Winds of Change.NET: Liberty. Discovery. Humanity. Victory.

This is a Printer-Friendly version of a single Winds of Change.NET article

Special Report: Cyber-Attack on Warbloggers

By Joe Katzman on October 21, 2003 8:18 PM
This update from reader Ken Barnes checks out... there appears to be another round of DoS cyber-attacks in progress against a number of prominent warblogs. I suppose it surprises no-one here that Hesiod at Counterspin posts to approve. Idiot. The Attack Instapundit is was down (but Instabackup is up and working!), ditto Citizen Smash (backup site here), LGF, Tim Blair, The Command Post, and Iran's blogfather Hossein Derakhshan. UPDATE: Seems to be resolved now in some cases. At one point, it involved almost everyone at Hosting Matters... our blogson, LaughingWolf (backup site here), Daniel Drezner (backup), Jeff Jarvis, Vodkapundit, Pejman (Pejmanbackup), DailyPundit, Emperor Misha I (thoughts | future backup blog), etc. On the Left, team member and Latin America specialist Randy Paul of Beautiful Horizons points out that Calpundit, Talkleft, Matthew Yglesias, et. al. were also taken down. Am I glad we recently moved to Bloghosts.com? Yup. The Whole Story As usual, one of our readers offers a complete briefing in the comments section, and Winds of Change.NET strongly encourages donations to help one of the main targets recover. If you want a good intel briefing re: who might be behind all this, then of course Dan Darling is your man. Great job, again... can the CIA just hire him already? The Future Dan and I agree: expect more of the same in future. There are many countries in which politically-motivated cyberattacks like this one will elicit indifference from the authorities and local network owners - or even attract active support. This isn't just an al-Qaeda vs. bloggers scenario, either. The government of Indonesia has used DDoS attacks in the past, for instance, to take down East Timor's entire Internet domain space. Does anyone really think they'll be the last ones to try something like that? Unfortunately options like router-level IP block filtering and similar measures would support the freedom-haters in those societies, by cutting their people off from the support and ideas the Internet can bring. Paradoxically, our best offense is a good defense. Arm Yourselves As a service to the blogosphere, therefore, here are a few resources that can help you and your hosting providers understand the problem better and put some defenses in place: * "What is a Denial of Service (DoS) attack? And a quick roundup of the different types of DoS attacks one must defend against. * Here's a very complete set of resources on Denial-of-Service (DoS) attacks and how to combat them. * SANS has a step by step guide to basic measures that everyone should have in place, in order to prevent DoS attack launches from within one's network. They also have a roadmap to defeating DDoS attacks. * Network Magazine has a basic article covering Distributed Denial-of-Service (DDoS) defense and some links that can get you started. If you run Cisco equipment, this advisory is also recommended. * Black Belt defenders should visit U. Washington Professor Dave Dittrich's DDoS page. Dave also has a very cool home page, and seems to have lots of useful stuff on cyber-security. * Finally, on a lighter note, apparently blog servers were not the only machines targeted today by jihadists. And that information comes direct from The Source.... Further resources & recommendations gratefully accepted. Just use the comments section!

Categories:

All rights reserved. This article can be found on the Internet at:

http://www.windsofchange.net/archives/special_report_cyber-attack_on_warbloggers.html

Persons wishing to contact the author of this article for reprints etc. should put a request in the Comments section, or send an email to "joe", over here @windsofchange.net.