You'd hope that amazon would do the right thing here and wave the fees. After all that's forcing the victim to literally pay for crime and the positive press of handling the situation well would be worth a lot more.
Massive DDoS racks up $30,000-a-day Amazon bill for China activists
Chinese activist site Greatfire.org which masks censored traffic into the country is under a sustained distributed denial of service (DDoS) attack that is racking up $30,000 a day in server costs. The website masks internet traffic from websites including Facebook and Google, so it can be seen in China, and does so using …
COMMENTS
-
-
-
-
Friday 20th March 2015 14:51 GMT ratfox
I'm surprised Amazon does not have built-in protections from DDoS attack… After all, it most certainly have such protections for its own websites, you'd think it would be trivial and cheap to offer that to the websites it hosts…
I'm pretty sure Google offers such a thing, though I might be confusing with yet another X-as-a-service.
-
Friday 20th March 2015 16:15 GMT Anonymous Coward
Dial-up accounts
Reminds of around 1998 when I used Cable&Wireless dial-up here in pompey. Off-peak was between 18:00 and :08:00. Off-peak was around a penny a minute call, and peak times was something like 16p a minute.
Of course, during off-peak, disconnections used to happen every 30 minutes or so, lucky if you stayed on-line for an hour or more.
One morning, got up for work, and whilst having my cup of tea, checked my e-mail (usual morning procedure). Had my shower, went to work.
But, that morning I forgot to disconnect, and after getting home 10 hours later nearly had a heart attack to see the connection was still up!
I got billed over £84.00 for one phone call - and even calling C&W to explain that normally I get disconnected ever 30/40 minutes or so, but during the PEAK I didn't, this was wrong.
Nothing I could do - but pay it :(
-
-
-
-
Friday 20th March 2015 13:36 GMT Anonymous Coward
Re: Here's Some Advice..
.. Don't rattle ANY OPPONENT's cage if you don't know what you're doing.
There is nothing easier than knocking out a service which is run on AWS, especially if it is set to leverage AWS horizontal elasticity. 1h on a small botnet will generate enough traffic to bankrupt whoever is setting it. It is simply the wrong place to host it.
Sure, it is buzzword compliant, you are using the cloud for a worthy cause - hip, hip hurray. Buzzwords all along.
Cloud, because it is pay-per-use can and will be knocked out trivially using a brute force DOS simply by clocking an astronomical bill. Compared to this, flat fee physical iron based services may require more up-front investment but they are easier to defend and you can try fighting a war of attrition too as you are not paying for every bit thrown at you.
-
-
Friday 20th March 2015 08:26 GMT Thought About IT
Chinese puzzle
At least greatfile.org know why it's happening. My server just hosts my software for free download and subsequent sale, but last year Chinese sites were downloading the same files all day, every day, until I throttled them. During the past couple of weeks, it's been subjected to a pirate bay attack, at a low enough level to be manageable with firewall tweaks. There have always been occasional attempts to break in from different countries, but this prolonged attack from China is quite disconcerting, as there's no obvious reason for it.
-
Friday 20th March 2015 12:43 GMT caffeine addict
If people use GreatFire because the government is blocking access to Google and Facebook, why can't the government block access to GreatFire? Surely Amazon doesn't have any more diverse a range of IP addresses than Google does, and I'm sure the Chinese government doesn't overly worry if other websites get blocked as a result. Blocking Amazon's entire IP range sounds easier than DDosing one site. And if they can DDos it, they can block it, surely?
What am I misunderstanding...?
-
-
-
Sunday 22nd March 2015 10:51 GMT Alan Brown
This proves a couple of things
1: "Cloud" is bizspeak for "someone else's shit" and as such you have little control over it.
2: Greatfire made political hay out of using Amazon Cloud services on the basis that the chinese wouldn't be able to firewall the IPs without impacting a large number of other websites (aka "Nya nya, can't get mee") - effectively painting a big "kick me" on top of the target they already had strapped to their backs.
I'm not entirely sure what they expected to happen. AWS don't have any DDoS protection and this kind of thing has happened before. I did wonder how long they'd stay up having issued the original press releases.