[OPLIN 4cast] OPLIN 4Cast #258: DoS'd for the holidays

Editor editor at oplin.org
Wed Nov 30 10:33:27 EST 2011 

Email not displaying correctly? View it in your browser. 
<http://www.oplin.org/4cast/>
OPLIN 4Cast

OPLIN 4Cast #258: DoS'd for the holidays
November 30th, 2011

<http://www.oplin.org/4cast/wp-content/uploads/2011/11/denied_sm.png>Late in 
the afternoon on Black Friday, the oplin.org website was hit by an 
apparent Denial of Service (DoS) attack. DoS and DDoS (Distributed 
Denial of Service) attacks overwhelm a website with so many requests for 
connections that the webserver is too busy with this "junk" traffic to 
respond to legitimate traffic. As a result, it looked like the OPLIN 
website, and all the services that run on the same server - like the 
/4cast/ - were offline for a couple of hours until we stopped the 
attack. Why was oplin.org targeted? Good question, since it's a pretty 
innocuous website, but certainly the timing of the attack suggests that 
we may have been an innocent victim of a general increase in DoS attacks 
that happens around the holidays.

    * E-commerce, retail websites alert for DDoS attacks this holiday
      season
      <http://www.eweek.com/c/a/Security/ECommerce-Retail-Websites-Alert-for-DDoS-Attacks-this-Holiday-Season-308996/>
      (eWEEK/Fahmida Y. Rashid) "DDoS attacks increased by 30 percent in
      2010, and the number is expected to be higher in 2011, according
      to Gartner estimates. The attacks have also been escalating in
      size and complexity in 2011, according to Paul Sop, chief
      technology officer at Prolexic. Attackers generally are throwing
      more packets, using more bandwidth and targeting the application
      layer, Sop said. E-commerce businesses aren't the only ones that
      have to worry about DDoS attacks during this holiday season, as
      hospitality, gaming and shipping services should also be on high
      alert for DDoS attacks, Sop said."
    * Corero advises retailers of risks associated with DDoS attacks
      during holiday shopping season
      <http://www.businesswire.com/news/home/20111122005131/en/Corero-Advises-Retailers-Risks-DDoS-Attacks-Holiday>
      (BusinessWire) "DDoS attacks bring victim websites to a crawl or
      halt, using network flooding techniques that have been in use for
      more than a decade, and more recently, insidious application-layer
      attacks which are very difficult to detect. Online commerce
      depends on sites that are responsive and always available.
      Frustrated customers will quickly abandon an unresponsive site and
      go to another."
    * Firewalls can't keep up with DDoS attacks
      <http://www.pcworld.com/article/243743/firewalls_cant_keep_up_with_ddos_attacks.html>
      (PCWorld/John E. Dunn) "The survey of 1000 medium and large
      organizations in ten countries found that up to 45 percent of
      respondents experience such attacks on a regular basis, a mixture
      of application and network-layer incursions. About half rated
      denial of service attacks as highly effective with 79 percent
      saying they still relied on firewalls
      <http://www.pcworld.com/businesscenter/article/221533/new_firewalls_should_increase_protection.html>
      to deflect them despite 42 percent finding that such devices were
      ineffective against conventional attacks at the network layer."
    * Happy holidays: 5 ways to use DoS testing to thwart cyber
      extortion
      <http://www.breakingpointsystems.com/community/blog/cyber-monday-cyber-attack/>
      (BreakingPoint/Pam O'Neal) "...online businesses still fear these
      threats, with little confidence in the DoS mitigation and security
      measures put in place to protect them. This is especially true for
      Internet retailers, the latest victims of hacker-extortionists.
      Internet retailers have a small window to 'get it right' when it
      comes to hardening their resiliency to DoS or DDoS attacks. And
      the post-Thanksgiving Cyber Monday is part of that small window."

*/Method fact:/*

Kaspersky Labs reports 
<http://www.securelist.com/en/analysis/204792189/DDoS_attacks_in_Q2_2011> that 
the "HTTP flood" method, which simply sends a huge number of HTTP 
requests to the targeted site over a short period of time, accounted for 
88.9% of all DDoS attacks in the second quarter of 2011.
------------------------------------------------------------------------
The */OPLIN 4cast/* is a weekly compilation of recent headlines, topics, 
and trends that could impact public libraries. You can subscribe to it 
in a variety of ways, such as:

    * *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
      subscribing to the following URL:
      http://www.oplin.org/4cast/index.php/?feed=rss2.
    * *Live Bookmark.* If you're using the Firefox web browser, you can
      go to the 4cast website (http://www.oplin.org/4cast/) and click on
      the orange "radio wave" icon on the right side of the address bar.
      In Internet Explorer 7, click on the same icon to view or
      subscribe to the 4cast RSS feed.
    * *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
      OPLINlist and OPLINtech) by subscribing to the 4cast mailing list
      at http://mail.oplin.org/mailman/listinfo/OPLIN4cast.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.oplin.org/pipermail/oplin4cast/attachments/20111130/9c37640d/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kubrickheader.jpg
Type: image/jpeg
Size: 38379 bytes
Desc: not available
Url : http://lists.oplin.org/pipermail/oplin4cast/attachments/20111130/9c37640d/kubrickheader-0001.jpg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: denied_sm.png
Type: image/png
Size: 24740 bytes
Desc: not available
Url : http://lists.oplin.org/pipermail/oplin4cast/attachments/20111130/9c37640d/denied_sm-0001.png

More information about the OPLIN4cast mailing list