Robert Hashemian TMC

DDoS – Deliberate Denial of Service

July 28, 2004

A week ago one of our salespeople approached me with a simple question. Some of the people in his client company were unable to browse to our company’s Web site. He was rather embarrassed at the prospect that our company’s Web site (and by extension, our company) could be viewed as shaky and unreliable.

While I am biased, I believe our Web site is highly reliable and it operates as flawlessly as they come. Sure, there are the occasional hiccups, but in most cases reported issues have been at the users’ end and not ours.

So after carefully examining the Web server and running some internal and external tests, I declared our systems healthy and asked the salesperson to relay the findings back to the company. We all agreed that our Web site appeared completely accessible. Even employees from other departments at the same company had no problems reaching our site. The problem was spotty and I speculated that the company’s IT department should be able to resolve it rather quickly.

But a few days later I received an interesting email from their IT manager. They had inspected their systems and had found no issues on their end. They were prepared to dig deeper into the problem, but they made a simple request first. “I would like to ensure that you are not blocking [our IP address] in an ACL list on your ingress router.”, the email requested.

“Impossible”, I thought. But just to humor him I logged on to the firewall and looked up the deny list. And there it was, their IP address almost at the top of the list with my own note from over a year ago declaring it a rogue address due to packet flooding. Turns out that their network had caught a virus at that time and was flooding us causing a denial of service, and that had landed them in our deny list.

This incident is now resolved, but I wonder how many deny lists like ours are there with old, dated, or even wrong information. It's a deliberate type of denial of service or reverse denial of service that can hamper progress on the Internet just as much as the real thing can.

At least it keeps us employed.




Related Tags: , , , ,

Email Author Feedback

See this page in TechnoratiTechnoratibook mark DDoS – Deliberate Denial of Service in del.icio.usDel.icio.usDDoS – Deliberate Denial of Service to Slashdot.comSlashdotSubmit DDoS – Deliberate Denial of Service to Digg.comDiggSubmit DDoS – Deliberate Denial of Service to BoingBoing.netBookmark DDoS – Deliberate Denial of Service in FurlFurlBookmark DDoS – Deliberate Denial of Service in SpurlSpurl

Listed below are links to sites that reference DDoS – Deliberate Denial of Service:

Trackback Pings

TrackBack URL for DDoS – Deliberate Denial of Service:
http://blog.tmcnet.com/mt3/t.fcgi/96

Comments to DDoS – Deliberate Denial of Service

  1. RE: DDoS – Deliberate Denial of Service
    ugg boots :
    November 10, 2004 9:26 PM

    "I earned capital in the campaign, political capital, and now I intend to spend it," President Bush said in his first news briefing since winning re-election. order ugg boots Bush outlined his second-term agenda, saying it would focus on economic recovery, fixing the tax code, Social Security and building on education. buy ugg boots online

  1. RE: DDoS – Deliberate Denial of Service
    Effexor :
    November 16, 2004 4:29 AM

    I carefully explain the mechanisms of Internet service denial and illuminate the causes behind our rapidly growing Denial of Service (DoS) problem. I conclusively demonstrate that recent frightening changes in the architecture of Microsoft Windows-based personal computers.