Please create an account to participate in the Slashdot moderation system


Forgot your password?
Security The Internet

DoubleClick Hit by DDoS Attack 531

YetAnotherName writes "The Washington Times is reporting that everyone's most beloved online advertising distributor, DoubleClick, was subject to a DoS attack crippling the company's DNS servers, and preventing up to 75% of advertising from making it to web pages and surfers' eyes."
This discussion has been archived. No new comments can be posted.

DoubleClick Hit by DDoS Attack

Comments Filter:
  • Sad news (Score:5, Funny)

    by Lord Grey ( 463613 ) * on Thursday July 29, 2004 @06:32PM (#9837811)
    ... subject to a DoS attack crippling the company's DNS servers ...
    It is truly sad when Internet blackhats target a large, upstanding company like ....

    Oh, wait. It was DoubleClick []?

    Can I donate some computer time?

    • Re:Sad news (Score:3, Informative)

      by byolinux ( 535260 ) *
      I don't think I've seen a banner ad in a year or so.

      I used IE the other day for the first time in ages, and was surprised by a popup.
      • Re:Sad news (Score:5, Informative)

        by adam mcmaster ( 697132 ) on Thursday July 29, 2004 @06:37PM (#9837872) Homepage
        I agree, adblock [] is very useful.
      • Re:Sad news (Score:3, Informative)

        by Pharmboy ( 216950 )
        I use this little thing called a "hosts" file, so my IE popups are all blank ;) stuff like:

        except I DO allow because im a nice guy and dont mind looking at the purdy pictures from them (and they are not usually popups). I found the hosts file here on /., with about 100 lines of entries.
        • Re:Sad news (Score:3, Informative)

          by Trent05 ( 70375 )
          These might be useful too. I direct em' to cause I'm gangsta. :P

          ad.double c





          isg03.casalemedia.c om

        • Re:Sad news (Score:4, Informative)

          by Read Icculus ( 606527 ) on Friday July 30, 2004 @12:36AM (#9840596)
          Use a real hosts file, like This one [] . It's massive, constantly updated, and formatted nicely to show you how to redirect to "s".
      • by Omega ( 1602 ) on Thursday July 29, 2004 @08:03PM (#9838647) Homepage
        I realize this is probably an unpopular opinion to have on slashdot, but I don't think most people understand that someone has to pay the hosting fees, bandwidth, editing time, content, etc. So here's how the so called "FREE" sites (those that are remaining on the net anyway) work. They exist because of advertising. As "evil" as ads may be, they pay the bills for Slashdot [], The Onion [], IMDb [], Yahoo [], etc.

        Not to get all MPAA on you, but when you block the ads, you're hurting the site. Not only that, but you're encouraging "innovation" on the advertisers side to keep you from blocking the ads. This leads to a mixing of advertising and content, so that the web pages start becoming all flash or all pictures so you can't filter out certain images without breaking the whole site for yourself.

        Want to keep the subscription sites down and keep the free web up? Leave the banner ads be. Hell, click on them once in a while. If the advertisers and website are satisfied with how their ads are doing, they'll be less aggressive and less likely to piss you off.

        • when you block the ads, you're hurting the site.

          Absolute bollocks. As a rule, I NEVER click on a banner ad. When they're visible, I don't look at them. The only difference between a blocked ad and an unblocked ad coming into my browser is the blocked ad (white box) renders faster. I am not cost advertisers on cent.

        • Ad blocking is something caused by a social dynamic, and as such appeals for single individuals to unblock ads in order to "save the site" are utterly futile. It makes zero difference. People hate ads.

          Five people listening to you isn't going to save the web advertising industry any more than me convincing (at great personal effort, mind you) five people to stop pirating Photoshop is going to see a noticeable increase in revenues for Adobe. It is not a statistically significant number, and all it ends up do
          • OSDN ads (Score:3, Insightful)

            I wasn't blocking ads on Slashdot until they started going "dynamic". If something is moving on the page besides the mouse cursor, it better be a hell of a lot more interesting than Microsoft trying to tell me that using a quad Xeon under Windows 2003 to approximate the work done by a uniprocessor AMD XP2000+ under Linux is an effective way to "lower my TCO"!
        • If the ad blinks or flashs, I block them. If the ad has a shitty server that causes the page to hang, I block them. And I don't care what site has them, because they are giving me a crap experience. doubleclick has been blocked for a long time now. If enough folks did this, the more astute sites will use a less intrusive ad provider.


        • "If you don't watch the commercials, it's like you're stealing TV !" - Homer Simpson
        • Great, an Insightful advertising apologist. Will wonders never cease? As a couple others have pointed out, you are then obligated to watch all the commercials while your TV is on. Also, you really should read each and every advertisement in the magazines you buy, because without them, the price of the magazine would be higher. Every once in a while, while reading Linux Journal, you could even buy a Linux cluster. That way, the advertisers know that their ads are working, and that you love them. I'm not sure
        • You're right. In the same vein, if you go the toilet during an ad break on TV, you are actually stealing! You are costing those TV stations money. Unless you want to lose free-to-air television, you must only leave the couch for toilet/snack breaks during officially sanctioned time periods.
    • Re:Sad news (Score:5, Funny)

      by dfurie ( 766236 ) on Thursday July 29, 2004 @06:34PM (#9837833)
      I think you're on to something. I think its time to give up on SETI and Folding@home and make a new distributed project to better man-kind; a doubleclick DDoS'er.
    • Heh (Score:3, Funny)

      by mfh ( 56 )
      Off the record, WOO HOO!!!
      On the record, Punch the Monkey and Win $20!
    • Re:Sad news (Score:5, Funny)

      by Compholio ( 770966 ) on Thursday July 29, 2004 @06:37PM (#9837877)
      When they arrest the guy who did it we should put together a paypal donation to take care of his legal costs.
    • Re:Sad news (Score:5, Funny)

      by eegad ( 588763 ) on Thursday July 29, 2004 @06:37PM (#9837882)
      Was this some other DoS attack besides posting their URL on Slashdot?
    • Re:Sad news (Score:2, Insightful)

      by pHatidic ( 163975 )
      A DoubleClick spokeswoman said the attack targeted the company's domain name servers -- machines that help direct Internet traffic -- causing "severe service disruptions" for all 900 of its customers.

      Wait I thought doubleclick was one the thirtieth most visited site on the internet, how could they only have 900 customers? It's almost as if they don't think of the people visiting their site as customers, as if they're only there to be bent over and take it in the behind.

      • It's almost as if they don't think of the people visiting their site as customers

        That's because they don't. They were referring to the people who pay them to place their ads; the people who click on the ads would be Doubleclick's customers' customers.

        • Re:Sad news (Score:5, Insightful)

          by Captain Nitpick ( 16515 ) on Thursday July 29, 2004 @08:27PM (#9838858)
          That's because they don't. They were referring to the people who pay them to place their ads; the people who click on the ads would be Doubleclick's customers' customers.

          The people who click on the ads are Doubleclick's product.

    • Re:Sad news (Score:5, Informative)

      by JPriest ( 547211 ) on Thursday July 29, 2004 @06:43PM (#9837951) Homepage
      Not that box, I am pinging their primary DNS server and still getting a reply, they have 4.

      This way you can check your networks to see if any machines are hitting these DNS server. I am going to keep my ping going to make sure ns1 stays online. j/k

      You can do your part to reduce the load by adding doubleclicks ad-servers to your /etc/hosts file as (this can be done in windows too).

    • Re:Sad news (Score:5, Insightful)

      by JabberWokky ( 19442 ) <> on Thursday July 29, 2004 @07:18PM (#9838267) Homepage Journal
      Am I the only person left who thinks it is unethical to use a person's site and block their ads? I find it deeply troubling that there are many people who work for or would like to work for internet companies that turn around and bite the prevailing revenue source for those same companies.

      You can argue all you want, it is a matter of personal belief. I consider it to be something that should not be made illegal, but also something that is terribly impolite to do and does have a negative effect upon something that you like enough to patronize.

      It's kind of like when the cool coffee house with all the great local bands closes down because nobody bought any coffee. Everybody bitches how much it sucks, but never connects that they were taking up a chair for four hours without buying a drink.

      If you like the site, how about some respect for the people who work on it? Common decency appears to be growing much less common.


      • Probably (Score:5, Insightful)

        by Sycraft-fu ( 314770 ) on Thursday July 29, 2004 @10:03PM (#9839580)
        Do you consider it unethical to read a newspaper without reading their ads? Record a TV show and then fast forward through the commercials later? Get up and get food/go to the bathroom during commercials? Throw away mail flyers for products? Use a text based browser? Have a visual imparement?

        In all these cases, you are ignoring/blocking ads. Sites have a right to try and advertise, but it's your computer, and you have a right to change the presentation to meet your needs.

        Also if the advertisers learned a little something form successful advertising, such as Google and newspapers, they would have a much better chance of not getting blocked:

        1) Be less obtrusive. The web is a random access media. Interrupting people with full screen or popup ads is annoying and counter the operation of the web. Thus people hate them and want them gone.

        2) Be relivant. Do nto slather your ad over ever site on the internet. Target your ad at sites that attract people that care.

        3) Be honest. A large number of ads are highly deceptive in their nature.

        Double click violates all of these their ads are a pain, they advertise whatever, wherever and most of them are "Punch the monkey and win" or "You have a message" or "Your computer is broadcasting an Internet IP address".

        I LIKE Google ads, since they relate to what I search for. Thus, if I want to buy something, I search and then look in the right hand column since the ads are unobtrusive, relivant to what I want, and honestly trying to sell me it.
      • Re:Sad news (Score:3, Insightful)

        by f0rt0r ( 636600 )
        Its like this. When you put your site on the Internet, it is in a public space. You are acknowledging that anyone with connectivity to your site can visit it and make use of it. The fundamental purpose of the World Wide Web is sharing information. When you put a web site up, that means you have information you want to share with anyone who can connect to your site. If you don't like the cost of sharing information ( the benefit is you can access information shared by others ), then don't put it on the WWW,
    • by IBitOBear ( 410965 ) on Thursday July 29, 2004 @08:11PM (#9838726) Homepage Journal
      No matter how many times I click refresh, the DoubleClick corporate site will not not display any banner ads, nor pop up nor pop under any X10 windows...

      Oh, what did you say? "The leader in network advertising" only has tasteful advertisements on their own site?

      Isn't that a tad hypocritical?

      Shouldn't the people advocating annoying, bouncing, animated, rollover tripe beleive in their own products and techniques enough to use it on their own pages?

      Clearly they don't, and they don't.

      One could only dream of the day when all the advertisers who patronize DoubleClick ask them selves why DoubleClick doesn't use their own service to advertise their own service...

      Perhaps because their customers would realize how much such techniques annoy and drive off potential clients....?

      Nah, marketeers (as in mouse, not misspelling 8-) will never get wise to their own lack of wisdom.
    • OSDN uses doubleclick.
  • by Anonymous Coward on Thursday July 29, 2004 @06:32PM (#9837813)
    It's been so long since I've seen an ad [] I forgot about them.
  • Although I don't agree with DDoS attacks.. Your not going to get any sympathy from me.
  • Good or bad? (Score:5, Insightful)

    by EdZ ( 755139 ) on Thursday July 29, 2004 @06:33PM (#9837819)
    I'm not sure whether the encouragement of DDOS-ing even 'evil' companies should be encouraged.
    • Re:Good or bad? (Score:3, Insightful)

      I agree, this sort of thing has an effect on many people other than the intended victim; as someone who works for a hosting company (admittedly a small one, but hey) I can tell you how annoying it is when your chosen datacenter is taken down by this kind of thing.
    • Exactly. Just because you might not approve of their business model doesn't mean that they don't deserve to be free of attacks.

      All hacking is terrible. Don't encourage it just because it happened to hurt someone you don't like.
    • Re:Good or bad? (Score:4, Interesting)

      by irokitt ( 663593 ) <(moc.oohay) (ta) (ruai-setirdnamihcra)> on Thursday July 29, 2004 @07:41PM (#9838479)
      It's worth noting that the attack on DoubleClick, which is an Evil Corporation (TM), also affected the ~900 sites that use DoubleClick to serve their ads. Those sites had to wait for their ad cycle to time out or something (IANAWD). So quite a few web sites were affected, with slow loading times. Sites that disabled DoubleClick ad banners had to deal with the fact that, for the better part of a day, they lost all banner revenue. So in the end, this DDOS was probably just a Bad Thing (TM).
  • poetic justice.... (Score:3, Interesting)

    by super_ogg ( 620337 ) on Thursday July 29, 2004 @06:33PM (#9837824) Homepage
    Trying to get rid of traffic they don't want to see... sounds like trying to get rid of adds we don't want to see.
  • On behalf.. (Score:5, Funny)

    by Anonymous Coward on Thursday July 29, 2004 @06:33PM (#9837825)
    On behalf of the Slashdot community, I would just like to say that this was indeed a terrible thing. I, and I believe I speak for everyone here when I say this, greatly missed the DoubleClick ads. Their intrusive nature, attempted trickery, and bright flashy lights are what make my internet experience what it is.

    I hope that whoever did this terrible act is brought to justice, as such a horrible thing cannot go unpunished!
  • need I say more?

    well, actually, according to Slashdot I do. So here:


  • how many people have the entire double click domain block from displaying on their web browsers anyway?
  • Damn (Score:3, Funny)

    by foidulus ( 743482 ) * on Thursday July 29, 2004 @06:34PM (#9837840)
    All those people clikcing links for money must have really gone overboard this time, they will probably make more money than me.
  • Without this vital source of information into my life, what will I do?

    Seriously, I didn't notice. There's so many ads (and I use pop-up blockers and hosts) that they're all just lost in the noise. Which is a really sad commentary on the state of the Internet when you think about it.
  • Actually... (Score:4, Insightful)

    by MacGoldstein ( 619138 ) <jasonmp85&mac,com> on Thursday July 29, 2004 @06:35PM (#9837849) Homepage
    Although it may seem like some sort of poetic justice that Doubleclick was attacked...

    The attacks had more far-reaching effects. Pages would take forever to load for me (certain pages, not all), if they used doubleclick ads, simply because the browser was waiting for the final item (the ad) to load.

    Whether or not you like doubleclick, their widespread adoption made this a productivity hit for those of us who frequent pages w/ doubleclick content (even if we never notice it).
  • by dsanfte ( 443781 ) * on Thursday July 29, 2004 @06:35PM (#9837852) Journal
    Seriously, Slashdot needs to shape up, or stop trying to be a news site. This happened yesterday. If you can't get your editors to greenlight stories faster than 24hours in advance, let subscribers do it like Fark does.
  • .. so this is like what? One request for every unwanted ad they've ever forced down someone's throat??
  • I didn't notice (Score:5, Informative)

    by Patik ( 584959 ) * <> on Thursday July 29, 2004 @06:36PM (#9837860) Homepage Journal

    I've had the following in my HOSTS file for a while now

    Lameness filter randomness: eed d ed wdwe de ff g v fdovk fok fb f osvi jfvioj asv d vp vv jspavj spav dsv aspdvj ede oijf o greg ewrg

    • I just use a proxy thta blocks *doubleclick*. Then they can't add a new server on me.
    • Re:I didn't notice (Score:5, Informative)

      by owlmon ( 696565 ) on Thursday July 29, 2004 @06:57PM (#9838081)
      > I've had the following in my HOSTS file for a while now
      > ...

      Some alternatives that are fun:

      1. Install privoxy from This is a local http proxy that allows you to filter out web content using regular expressions. So you can easily blank out any URL that contains the string "doubleclick." This is easier and more complete than trying to enumerate all the hostnames that Doubleclick Inc. uses. Privoxy is multi-platform; you can use it under Linux, Windows, etc.

      2. Install posadis from This is a caching DNS server that you can install on your computer. It allows you to control how domain names (like * get resolved by ALL the programs on your computer. I use it to essentially blackhole domains that I don't like. Once again, this is a multi-platform project. In particular, under Windoze, it runs as a service. It has an irritating bug: under Windoze, it will occasionally start using 100% CPU. When this happens, you have to restart the posadis service. A hassle, verily. But I enjoy having the control that derives from running my own DNS server.

      3. Use a firewall (hardware or software) to block out numeric IP addresses. For example, is, so it should be blocked. I used to use this approach. I liked the idea of absolutely blocking any packets going to or from the bad guys, regardless of the DNS name used. The problem with this approach is that outfits like will use a ton of different numeric IP addresses, and it's difficult to keep up with them.
    • Re:I didn't notice (Score:3, Informative)

      by magefile ( 776388 )
      You can't use *.doubleclick.*? I do that in adblock. Granted, the hosts file and adblock are two totally different beasts, but I'm surprised the hosts file doesn't support regex.
  • by PIPBoy3000 ( 619296 ) on Thursday July 29, 2004 @06:36PM (#9837864)
    The issue wasn't that Double Click had problems, but that every site that uses them become very slow.

    Until the basic routing infrastructure of the net changes, this is going to be a common issue anytime a number of big sites all require another organization to serve up their pages (e.g. Akamai).
    • I'm not sure why.

      Part of a contract to use DoubleClick ought to be a server-flag. They send you a packet every 30 seconds that says their servers are operational and a flag is set on your machine. If more than 30 seconds goes by, the flag is automatically set to "off". Their scripts [which run on your machine] check that flag before they serve up ad content, otherwise, the scripts print out either white-space or a set of pre-loaded advertisements (that they don't have to find on double-click servers).

  • by Beardo the Bearded ( 321478 ) on Thursday July 29, 2004 @06:37PM (#9837868)
    Thanks, Mike! []

    I rarely see ads in either IE or Mozilla.
  • The Tuesday attack left PC users frustrated when trying to access some of the Internet's most heavily visited sites, the Washington Post said Wednesday.

    Heh. I know I always get upset when I'm not being bombarded by advertisements.
  • by Knights who say 'INT ( 708612 ) on Thursday July 29, 2004 @06:38PM (#9837895) Journal
    There is a downside to such attacks as they harm business trust on the internet and large capital investments to the infrastructure and R&D and all. But it also has an upside, and a important one it is. Little bouts of anarchy like this show The Powers that Be that there is such a thing as an internet community who does not take slimey practices (such as the Verisign search, remember?) lightly.

    It keeps commercialism in check. And that is a Good Thing (TM).
  • by zoloto ( 586738 ) on Thursday July 29, 2004 @06:39PM (#9837899)
    No matter how much I hate /ads/, a DDoS should not be tolerated no matter to whom it's directed. Weather it's or, let's try to use our knowledge constructivly instead of destructivly. How does that sound? And where does any one person think a DDoS will get for anyone as a whole? If anything, it'll bring a stronger resolve to preventative measures and keep them going strong. They have the $!! so where will it really get those who started this "attack"?

    • by dsanfte ( 443781 ) * on Thursday July 29, 2004 @07:02PM (#9838121) Journal
      No matter how much I hate /ads/, a DDoS should not be tolerated no matter to whom it's directed.

      Sorry man, in the days of the DMCA, INDUCE, and PATRIOT acts, I'll take my poetic justice wherever I can get it. I applaud this for the same reason I applaud thieves getting their asses hauled into prison, because they damn well deserve it, regardless of whether forced confinement is "wrong" or not.
  • Good? (Score:2, Interesting)

    by Jack9 ( 11421 )
    I'm a little disappointed that a group of fairly die-hard anti-doubleclick geeks could only hobble it a few hours at may simply have been more effective to introduce a nasty virus into their network, so we'll just call this attack a symbolic way to raise awareness of this historically nasty company. I much rather have heard that a more intrusive and smaller company like CoolWeb was attacked.
    • Re:Good? (Score:5, Insightful)

      by Mesaeus ( 692570 ) on Thursday July 29, 2004 @07:49PM (#9838542)
      Regarding CoolWeb we'd better skip the DDOS phase and go straight to beating the shit out of their employees with various blunt instruments, I call dibs on their "CEO". I just cleaned up a family's pc where the children got a fullscreen popup without any controls of naked 12-14 year olds, every single time they logged on. Courtesy of CoolWebSearch. That company is made up of a bunch of sick individuals, and they've perfected their "art" of drive-by-installing their spyware so much that the latest versions (there's about twenty different ones) are harder to get rid of than most virusses.
  • Seriously, I haven't seen much of any of it since I configured adblock on Firefox.

    You're saying there's still advertising out there on the web? Whoda thunk it.
  • scrub:/# host A

    Of course having this in my named.conf helps...
    zone "" {
    type master;
    file "/etc/bind/db.vermin";
  • get the spyware installed so I can help out?
  • Old news (Score:5, Informative)

    by EvilStein ( 414640 ) <> on Thursday July 29, 2004 @06:51PM (#9838036)
    IF this isn't a second DDoS, then this happened a couple days ago already.
  • (Score:3, Funny)

    by bstadil ( 7110 ) on Thursday July 29, 2004 @06:54PM (#9838052) Homepage
    I am glad that my machine didn't inadvertently participate in their DDOS attack. I would have been hammering away at

  • Oh boy... (Score:5, Funny)

    by nebulus4 ( 799015 ) on Thursday July 29, 2004 @07:00PM (#9838107)
    First they are DDOS'ed and now they are going to be /.'ed.. what a day..
  • by krhainos ( 637354 ) <js58.uakron@edu> on Thursday July 29, 2004 @07:01PM (#9838116) Homepage
    ... to enter to recieve my free iPod Mini
  • by pizza_milkshake ( 580452 ) on Thursday July 29, 2004 @07:38PM (#9838454)
    doubleclick obviously isn't using the DDOSBlock extension for Firefox.
  • by geekwench ( 644364 ) on Thursday July 29, 2004 @07:40PM (#9838474)
    Well, damn. I finally heard of something that makes me wish that I didn't have: such a good firewall / spyware killer / Mozilla / et cetera.

    Now if only there were some way to legally drive spyware / malware companies out of business. That would be an effort that I could endorse 100%. The problem with this is, well, it's still a DDoS, even if it is against a company that's pretty thoroughly reviled. I doubt that the owners of the participating computers agreed to help with the project.
    Plus, there are hundreds of thousands of people out there who still haven't figured out that the big blue "e" isn't the Internet. Their day got totally hosed by web pages that refused to load, "server not found" issues, and assorted other garbage. They got hit by the "shrapnel", but were innocent bystanders. And no, using IE doesn't mean that "they got what they deserved." (We tend to be rather elitest here on /., but it's likely that the number of late-bloomer techies far outnumbers the ranks of the lifelong geeks. Not everybody discovers their inner geek at the same point in life - but that's another rant.) Aunt Claire, who just wants to upload new photos to the family webpage, doesn't deserve to be pop-upped and spywared to tears, but neither does she - or anyone else - deserve to get caught in the middle of an online piss war. Poetic justice or not, this event is a Bad Thing.

    Still, it does warm the cockles of my black little heart, thinking of DoubleClick getting served a heaping helping of the kind of crap that they've dished out over the years.

  • by bani ( 467531 ) on Thursday July 29, 2004 @08:05PM (#9838669)

    a nifty plugin for squid. does more than just remove ads, it replaces them with a 'this ad zapped' image / swf, so pages don't render weird.

    it's written in perl so it's easy to hack and is easily configurable.
  • by iamcf13 ( 736250 ) on Thursday July 29, 2004 @11:14PM (#9840059) Homepage Journal
    Doing that will make them unblockable since the ads and the content are being served from the same IP address. However, there is nothing to stop someone with coming up with a clever HTML rewriter plugin/browser to strip out the content (readable text and meaningful binary content files) and make a simplified version of the (likely ad-ridden) original page.

    My firewall program cannot detect deliberately broken up 'SCRIPT' tags via the document.write Javascript function--otherwise Google's AdSense advertising would be blocked too. If I didn't need Javascript, I could turn it off at the browser level and kill these ads as well.

    Simple, HTML-only, text-based ads for me, thank you very much (works for Google)--I am on 'sessioned', time-limited dailup and cannot waste time downloading an (animated) ad banner image, or an (obnoxious, animated) shockwave ad.
  • by nuintari ( 47926 ) on Friday July 30, 2004 @08:56AM (#9842580) Homepage
    The only reason anyone is likely to care is because it has made surfing very pleasent lately. I'm sorry, its illegal, its wrong, and it hurts networks to deliver the package of shit they are sending dclick's way. Still, advertising is fucking out of control, and it needs to lighten up. Since they don't listen to us, some of us have taken to punishing them for it. I applaud their efforts.

    I wanna buy the parties responsable a beer.

God helps them that themselves. -- Benjamin Franklin, "Poor Richard's Almanac"