Hacker News new | past | comments | ask | show | jobs | submit login

How do you accidentally DDoS something?

When there is a crisis millions of people make genuine requests. This has the effect of DDOSing the site. I wouldn't call this an accidental DDOS.

Another accidental form of DDOS would be router manufacturers who deliver misconfigured devices.


> The first widely known case of NTP server problems began in May 2003, when NETGEAR's hardware products flooded the University of Wisconsin–Madison's NTP server with requests.[5] University personnel initially assumed this was a malicious distributed denial of service attack and took actions to block the flood at their network border. Rather than abating (as most DDOS attacks do) the flow increased, reaching 250,000 packets-per-second (150 megabits per second) by June. Subsequent investigation revealed that four models of NETGEAR routers were the source of the problem. It was found that the SNTP (Simple NTP) client in the routers has two serious flaws. First, it relies on a single NTP server (at the University of Wisconsin–Madison) whose IP address was hard-coded in the firmware. Second, it polls the server at one second intervals until it receives a response. A total of 707,147 products with the faulty client were produced.

> NETGEAR has released firmware updates for the affected products (DG814, HR314, MR814 and RP614) which query NETGEAR's own servers, poll only once every ten minutes, and give up after five failures. While this update fixes the flaws in the original SNTP client, it does not solve the larger problem. Most consumers will never update their router's firmware, particularly if the device seems to be operating properly. The University of Wisconsin–Madison NTP server continues to receive high levels of traffic from NETGEAR routers, with occasional floods of up to 100,000 packets-per-second. NETGEAR has donated $375,000 to the University of Wisconsin–Madison's Division of Information Technology for their help in identifying the flaw.

This happens in my country every New Years Eve with the telephone/cell networks. Communication networks are in general designed for a certain base capacity and foreseen spikes withing certain limits.

Imagine all the people in your near proximity wanting to use their phones at the same time...

Another example is the 'hug of death' small (unprepared) web sites suffer when exposed to legit traffic due to being mentioned in HN, Reddit, etc.

It also happens within the electrical grid here in the UK when popular TV shows and major sporting events finish and everyone flicks their kettle on. Sometimes the demand can be so huge we have to borrow power from France to cover it

"Grid employees must also be familiar with popular soap-opera storylines as one might cause a sudden rise in demand"


On September 11, 2001 websites like CNN and NYT all went down because people kept reloading them.

Google ended up mirroring them.

Slashdot effect or more recently HN Effect.


Interesting, I thought OP actually meant actual DDoS. This just seems like a problem of server configuration, lack of resources. Not accidental DDoS.

It's a denial of service (DoS) caused by multiple clients from different origins (D), is it not? No one means to disrupt the service by visiting it but the combined weight of all clients still leads to just that.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact