The Great Canadian Grid, DigiWorldz, YrGrid, and possibly Second Life have been, in recent weeks, hit hard by DDoS attacks. According to sources at DigiWorldz the attacks were very carefully aimed at the core servers, with not even a probe to any of the other servers leading the grid owner to believe that the attacks are not random.
Today, The Great Canadian Grid is down for the third time this month while, grid owner, Roddie Mocchi, works hard to track down the culprits of these attacks. He plans to press for prosecution of the perpetrators once found. He has optimistically informed residents that the grid will be operational tomorrow.
According to a news report on ars technica, since February of this year DNS servers have seen an escalating number of DDoS attacks that have increased in strength and sophistication. This appears to be a trend for which there are few tools to protect clients.
The Wikipedia defines a DDoS attack as, “A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic.”
Charalampos Patrikakis, Michalis Masikos, and Olga Zouraraki explain in The Internet Protocol:
Roddie’s server host, located in Florida, US also host DigiWorldz. They have informed Roddie that they cannot do anything more to prevent these attacks. It’s possible that we are all in for the long haul until internet security protocols and systems are developed for handling this malicious traffic.
DigiWorldz staff published a sample of the data logs for those interested in seeing what this process involves.
What can we end users do to help prevent these attacks? Don’t become a Zombie bot. These attacks rely on the use of unsuspecting host machines to direct the huge number of requests to servers. To be sure you are not making this easier for these criminals install and keep up to date antivirus software on your system and the systems of everyone you know.
It may not seem like a lot but, if we all work to spread the word, we may be able to significantly reduce the number of bots employed in these attacks. No slaves, no production.
The other thing we can do is to continue to support our grid owners with our positive attitudes and financial investment. The possibility of this spreading to other grids is only a matter of other server core targets being identified by the perpetrators.