Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Network Security Businesses Communications Networking Operating Systems Software The Internet News Technology

'Catastrophic' DDoS Attack Hits Linode Servers Over Labor Day Weekend (softpedia.com) 36

An anonymous reader writes: A coordinated DDoS attack hit Linode (VPS provider) over the weekend, which the company has described as "catastrophic." The attack targeted the company's Atlanta data center, and was timed for the extended Labor Day weekend when the company had fewer employees on hand to deal with the incident. At the start of the year, after suffering a two-week-long DDoS attack, Linode announced a data breach with attackers accessing some user accounts. The company reset passwords after it detected the intrusions. Linode engineers told customers they were "experiencing a catastrophic DDoS attack which is being spread across hundreds of different IP addresses in rapid succession, making mitigation extremely difficult." The report adds: "During all this time, connectivity to the service was down, affecting Linode customers such as Clojars, a repository of open source Clojure libraries that relies on the Linode infrastructure."
This discussion has been archived. No new comments can be posted.

'Catastrophic' DDoS Attack Hits Linode Servers Over Labor Day Weekend

Comments Filter:
  • "a repository of open source Clojure libraries that relies on the Linode infrastructure"

    So these libraries are only available in one place? Haven't these guys heard of mirror sites? I know its easy to fool Joe ixpack into thinking The Cloud is some safe secure place and he never needs to worry about his data ever again (honest!) , but one would hope people involved in writing programming libraries would have a bit more common sense.

    • by Anonymous Coward
      mirror sites cost money. In the end it is a tradeoff between how much mitigation you can afford vs how much downtime you are willing to accept.
  • by MartinG ( 52587 )

    Hosting static binaries such as jar files is a great use case for ipfs.

    In fact, it would be good to see package managers in general support IPFS downloading, and possibly good for privacy as well as availability.

  • Duh. Linode is one of the few hosting services that "helpfully" assigns systematic aliases (such as "linode1234.members.linode.com") to all virtual machines, basically providing a host lookup for hackers to easily target Linode hosts.

    It boggles the mind.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Not providing DNS service would slow attackers down...by about 2 seconds. Very easy to scan a network.

  • I get that a monoculture is bad, but... When was the last time AWS lost an entire data centre to a DDOS?

    It's probably exactly what the attackers want, but as someone with a responsibility first to my employer, how can I ever recommend a company like Linode?

    They need to figure this out, because every time one of these articles hits the news the reputation damage is pushing them further and further into a spiral.

You are always doing something marginal when the boss drops by your desk.

Working...