Akamai kicked journalist Brian Krebs' site off its servers after he was hit by a 'record' cyberattack is how Business Insider describes the ongoing DDoS (Distributed Denial of Service Attack) against Brian Krebs (currently offline; google cache). This is notable as Akamai was able to mitigate the effect of the record scale attack but has decided to end their service relationship with Krebs. Victory has currently been handed to the attackers: if the goal is to get Krebs' website off the Internet it has succeeded regardless of the mechanism. Despite being deleted off the Internet Krebs does not fault Akamai.
The really Interesting question is how long will it take for Krebs to return to operational status? Is there anyone else that will be willing to donate their mitigation services so Krebs can go back online? Is there any possible way he could afford to pay normal prices for mitigation services that could handle 600 gigabits per second of flooding? Exactly who do you have to piss off, how sophisticated do they need to be, and how long can they afford the risk involved with carrying out the attack? Free Speech for the Internet is going to be defined by how this plays out.
takyon: These cybercriminals are just going to get Krebs more attention and appearances in the mass media. Krebs expects his site to be back up later today. Also, it is important to note that Akamai/Prolexic provided Krebs free service.
Previously: Brian Krebs DDoSed After Exposing vDos Operators; Israeli Authorities Hit Back With Arrests
Brian Krebs' Blog Hit by 665 Gbps DDoS Attack
(Score: 4, Interesting) by bob_super on Friday September 23 2016, @09:36PM
Maybe he should go for a light solution which is not expected to survive major traffic. Let it vanish every now and then: unreachable, but safe behind the kind of custom-hardware firewall my customers want, until addresses get moved and the attack goes away.
Visitors to that kind of website can understand the availability tradeoff, as long as they end up getting the content eventually.
(Score: 3, Insightful) by Anonymous Coward on Friday September 23 2016, @09:43PM
Visitors to that kind of website can understand the availability tradeoff, as long as they end up getting the content eventually.
Nope. Tolerance for downtime died during the 00s. Your site will be as good as dead and will never recover from the bad reputation.
(Score: 0) by Anonymous Coward on Saturday September 24 2016, @02:58AM
Rusty, is that you?
(Score: 0) by Anonymous Coward on Friday September 23 2016, @11:23PM
This is proof we need a way to overlay the web on a P2P system. They go distributed to take centralized servers, we go distributed to put it back up.
Also, imagine how big of a botnet these guys must be running. If only they would stick it into the Tor network. Let them sniff the exit nodes, that's what SSL is for anyway.
(Score: 0) by Anonymous Coward on Saturday September 24 2016, @04:08AM
Peers aren't anonymous in most _high_ bandwidth P2P systems. His seeders will drop his site faster than some can say Akamai.
Go count how many seeds there are for even popular torrents. Most people wouldn't want to seed random sites and stuff. The laws can make it even more dangerous.
(Score: 0) by Anonymous Coward on Saturday September 24 2016, @04:21AM
> Go count how many seeds there are for even popular torrents. Most people wouldn't want to seed random sites and stuff. The laws can make it even more dangerous.
Except its not "random sites and stuff." Those popular torrents are limited by the laws, but legit sites like his aren't. A DDoS might even have the opposite effect of bring celebrity to his site and thus recruiting seeds.
(Score: 0) by Anonymous Coward on Saturday September 24 2016, @06:19AM
Making it "less voluntary" by building P2P into stuff like browsers to serve up all sorts of sites may cause all sorts of legal issues. Who is going to decide what people would automagically seed? After all how many would want to help distribute child porn?