Slashdot Mirror

← Back to Stories (view on slashdot.org)

DoubleClick Hit by DDoS Attack

Posted by ryuzaki0 on from the hard-rain-falls dept.

YetAnotherName writes "The Washington Times is reporting that everyone's most beloved online advertising distributor, DoubleClick, was subject to a DoS attack crippling the company's DNS servers, and preventing up to 75% of advertising from making it to web pages and surfers' eyes."

10 of 531 comments (clear)

  1. DoubleClick is still around? by Anonymous Coward · · Score: 4, Informative

    It's been so long since I've seen an ad I forgot about them.

  2. Old News for Nerds, Stuff that's Days Old by dsanfte · · Score: 4, Informative

    Seriously, Slashdot needs to shape up, or stop trying to be a news site. This happened yesterday. If you can't get your editors to greenlight stories faster than 24hours in advance, let subscribers do it like Fark does.

    --
    occultae nullus est respectus musicae - originally a Greek proverb
  3. I didn't notice by Patik · · Score: 5, Informative

    I've had the following in my HOSTS file for a while now

    0.0.0.0 ad.doubleclick.com
    0.0.0.0 ads.doubleclick.net
    0.0.0.0 ad2.doubleclick.net
    0.0.0.0 ad3.doubleclick.net
    0.0.0.0 ad4.doubleclick.net
    0.0.0.0 ad5.doubleclick.net
    0.0.0.0 ad6.doubleclick.net
    0.0.0.0 ad7.doubleclick.net
    0.0.0.0 ad8.doubleclick.net
    0.0.0.0 ad9.doubleclick.net
    0.0.0.0 ad10.doubleclick.net
    0.0.0.0 ad11.doubleclick.net
    0.0.0.0 ad12.doubleclick.net
    0.0.0.0 ad13.doubleclick.net
    0.0.0.0 ad14.doubleclick.net
    0.0.0.0 ad15.doubleclick.net
    0.0.0.0 ad16.doubleclick.net
    0.0.0.0 ad17.doubleclick.net
    0.0.0.0 ad18.doubleclick.net
    0.0.0.0 ad19.doubleclick.net
    0.0.0.0 ad20.doubleclick.net
    0.0.0.0 ad.ch.doubleclick.net
    0.0.0.0 ad.ca.doubleclick.net
    0.0.0.0 ad.de.doubleclick.net
    0.0.0.0 ad.fr.doubleclick.net
    0.0.0.0 ad.jp.doubleclick.net
    0.0.0.0 ad.nl.doubleclick.net
    0.0.0.0 ad.no.doubleclick.net
    0.0.0.0 ad.uk.doubleclick.net
    0.0.0.0 ln.doubleclick.net
    0.0.0.0 m.doubleclick.net
    0.0.0.0 m2.doubleclick.net
    0.0.0.0 iv.doubleclick.net
    0.0.0.0 ebay.doubleclick.net

    Lameness filter randomness: eed d ed wdwe de ff g v fdovk fok fb f osvi jfvioj asv d vp vv jspavj spav dsv aspdvj ede oijf o greg ewrg

    1. Re:I didn't notice by owlmon · · Score: 5, Informative

      > I've had the following in my HOSTS file for a while now
      >
      > 0.0.0.0 ad.doubleclick.com
      > 0.0.0.0 ads.doubleclick.net
      > ...

      Some alternatives that are fun:

      1. Install privoxy from sourceforge.net. This is a local http proxy that allows you to filter out web content using regular expressions. So you can easily blank out any URL that contains the string "doubleclick." This is easier and more complete than trying to enumerate all the hostnames that Doubleclick Inc. uses. Privoxy is multi-platform; you can use it under Linux, Windows, etc.

      2. Install posadis from sourceforge.net. This is a caching DNS server that you can install on your computer. It allows you to control how domain names (like *.doubleclick.net) get resolved by ALL the programs on your computer. I use it to essentially blackhole domains that I don't like. Once again, this is a multi-platform project. In particular, under Windoze, it runs as a service. It has an irritating bug: under Windoze, it will occasionally start using 100% CPU. When this happens, you have to restart the posadis service. A hassle, verily. But I enjoy having the control that derives from running my own DNS server.

      3. Use a firewall (hardware or software) to block out numeric IP addresses. For example, 216.73.92.112 is www.doubleclick.net, so it should be blocked. I used to use this approach. I liked the idea of absolutely blocking any packets going to or from the bad guys, regardless of the DNS name used. The problem with this approach is that outfits like doubleclick.net will use a ton of different numeric IP addresses, and it's difficult to keep up with them.

  4. Re:Sad news by adam+mcmaster · · Score: 5, Informative

    I agree, adblock is very useful.

  5. Re:Sad news by byolinux · · Score: 4, Informative

    Adblock most of the time or PithHelmet for those Safari Moments.

    --
    Join the Free Software Foundation
  6. Re:Sad news by JPriest · · Score: 5, Informative
    Not that box, I am pinging their primary DNS server and still getting a reply, they have 4.

    ns1.doubleclick.net
    ns2.doubleclick.net
    ns3.doubleclick.net
    ns4.doubleclick.net

    This way you can check your networks to see if any machines are hitting these DNS server. I am going to keep my ping going to make sure ns1 stays online. j/k

    You can do your part to reduce the load by adding doubleclicks ad-servers to your /etc/hosts file as 127.0.0.1 (this can be done in windows too).

    --
    Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
  7. Old news by EvilStein · · Score: 4, Informative

    IF this isn't a second DDoS, then this happened a couple days ago already.

  8. Re:Sad news by JPriest · · Score: 4, Informative

    Becasue it takes a long time for nowhere to reply.

    --
    Saying Java is nice because it works on all OS's is like saying that anal sex is nice because it works on all genders.
  9. Re:Sad news by Elwood+P+Dowd · · Score: 4, Informative
    Ok, I realize

    you are joking

    alexa is crap
    but doubleclick doesn't give a flying fuck about slashdot.

    --

    There are no trails. There are no trees out here.