DDOS & Dumb Choices

Recently one of the sites I manage was subjected to a DDOS attack. It was not DDOS attack per-se, but someone wanted some very specific data from the site and thought it would be a good idea to contract it out to a ‘bot farm. The reason I say that they wanted some data was that the urls were very specific. The net effect was a DDOS because lots of ‘bots from everywhere around the world were hammering the site for this data, over and over again. We were lucky in that the attack started slowly so we were able to check the HTTP request used to see how we could screen for it and turn away requests before they got too far down the stack. The attack lasted about 5 days.

A few things to note about this. The HTTP request was easily recognizable so could be screened out. The data was spread over 160 pages with one page summarizing the data so one single request would have gotten the data. Because we were able to screen out the requests the ‘bots failed to get the data. There is a contact form on the site and they could have just asked.


2 Responses to DDOS & Dumb Choices

  1. nvt1 says:

    The irritation of the open internet and the ease with which these kind of attacks can take place…especially since they could have just asked for it…!

  2. Pingback: Taz Crawlers From China | François Schiettecatte's Blog

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: