SmugMug a victim of attack

onethumb

smugmug was/is the target of a large-scale Denial-of-Service attack. This is essentially the online version of terrorism.

I currently have it under control, but I have my doubts as to whether that will last too long.

Andrew and I are going to make some emergency network upgrades during the day today which should help. Unfortunately, these sorts of things are nearly impossible to combat - our upgrades will only help us get a little more insight into what's going on, but won't significantly help our ability to stop them.

The reason stopping them is so difficult, by the way, is the way DoS attacks occur these days. Rather than a single machine attacking us, it's usually thousands and thousands of them spread across the globe. Who has thousands of machine, you may ask? It turns out that people have made a game and a business out of taking over Windows boxes with security holes and then utilizing them to take out websites like ours.

We'll do our best, and we appreciate your patience.

Don

jamescalder

onethumb wrote:

smugmug was/is the target of a large-scale Denial-of-Service attack. This is essentially the online version of terrorism.

I currently have it under control, but I have my doubts as to whether that will last too long.

Andrew and I are going to make some emergency network upgrades during the day today which should help. Unfortunately, these sorts of things are nearly impossible to combat - our upgrades will only help us get a little more insight into what's going on, but won't significantly help our ability to stop them.

The reason stopping them is so difficult, by the way, is the way DoS attacks occur these days. Rather than a single machine attacking us, it's usually thousands and thousands of them spread across the globe. Who has thousands of machine, you may ask? It turns out that people have made a game and a business out of taking over Windows boxes with security holes and then utilizing them to take out websites like ours.

We'll do our best, and we appreciate your patience.

Don

good luck guys!!!

and excuse me for reposting what i just posted in the other thread... but i think it's worthy:

my local newspaper had a fascinating article about one such hacker in their sunday magazine this past weekend - he's one of the folks who makes his living off creating and using the "botnets" responsible for such Denial of Service attacks: http://www.washingtonpost.com/wp-dyn/content/article/2006/02/14/AR2006021401342.html

Acedia

Who on earth is that mad at a photo service?

onethumb wrote:

smugmug was/is the target of a large-scale Denial-of-Service attack. This is essentially the online version of terrorism.

I currently have it under control, but I have my doubts as to whether that will last too long.

<snip>

It turns out that people have made a game and a business out of taking over Windows boxes with security holes and then utilizing them to take out websites like ours.

We'll do our best, and we appreciate your patience.

Don

I mean - whoah!

garyjwood

Acedia wrote:

I mean - whoah!

Yeah, if anyone should be mad at a photo service, it should be these young women getting mad at Flickr:

http://flickrspy.blogspot.com MOD EDIT: Possibly NSFW. Nothing explicit but you never know how your work may react.

(then again, they did post their images to a publicly accessible site.)

mbrady

Once all the dust has settled, it would be interesting (from a geeky standpoint) to hear the details of what the smugmug team did to counter the DoS attack and also the comment spammers.

renstar

mbrady wrote:

Once all the dust has settled, it would be interesting (from a geeky standpoint) to hear the details of what the smugmug team did to counter the DoS attack and also the comment spammers.

I second this. That sort of thing is always interesting to read. I found slashdot's story on what they did to keep their servers up under the heavy load during 9-11 to be one of the most interesting stories I have read in a long time.

garyjwood

garyjwood wrote:

Yeah, if anyone should be mad at a photo service, it should be these young women getting mad at Flickr:

[ flickrspy dot blogspot dot com ] MOD EDIT: Possibly NSFW. Nothing explicit but you never know how your work may react.

(then again, they did post their images to a publicly accessible site.)

Sorry, should have mentioned that. Personally, I find it kinda creepy, but it's sanctioned by Yahoo as one of the RSS feeds you can put on your homepage.

rainforest1155

renstar wrote:

I second this. That sort of thing is always interesting to read. I found slashdot's story on what they did to keep their servers up under the heavy load during 9-11 to be one of the most interesting stories I have read in a long time.

I'm also in for this kind of stories. So if you got some time and interest to write about those or other incidents - go ahead.

Sebastian

garyjwood

mbrady wrote:

Once all the dust has settled, it would be interesting (from a geeky standpoint) to hear the details of what the smugmug team did to counter the DoS attack and also the comment spammers.

Then again, do we want the hax0rs to know these details?

DodgeV83

*after Smugmug has been down for several minutes*

Your killing my workflow DOS guy!

marlinspike

I guess you guys probably already know the CERT suggestions about how to deal with DoS? http://www.cert.org/tech_tips/denial_of_service.html

bham

Well, for you experts out there, what software to combat adaware, etc should all us dgrinners be running so as not to become a bot?

I have Spybot, Ad-Aware SE, McAfee. I usually run each once every couple of days.

Any other suggestions, besides not letting IE save your passwords to anything.

LiquidOps

onethumb wrote:

people have made a game and a business out of taking over Windows boxes with security holes and then utilizing them to take out websites like ours.

Don

this is all hosted on Windows? eeeeeeek

just pokin fun... good luck guys

Steven

{JT}

bham wrote:

Any other suggestions, besides not letting IE save your passwords to anything.

*cough* just don't run IE

Mike Lane

LiquidOps wrote:

this is all hosted on Windows? eeeeeeek

just pokin fun... good luck guys

Steven

Um, no. The computers that are attacking smugmug are windows boxes that have been hijacked. My guess is Smugmug is a unix (or linux or whatever *nix) system.

aero-nut

onethumb wrote:

smugmug was/is the target of a large-scale Denial-of-Service attack. This is essentially the online version of terrorism.

I currently have it under control, but I have my doubts as to whether that will last too long.

Andrew and I are going to make some emergency network upgrades during the day today which should help. Unfortunately, these sorts of things are nearly impossible to combat - our upgrades will only help us get a little more insight into what's going on, but won't significantly help our ability to stop them.

The reason stopping them is so difficult, by the way, is the way DoS attacks occur these days. Rather than a single machine attacking us, it's usually thousands and thousands of them spread across the globe. Who has thousands of machine, you may ask? It turns out that people have made a game and a business out of taking over Windows boxes with security holes and then utilizing them to take out websites like ours.

We'll do our best, and we appreciate your patience.

Don

Yikes. Well, I imagine that many smugmug'ers would agree with me when I say: you've got a whole community of photo and computer geeks behind you! Keep up the good work!

aero-nut

renstar wrote:

I second this. That sort of thing is always interesting to read. I found slashdot's story on what they did to keep their servers up under the heavy load during 9-11 to be one of the most interesting stories I have read in a long time.

Have a link?

cabbey

{JT} wrote:

*cough* just don't run IE

*cough* just don't run Windows

peestandingup

Mike Lane wrote:

Um, no. The computers that are attacking smugmug are windows boxes that have been hijacked. My guess is Smugmug is a unix (or linux or whatever *nix) system.

Well, according to this post by Baldy, Smugmug uses the Xserve RAID from Apple. And seeing some of the other recent posts from the entire Smugmug team, it sounds like their HQ/homes are full of Macs.

*Waiting for bigwebguy to post something negative about Macs directed towards me*

bwg

peestandingup wrote:

Well, according to this post by Baldy, Smugmug uses the Xserve RAID from Apple. And seeing some of the other recent posts from the entire Smugmug team, it sounds like their HQ/homes are full of Macs.

*Waiting for bigwebguy to post something negative about Macs directed towards me*

hey kerry, wanna know a secret?
i'm planning on getting a macbook.

i dont hate macs/linux nor am i gung-ho microsoft. they've all got their issues. i've just been reading too much slashdot lately and i'm tired of the mac/linux fanboys blaming everything in the world on microsoft.

peestandingup

bigwebguy wrote:

hey kerry, wanna know a secret?
i'm planning on getting a macbook.

i dont hate macs/linux nor am i gung-ho microsoft. they've all got their issues. i've just been reading too much slashdot lately and i'm tired of the mac/linux fanboys blaming everything in the world on microsoft.

I understand. Im a bit of one too, just because I had a Dell forever & was never really happy until my first iMac cube. However I do think macs have issues just like everything else as well. Nothing is hack-proof. If someone really wants to do some damage, they will find a way no matter what OS you're running. However, I think most people will agree that its much easier to do those things on a machine running Windows (as we have seen), just because of the bigger market & it has more security holes than swiss cheese. But, macs have some too, even in the base UNIX code thats been there for awhile now.

But, congrats on the new Macbook Pro. You will love it. From what I hear, its one bad mutha. Let us know. Cheers...Kerry