Features Podcasts Family Video Comics Music Tech Science Books Film & TV Games ✚

Jill

HOWTO survive a DDoS attack

Cory Doctorow at 7:00 pm Wed, Aug 22, 2012

— FEATURED —

THE LATEST

Guatemala: Archive of documents from Rios Montt genocide trial, overturned 10 days after guilty verdict

THE LATEST

Guatemala: Nation's highest court throws out Ríos Montt genocide trial verdict and prison sentence

Feature

Eurovision 2013: An American in London

Book Review

The Twelve-Fingered Boy - mesmerizing YA horror novel

Book Review

Black Code: how spies, cops and crims are making cyberspace unfit for human habitation

— FOLLOW US —

Boing Boing is on Twitter and Facebook. Subscribe to our RSS feed or daily email.

 

— POLICIES —

Except where indicated, Boing Boing is licensed under a Creative Commons License permitting non-commercial sharing with attribution

 

— FONTS —

Tweet
Kindle

The Electronic Frontier Foundation has published a comprehensive, multi-lingual guide to keeping sites that are undergoing distributed denial-of-service (DDoS) attacks alive.

Denial of service (DoS) and distributed denial of service (DDoS) attacks are increasingly common phenomena, used by a variety of actors—from activists to governments—to temporarily or indefinitely prevent a site from functioning efficiently. Often, the attack saturates the target with server requests designed to flood its bandwidth, leaving the server unable to respond to legitimate traffic.

Though the owners of major sites often have the resources to fend off or even prevent such attacks, smaller sites—such as those belonging to small independent media or human rights organizations—are sometimes permanently disabled due to a lack of resources or knowledge.

This guide aims to assist the owners of such websites by providing advice on choosing an appropriate webhost, as well as a guide to mirroring and backing-up their websites so that the content can be made available elsewhere even if their site is taken down by a DoS or DDoS attack.

Keeping Your Site Alive

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

MORE:  arab spring • censorship • ddos • dirty tricks • eff • free speech • happy mutants • howto • videos • web theory • youtube

More at Boing Boing

Eurovision 2013: An American in London

The technology that links taxonomy and Star Trek

  • Matt Drew

    For bloggers, activists, etc, there’s a very simple and cheap solution to a DDoS:

    Just Wait.

    No DDoS can be maintained forever, because they are noisy and obvious. The longer the DDoS goes on, the more zombies are exposed, located, and taken offline, eventually draining the DDoS of its power. Consider that the U.S. government could not sustain a DDoS attack on Wikileaks for more than a week or so, even with what amounts to virtually unlimited resources.

    Obviously for online businesses this is more of a concern, because they lose money when they are inaccessible.  Even so, the impact is similar to a serious storm or other weather event – something to be anticipated, dealt with in a reasonable manner, and otherwise largely ignored. No one on the Internet need fear a DDoS attack. They aren’t the nuclear weapons of cyberwarfare – they are the Internet equivalent of throwing a tantrum.

  • Richard Dale

    I found the overview from EFF to be very basic.  For example, no mention was made of DNS hosting, which I think you should always separate from your Web Hosting (this allows you to reasonably quickly relocate a web site IP address elsewhere which may help in some forms of DDOS that target a specific IP address)