In case you missed it there is a really interesting story circulating on the Net, best told by Jim Louderback the CEO of Revision3 and victim of a DDOS attack over Memorial day weekend ( his Blog & CNET interview ). If you’re a fan of Revision3 you already know that they got taken off-line for 3 days, if your not you may want to check out their site. They represent perhaps the best example of new Media and the future of TV, including HD video, channels, live and on-demand, etc, all delivered via the web. In order to achieve high quality video Revision3 utilizes BitTorrent technology legitimately for distributing content to users. The problem came about when a “legitimate” media tracking company identified a Revision3 server as a potential source of ” questionable ” BitTorrent traffic. Once Revision3 was made aware of this situation ( by a forum poster ) they appropriately locked down the server, what happened next was the strange part…
As reported by Revision3, the media tracking company ( presumably automatically ) launched a DDOS attack on Revision3’s site flooding it with as many as 8,000 packets per second taking down the site by exceeding the capacity of limited web servers. Complicating the matter was the long weekend and unreachable staff at the offending company. Once they were finally able to get in contact the company stopped the attack and they both started to unravel what had happened.
The NetScaler system may not be positioned as protection from “good” guys ( vs. typical bad guys ) but this situation exemplifies why it is worth consideration as part of a comprehensive protection plan. That is why web based media companies like MSN, CNET, Digg, and many others rely on NetScaler’s to protect their infrastructure. Among other features NetScaler protects sites from SYN flood DDOS attacks by handling all requests and only forwarding legitimate ticketed traffic to the web server, all other SYN flood requests are dropped before ever reaching the company Web Servers.
So for the next review of your security infrastructure, keep in mind who are the “good” or bad guys and are you protected either way.