Skip navigation

Internet Relay Chat

warning: Creating default object from empty value in /var/www/vhosts/ on line 33.
Original author: 
Todd Hoff

In the moral realm there may be 7 deadly sins, but scalability maven Sean Hull has come up Five More Things Deadly to Scalability that when added to his earlier 5 Things That are Toxic to Scalability, make for a numerologically satisfying 10 sins again scalability:

  1. Slow Disk I/O – RAID 5 – Multi-tenant EBS. Use RAID 10, it provides  good protection along with good read and write performance. The design of RAID 5 means poor performance and long repair times on failure. On AWS consider Provisioned IOPS as a way around IO bottlenecks.
  2. Using the database for Queuing. The database may seem like the perfect place to keep work queues, but under load locking and scanning overhead kills performance. Use specialized products like RabbitMQ and SQS to remove this bottleneck.
  3. Using Database for full-text searching. Search seems like another perfect database feature. At scale search doesn't perform well. Use specialized technologies like Solr or Sphinx.
  4. Insufficient Caching at all layers. Use memcache between your application and the database. Use a page like cache like Varnish between users and your webserver. Select proper caching options for your html assets.
  5. Too much technical debt. Rewrite problem code instead of continually paying a implementation tax for poorly written code. In the long run it pays off.
  6. Object Relational Mappers. Create complex queries that hard to optimize and tweak.
  7. Synchronous, Serial, Coupled or Locking Processes. Locks are like stop signs, traffic circles keep the traffic flowing. Row level locking is better than table level locking. Use async replication. Use eventual consistency for clusters.
  8. One Copy of Your Database. A single database server is a choke point. Create parallel databases and let a driver select between them.
  9. Having No Metrics. Visualize what's happening to your system using one of the many monitoring packages.
  10. Lack of Feature Flags. Be able to turn off features via a flag so when a spike hits features can be turned off to reduce load.
Your rating: None
Original author: 
Nathan Yau

In distributed denial-of-service attack a bunch of machines make a bunch of requests to a server to make it buckle under the pressure. There was recently an attack on VideoLAN's download infrastructure. Here's what it looked like.

So you see this giant swarm of requests hitting the server. In contrast, here's what normal traffic looks like. Much more tranquil.

[via FastCo]

Your rating: None
Original author: 
Dan Goodin

A website that accepts payment in exchange for knocking other sites offline is perfectly legal, the proprietor of the DDoS-for-hire service says. Oh, it also contains a backdoor that's actively monitored by the FBI. is one of several sites that openly accepts requests to flood sites with huge amounts of junk traffic, KrebsonSecurity reporter Brian Krebs said in a recent profile of the service. The site, which accepts payment by PayPal, uses so-called DNS reflection attacks to amplify the torrents of junk traffic. The technique requires the attacker to spoof the IP address of lookup requests and bounce them off open domain name system servers. This can generate data floods directed at a target that are 50 times bigger than the original request.

Krebs did some sleuthing and discovered the site was operated by Justin Poland of Memphis, Tennessee. The reporter eventually got an interview and found Poland was unapologetic.

Read 3 remaining paragraphs | Comments

Your rating: None


First used by the military in the 1990s, online chat systems like IRC have become an indispensable part of tactical communication. Public Intelligence has collected a series of documents about how the protocol is used for calling in support, targeting enemies, and checking in on orders. While chat allows for quick communication even with limited bandwidth, it presents the same challenges civilians see: short messages can be ambiguous or confusing, as in one case where a "large band of hungry camels" ended up being reported as a potential enemy vehicle sighting until the issue was cleared up.

Continue reading…

Your rating: None

The growth of hacktivism, inspired by global social movements such as Occupy Wall Street and the Arab Spring, is helping distributed denial of service attacks make a comeback. The attacks, which use thousands of hijacked computers to overload servers, increased 25% in the first quarter of 2012, compared with the final three month of 2011, according to a new report released by Prolexic, a security firm that helps companies fend-off DDoS attacks.

But the real surge was in financial companies, which have been hard hit by hacktivists. Financial firms monitored by the company saw a 3000% increase in malicious traffic this quarter, as hacker groups, such as Anonymous, went after banks such as Goldman Sachs again and again in pre-announced raids. In a different survey by Arbor Networks, another security firm, political or ideological causes were behind 35% of DDoS attacks, between October 2010 and September 2011.

Hacker groups, with social and political goals are helping bring about a “renaissance” in DDoS, a form of attack security experts had thought was fading. Before mid-2010, more sophisticated hacker exploits, such as cracking passwords, had taken the place of the DDoS assaults that security personnel view as a blunt instrument, said Gunter Ollmann, vice president of research for the security firm Damballa. And the operators of Botnets—the armies of zombie computers used for the attacks—had become more profit minded, using their hordes to run online scams, such as getting people to click on bogus ads.

But the aims of the new attacks are more grandiose, targeting governments and giant companies. Anonymous had promised a “global blackout” on March 31st, when it planned to launch attacks against the world’s root servers, which direct Internet users. The attacks generated almost no stoppage, though.

Neal Quinn, chief operating officer at Prolexic, said the key to dealing with such attacks is to conduct “fire drills” that prepare an organization for the assaults.  “How’re the events going to play out? You need to be able to figure out, if this is a two hour event or a two minute problem,” Quinn said.

Thomas Hughes, director of Media Frontiers, a web hosting company, says an attack in 2011  against one customer– a Southeast Asian news service– lasted six weeks of increasingly large waves of malicious traffic.

Tech staffs should have extra bandwidth available so that when the attacks come, the waves of traffic can be rerouted. Quinn said companies should have a continual dialogue with web-hosting providers to discuss preparedness, emergency contact information and the threat environment in their industry..

Ollmann took a dimmer view–organizations can’t fully prevent
attacks from succeeding and need to be prepared for the worst. ”Even the largest organization in the world can fall,” he said. “You need to have contingency plans in place so you can still carry out business.”

Your rating: None

Is turnabout fair play? A handful of Anons have found themselves on the wrong end of a hack in the wake of the US government takedown of Megaupload. On January 20, just one day after Megaupload founder Kim Dotcom was arrested in New Zealand, an unknown attacker slipped code from the infamous Zeus Trojan into the slowloris tool used by members of Anonymous to carry out DDoS attacks on websites that have drawn their ire. As a result, many of those who participated in DDoS attacks targeted at the US Department of Justice, music label UMG, and also had their own PCs compromised.

Security firm Symantec details how some Anons ended up with Zeus on their systems. After modifying the Slowloris source to include code for the Zeus trojan on January 20, the attacker changed a couple of Pastebin guides used to bring would-be DDoSers up to speed to show a new URL for downloading the Slowloris tool.

Each time Slowloris was downloaded and launched after the 20th of January, a Zeus botnet client was installed too. The Zeus client then stealthily downloaded a "clean" version of Slowloris to replace the modified copy in an attempt to conceal its existence on the infected PC. In the meantime, the Zeus trojan did its usual dirty work: capturing passwords and cookies, as well as banking and webmail credentials, and sending them off to a command-and-control server.

Symantec's research shows the modified version of Slowloris was widely downloaded. "This Anonymous DoS tool on PasteBin has become quite popular among the Anonymous movement with more than 26,000 views and 400 tweets referring to the post," noted Symantec's official blog. 

The compromised version of Slowloris is no longer linked to on Pastebin: it appears that coverage of the shenanigans pulled on Anonymous has resulted in what looks to be a link to the correct verison of Slowloris being restored to the Pastebin guide.

Having Zeus installed on one's PC is absolutely no fun at all, so those who have downloaded the compromised version of Slowloris are going to have their hands full trying to hunt down and eradicate the trojan. Indeed, we see a number of clean OS installs in the immediate future for those who participated in DDoS attacks after the Megaupload takedown.

Read the comments on this post

Your rating: None