DDoS on Domain Registrar 69
miller60 writes "Netcraft is reporting that 'domain registrar Joker.com says its nameservers have been hit with a massive DDoS attack, causing outages for customers. More than 550,000 domains are registered with Joker, meaning the outages could be widely felt. It's not clear why the DDoS is succeeding, as most registrars have implemented sturdy DDoS protection since the attack on the root nameserver system back in 2002.' Some security experts have warned in recent weeks about DNS recursion attacks as previously discussed here on Slashdot, which can amplify the power of attacks launched from botnets."
But why? (Score:5, Interesting)
If anything, I'm surprised that more regitstrars aren't being hit by this. Maybe they agreed to pay up instead.
Re:But why? (Score:1, Interesting)
I was affected - but perhaps the ddosers wanted some cash from the spammers?. However our spam load was much reduced as to who wanted what and from whom i dont know - less spam was the result here.
Perhaps this will do joker some good either by stopping the sales of junk domain names like ikty677899dddff.com (made up example) and clean up the domain name 'trade', which is by no means perfect but makes many of us think there as complict as the spammers.
Getting sick of this (Score:4, Interesting)
Re:Getting sick of this (Score:1, Interesting)
Re:Getting sick of this (Score:3, Interesting)
With distributed DNS, it's actually not a bad idea, those with higher bandwidths could end up taking the bulk of the load, but it might actually be workable. Having said that, we do have a facility for secondary DNS servers; we could just use them properly instead of having ns1.foobar.com and ns2.foobar.com pointing to the same box half the time, and the same subnet half of the rest of the time. Not exactly a dDOS resiliant solution.
With distributed hosting, I think that'd be beautiful if it was workable, but there are all sorts of considerations that when added up will mean that no-one will sign up for this kind of thing. firstly, there are obvious privacy concerns. Secondly security; when someone's website gets hacked, who shoulders the responsibility? Thirdly, legal issues if the system was international, though that could be alieviated if you had a "country of origin" flag on the content. There'd have to be some sort of redundancy, and website access times would differ greatly depending on who happened to be storing the content at the time of the request.
see also freenet.sourceforge.net
Why? That's easy ... (Score:2, Interesting)
Now, I know very well that not everyone registering at joker is carrying on such questionable or downright unscrupulous behavior (certainly less than 1% I hope), but I don't look up the registrar of every domain I visit, just those ones I have a complaint against - which is probably true for most anyone on the net.
The problem is that Joker usually doesn't appear concerned about the activities it's customers engage in (AUP notwithstanding), so it might be that someone out there saw one too many popup or phishing scam coming out of a Joker domain and got no satisfaction at the abuse desk.
Of course this wouldn't be justification for screwing up everyone else's domain, but it's not outside the realm of possibility.
Tim Berners-Lee said it... (Score:4, Interesting)
What we need is an entirely peer to peer adaptation of the Web using DHT [wikipedia.org] as an addressing system, where the hash of the file itself serves as its' address. That would solve (at least) two major problems:-
a) It'd get rid of the abovementioned "Internet governance" BS as mentioned above. I believe we could still have an entirely hyperlinked/relational/semantic Web using a DHT system...it just initially might require some more work. The reason why this would eliminate the TLD issue though is because the naming system itself would become irrelevant. It's worth remembering that DNS was originally developed by scientists/academics. If they'd remained the only people using it, it would have worked acceptably. Unfortunately however, the commercialists came along later and fucked it up, which they tend to do to everything they get their hands on. If the commercialists still want the old DNS/TLD system, let them keep it. The DHT system could be implemented for those of us interested in more productive uses of the network.
b) It would at least go a long way towards putting a final nail in the coffin of the {RI,MP}AA's ability to track/identify (and therefore sue) anybody using p2p filesharing. No DNS means no named websites, and no named websites means no centre of gravity/vulnerability to make the {RI,MP}AA's lives easier.
For those of you who think I'm insane, realise that to a degree it's already been done with the Kad p2p network. Anyone connecting to Kad is only able to view (to the untrained or non-mechanical eye, at least) a totally incomprehensible array of numerical strings and file hashes. It might be traceable to individual users, but not easily. What we need to do is figure out how to create an adapted version of HTTP that is able to rely on a machanism similar to Kad as its' trasit/addressing system.
In terms of coding this, I'd have no idea even where to begin myself...so I guess all I can hopefor is that someone else out there who could is sufficiently interested in the idea to try it.