I use the superb free services at freedns.afraid.org to control the DNS for ukstokes.com. This is so I can point www.ukstokes.com and my blog to my webhost, and mail.ukstokes.com and other subdomains to my broadband connection at home, for hosting e-mail for my domain, and other smaller websites that don't need to be reliable.

This weekend, a botnet started attacking afraid.org and bought it and all 4 of it's name servers to their knees, bring mine and hundreds of other websites down. The attack is still going on now. I guess I can't moan too much because my blog and server at home are just for fun, but I feel sorry for the other paying, premium customers who will also have been affected by this, and who's websites downtimes can be directly translated to lost sales and revenue.

I managed to get on to the afraid.org forum for long enough to view the thread describing the attack. Josh Anderson who owns and maintains the services, posted this in the thread:

"I don't want to get too specific on the forums publicly with the fine attack details, but the attack was difficult to filter against at least by the night crew, and was about 300 mbps so the ISP would not allow it in for me to ipfw it off, because it would impact other customers, more then the network its self can handle, and they were not able to build a filter against it to scrub it out for some reason, normally they're reasonably good about it, but this has been going on for like 8 days off and on. Could be the time that it happened, since it was like in the early AM on a Sunday, maybe during business hours things would be different with a different crew, I honestly don't know.

As for retalliation, no one is worth the time it would take to bother attacking back, and other innocent networks that would probably be harmed in the process. I'm simply more exposed to attack vs them, since I actually have a human driven communitiy here. I have to accept it and try to build around it. I need to focus on the beneficial-to-me things I can do to help avoid total downtime vs detremental-to-them things I could do that just wouldn't be worth the effort.

I appreciate the kind words and helpful suggestions guys

Josh"

There's not much I can do apart from wait for the attack to finish and watch for updates on the forum. I want to keep using afraid.org, and it doesn't seem fair to move my custom elsewhere as it's not their fault that this is happening.

No doubt the source of all this is a teenage grunt on a power trip controlling an army of compromised XP computers. I suspect that if the penalties for computer crime were more severe and this sort of stuff was actually policed, he would probably be outside the reach of the law anyway due to his young age. But, somehow I can't see stuff like this EVER being policed, so something else needs to change; Windows needs to become more secure. But it's not only Microsoft's fault, the public at large need to keep their computers updated and understand what happens when they don't. We need to make things less easy for the hackers.

I dread to think how many XP computers there are connected on fast broadband connections, that are always switched on and don't have any anti-virus installed. If all of those computers were suddenly patched, had anti-virus installed and then got rebooted tonight, what would become of the hackers and their software zombies then? Would the Internet stay clean and safe for long? I doubt it. But maybe if one third of the world used Apple Mac's, one third used Linux, and the remainder used Windows, that would begin to make things tougher for them. (yeah, keep on dreaming... )

Technorati Tags: , , , , ,