDoS - geuis
http://www.blyon.com/blog/index.php/2009/08/06/twitter-down-due-to-ddos/

======
pj
Well, you know. Twitter has put themselves right in the middle of a national
uprising in Iran and so are facilitators or perhaps enablers of conflict. I
don't want to get moralistic or anything like that, but it should be expected
that if you are helping one one side of a conflict that could potentially
errupt into a full on civil war, that you are not immune to attack yourself.

I'm not saying this DOS or DDOS is related to the Iran issue, but I am saying
that twitter has become a weapon of sorts, a communication enabler that
benefits one side of a conflict more than another, so an attack like this is
inevitable, even if this particular one isn't coming from the Iranian
incumbents.

~~~
el33th4x0r
The timing is all wrong for that analysis to make sense. It's much more likely
to be a script kiddie trying to build "street cred." Or an extortion attempt
("pay us, or we take your site down").

If I were an attacker, though, I'd attack for a bit, then back off, then
attack, then back off, and so on. Intermittent disruption is far more annoying
for the users than a sustained attack.

------
timdorr
I'm curious to know the scale of this attack. It doesn't appear to be an
exploit-based DDOS, just a raw flood of traffic. I don't know how built out
they are in terms of upfront hardware, but ideally it should be 10G to the
load balancers. And protecting that level of traffic isn't exceptionally
difficult. Pop in 4 Cisco Anomaly Guard Modules and you've got 10G of DDOS
coverage. And given Twitter's visibility and potential for angering folks
indirectly, I think investing in that kind of hardware would be very wise.

~~~
tptacek
The worst DDOS attacks aren't going to melt your load balancers; they're just
going to saturate your connection.

Cisco's anomaly products are designed for service providers, so that they can
build "scrubbing centers" in their POPs. Trying to block DDOS traffic at the
target is playing to lose.

------
ErrantX
just to be clear they are calling it a DOS and not a DDOS - it could well be
the latter but it could also point to another form of attack.

~~~
paulgb
TechCrunch is calling it a DDOS, but as we know accuracy isn't their strong
point.

~~~
nomoresecrets
Just be grateful they're not calling it MSDOS.

~~~
zandorg
Or 'Doctor' DOS!

------
embeddedradical
that illustration cracked me up. i don't use twitter but i'm guessing that
it's better than what they have on their app's error 500 message. maybe they
should buy it.

~~~
pj
Their typical error image is a whale carried by birds. This image is funny
because it's bird carried by whales. The image is a little more lively as
well, with gradients and such.

