Whirlpool suffers DDoS attack

Powered by SC Magazine
 

UPDATE: Blocked by upstream providers.

Broadband forum Whirlpool was brought down by a distributed denial of service attack this morning.

Update: Service restored at 10:30am. See below.

Update #2: Site down again June 30th. See here for latest news.

From 12:45am, Whirlpool host Bulletproof Networks noted irregular packet loss and investigated. The hosting company discovered a large number of HTTP requests from a number of source IP addresses, all targeting Whirlpool.

Bulletproof blocked the offending source IP addresses and asked its upstream providers to do the same, restoring the site at 1:45am.

The attack resumed five minutes later.

Again, Whirlpool was pulled offline whilst Bulletproof worked to block the attack. It was brought back online just before business hours, but was taken offline a third time as the attack resumed.

"The service provider owners of the offending IPs in Denmark and the US have been contacted to escalate blocking of their specific addresses at source," Bulletproof told iTnews.

The hosting company informed its customers via a series of text messages:

29/06/2010 12:46:12 AM Alert: Bulletproof Monitoring has detected
network degredation [sic]. ETR is unknown.

29/06/2010 2:13:44 AM Alert: Network degradation with upstream providers
due to DDoS has been mitigated.

Bulletproof Networks said the outage was isolated to the Whirlpool site.

UPDATE: Bulletproof Networks COO Lorenzo Modesto has paid tribute to the work of Bulletproof's upstream network providers, Internode and Pacific Internet, which blocked the source IP addresses of the Whirlpool DDoS attack promptly.

The blocking of these source addresses enabled Bulletproof Networks to push Whirlpool live again from 10:30am today.

"The most obvious way to build a robust network is to use a Tier One network upsteam - but history shows they don't tend to be as responsive. Non-Tier One providers tend to have multiple paths in and are more responsive in times like this. Our upstream providers were able to sort the issue within the hour."

Modesto maintained his sense of humour during the attack.

"Looks like Whirlpool was the target of at least 20,000 spams or scams coming through the portal," he told iTnews.


Whirlpool suffers DDoS attack
 
 
 
Top Stories
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
Telstra hands over copper, HFC in new $11bn NBN deal
Value of 2011 deal remains intact.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  39%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1828

Vote
Do you support the abolition of the Office of the Information Commissioner?