Are folks seeing any major DOS in progress ?
Twitter seems to be under one and FB is flaky.
We are presently seeing some weird FB behavior -- timeouts and retry
issues. We've had several reports from our users and just began
investigating. Any info you have would be appreciated.
--sjk
Jorge Amodio wrote:
Jorge Amodio wrote:
Are folks seeing any major DOS in progress ?
Twitter seems to be under one and FB is flaky.
DDoS happens hundreds of times a day. Twitter and the Internet operations security community will likely take care of it, especially as it's twitter and we all have a warm fuzzy feeling inside.
Off topic, I found it hilarious how all the tweets came back to facebook and set statuses about twitter. :o)
Gadi.
Seeing the same thing. Can't bring up either sites.
Jorge Amodio wrote:
Same thing for me here in Lincoln, Neb. I was having issues like this starting Thursday evening about 8 p.m. or so, and it has continued all morning.
And of course with Facebook being so vital to my job.... 
I can't pin down specifics, just that it feels "flaky" I guess. Timeouts, retries, photo tagging working intermittently, and so on.
-Andy Ringsmuth
Ditto from Canberra, Australia
FB very flakey, same as Andy I guess.
Thanks,
Cody Appleby
Facebook is being really flaky here in Ireland too.
http://www.irishtimes.com/newspaper/breaking/2009/0806/breaking53.htm (about
Twitter)
Down from Costa Rica and Ireland too... Interesting that they are
starting to go for Social Networking sites now. Have they given up on
online gambling sites now? It appears as though they haven't been
actively attacking gambling sites for several days...
Twitter is very flaky & slow to load today, but that is hardly unusual.
Do you have any other evidence ?
Regards
Marshall
check out:
Tells the story.
Chris Gotstein
Sr Network Engineer
UP Logon/Computer Connection UP
500 N Stephenson Ave
Iron Mountain, MI 49801
Phone: 906-774-4847
Fax: 906-774-0335
chris@uplogon.com
Ken Gilmour wrote:
"We are defending against a denial-of-service attack, and will update status
again shortly."
http://status.twitter.com/
Ongoing denial-of-service
attack<http://status.twitter.com/post/157191978/ongoing-denial-of-service-attack>
1
hour ago
We are defending against a denial-of-service attack, and will update status
again shortly.
*Update*: the site is back up, but we are continuing to defend against and
recover from this attack.
"We are defending against a denial-of-service attack, and will update status
again shortly."
Perhaps the "puddy tat" finally got the bird
"We are defending against a denial-of-service attack, and will update status
again shortly."
Could be interesting if folks @Twitter take pictures or better video about how
are they defending against the attack.
Do they wear special helmets and cyber pitchforks ?
Blow up a fail-whale and let the falling chunks of blubber do the work.
There's even good instructional videos on the net on how to deploy this. 
FB flakyness could be related to timeout with Twitter APIs
Just reported by the birdhouse:
"As we recover, users will experience some longer load times and
slowness. This includes timeouts to API clients. We’re working to get
back to 100% as quickly as we can."
It looks like there is something more widespread today. I've noticed a
couple other sites having issues. LiveJournal has confirmed they are
under attack as well:
http://community.livejournal.com/lj_maintenance/125027.html
Cheers,
-Christoph
Jorge Amodio wrote:
This is interesting.
http://www.nytimes.com/2009/08/07/technology/internet/07twitter.html
Most computer security analysts did not cite a specific source of the attack Thursday.
But Bill Woodcock, a research director of the Packet Clearing House, a nonprofit technical organization that tracks Internet traffic, said Thursday’s attack was an extension of the conflict between Russia and Georgia. It was not clear who initiated the attack, he said, but likely “one side put up propaganda, the other side figured this out and is attacking them.”
Instead of using a botnet, or a network of thousands of malware-infected personal computers to flood a site with traffic, Mr. Woodcock said this particular attack consisted of a wave of spam e-mail messages, which began infiltrating Twitter and other sites at 10:25 a.m. Eastern time. “It’s a vast increase in traffic that creates the denial-of-service,” he said.
YouTube and LiveJournal were also affected, Mr. Woodcock said, although “Twitter was definitely hit the hardest.” YouTube said it had not noticed any problems with its service.
http://www.nytimes.com/2009/08/07/technology/internet/07twitter.html
> Mr. Woodcock said this
> particular attack consisted of a wave of spam e-mail messages, which began
> infiltrating Twitter
Uh... Yes, well, the gist of my explanation of how joe-jobs work may have
eluded the reporter, but the point I was trying to get across was that I
was aware of a joe-job, but not aware of a botnet.
> While I certainly trust PCH, I would be curious as to the evidence for
> this.
Google "cyxymu" and you should begin to see copies of the joe-job spam, as
well as the earlier and archived postings this guy has made in the past.
These URLs may be of interest, if you're really curious about the politics
behind the attack:
http://www.alertnet.org/db/blogs/29542/b5f1ff2ebdb92dabafda4b44e960db4c.htm
http://en.wikipedia.org/wiki/Abkhazia
Note that this is a deeply-layered conflict, with both sides trying to
pass off actions as those of the other, and I don't know of anyone who's
asserted that they have any means of determining whether this was a
Georgian attack on an Abkhazian blogger, or a Russian or Abkhazian
faux-martyring of an Abkhazian blogger that few people cared about
yesterday, but who will have his seven minutes of fame in tomorrow's
press.
I don't have an opinion on the matter, and I don't think many in our
community will probably take any interest in the underlying politics.
What matters is that smart people in our community at Google and SixApart
and Twitter communicated and coordinated quickly and effectively, and
established a lot of connections that will serve them well in responding
to things of this sort again in the future. INOC-DBA and NSP-Sec and the
Anti-Spam list all got a workout today, and they all functioned exactly as
they were intended to.
-Bill
http://www.nytimes.com/2009/08/07/technology/internet/07twitter.html
Mr. Woodcock said this
particular attack consisted of a wave of spam e-mail messages, which began
infiltrating TwitterUh... Yes, well, the gist of my explanation of how joe-jobs work may have
eluded the reporter, but the point I was trying to get across was that I
was aware of a joe-job, but not aware of a botnet.
Pity he just couldn't have used the phrase. It would have cleared it up some for me at least.
While I certainly trust PCH, I would be curious as to the evidence for
this.Google "cyxymu" and you should begin to see copies of the joe-job spam, as
well as the earlier and archived postings this guy has made in the past.These URLs may be of interest, if you're really curious about the politics
behind the attack:http://www.alertnet.org/db/blogs/29542/b5f1ff2ebdb92dabafda4b44e960db4c.htm
Note that this is a deeply-layered conflict, with both sides trying to
pass off actions as those of the other, and I don't know of anyone who's
asserted that they have any means of determining whether this was a
Georgian attack on an Abkhazian blogger, or a Russian or Abkhazian
faux-martyring of an Abkhazian blogger that few people cared about
yesterday, but who will have his seven minutes of fame in tomorrow's
press.
Given that the start of major hostilities there was 1 year ago today (the Georgian bombing and attack on Tskhinvali) and the war continued for 6 more days (until August 12th) I would not be surprised if there was more mischief in store. Let's hope this doesn't become a tradition.
Thank you for the information.
Regards
Marshall