Message from ajva

[ciphergoth]

ajva basically has no LJ access at all at the moment, due to the barriers giving it some relief from the DDoS attack. (what's a DDOS attack?) May the scum responsible be dragged from their homes and beaten to a bloody pulp with baseball bats. Oh, and Bill Gates can have a swift kicking too for encouraging so many people to go online with insecure machines.

From: ajva
Subject: help! Communication death!
To: ciphergoth
Date: Fri, 21 Feb 2003 11:48:35 -0000

I tried to post this to your post about anonymous comments, but it turns out I can't even post comments either (presumably LJ is still blocking my server or whatever) - could you possibly post it somewhere appropriate? Many thanks...

Anne xxx

Hello, ajva here.

I hope you will forgive me hijacking this thread to make a small announcement. But seeing as you mentioned the DDoS attack I thought this was as good a place as any to say that I am completely locked out from my account and have been since the whole attack started. I only just got back into any LJ at all five minutes ago. I can't login at present. I'm assuming this will clear up soon but any geek advice would be welcome.

OTOH, I felt a strange sense of calm yesterday at not being able to see LJ and it was quite liberating. Maybe I should consider LJ holidays, except that then I wouldn't know what any of my pals were up to. Damn. Kind of locked in now, really.

On another note, am feeling faintly embarrassed about my over-effusive hungover gushing about the Tatchman the other day but fortunately louis_mallow turns out to be a sound geezer and you will all be delighted to hear that no further kittens are necessary. ;oP

Anyway, general notice to everybody: please email me if you want anything...

-- ajva@livejournal.com

Comments

[ciphergoth.livejournal.com]

*looks confused*

[kaet.livejournal.com]

All the effective DDOS attacks (over the effects of a regular DOS attack) have been against centralised services. Something like HTTP is vulnerable to DDOS atrtacks because it has centralised sources of data, there are many machines attacknig a single machine. It's more difficult, at the protocol level, to DDOS NNTP, say, because store-and-forward and flexible-feeds in dynamic networks mean that the many machines have to attack many sites for an effect. (Course news has other problems, but that's not NNTP's fault). It's a point-of-failure thing, really.

If zombies attacked something like an authenticated store-and-forward system, there would only be the clientbase of a particular server attempting to deny service by means of congestion (and they're of a more direct bottom-line interest to the server provider anyway). If something got onto the network onto trusted feeds, there'd be more of a problem (and NNTP suffers from that) but denial by cycles or client-server bandwidth wouldn't be as effective.

A bit like the way a mass driving protest by blocking up an important motorway has an effectiveness based on the capacity of surrounding roads. If the network is well-distributed, the cars would cause only minor congestion on all the roads they need block.

[ciphergoth.livejournal.com]

I agree that LJ is excessively centralised, but I think that DDOS attacks are more an indication that the Internet was not designed to survive having a great many poorly administered, insecure hosts on it. Indeed designing a network protocol to survive that would be Really Hard.