Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Tiger Effect and Internet DDoS

Posted by timothy on from the aka-the-kenn-starr-steamroller dept.

An anonymous reader writes "Many US and Canadian ISPs thought they were under a massive denial of service attack yesterday — traffic spiked by hundreds of gigabits across North America. Turns out that the traffic was due to live streaming of the U.S. Open and Tiger Woods nail-biting victory."

34 of 191 comments (clear)

  1. naming this effect? by COMON$ · · Score: 4, Funny
    tigerd

    Tigerdotted

    I Got wooded?

    ok /.ers you can do better. I need to update my ids logs to take this into consideration ;)

    --
    CS: It is all sink or swim...oh and did I mention there are sharks in that water?
    1. Re:naming this effect? by Mordok-DestroyerOfWo · · Score: 5, Funny

      What does Final Fantasy 3 have to do with this? You leave that ragtag crew out of it!

      --
      "Never let your sense of morals prevent you from doing what is right" - Salvor Hardin
  2. You learn something new every day by spun · · Score: 5, Funny

    Who knew that there was a professional nail-biter's competition, let alone that Tiger Woods won it?

    --
    - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
  3. Not Firefox? by truthsearch · · Score: 4, Funny

    You mean it wasn't due to Firefox downloads? Guess it's not yet as mainstream as I'd like it to be. :)

    --
    Developers: We can use your help.
    1. Re:Not Firefox? by truthsearch · · Score: 5, Funny

      Joke --------> *whoosh*
                O <--- You
              --|--
                |
              / \
       

      (Credit and credit)

      --
      Developers: We can use your help.
    2. Re:Not Firefox? by antdude · · Score: 4, Funny

      Ouch, the guy's poor legs.

      --
      Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
  4. Tiger? Euro2008? by superphreak · · Score: 4, Interesting

    I thought it was due to Euro2008 coverage on Espn360.com

    --
    Evolution is a state-sponsored, state-protected religion.
  5. Tiger effect? by Anonymous Coward · · Score: 5, Funny

    Haven't most users updated to Leopard by now?

    1. Re:Tiger effect? by morgan_greywolf · · Score: 5, Funny

      Haven't most users updated to Leopard by now?
      Oh, FSCKING JEBUS. Why does some nitwit have to make everything about Apple?!

      Hint to Steve Jobs genuflecting tards: No, life is not all about Apple. No go outside and get some fresh air. Now.
      --
      My blog
    2. Re:Tiger effect? by bobdotorg · · Score: 4, Funny

      Haven't most users updated to Leopard by now?

      Oh, FSCKING JEBUS. Why does some nitwit have to make everything about Apple?!

      Hint to Steve Jobs genuflecting tards: No, life is not all about Apple. No go outside and get some fresh air. Now.


      Wow. Get some air. You're right. And it's a really nice day out. Head on out and get some air.

      You just gave me an excellent idea. I'll just pop out to the Apple Store and get a MacBook Air.
      --
      __ Someday, but not this morning, I'll finally learn to use the preview button.
  6. Jennifered? by EmbeddedJanitor · · Score: 4, Interesting

    Jennicam caused massive overloading the first time she had realtime sex. Likely there were other occasions before that too.

    --
    Engineering is the art of compromise.
    1. Re:Jennifered? by Matt+Perry · · Score: 4, Funny

      Now, where can I find this Jennifer and, most importantly, is she still doing it?
      She took down her site, but you can call her at 867-5309 and ask if she has some DVDs.
      --
      Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
    2. Re:Jennifered? by CopaceticOpus · · Score: 4, Funny

      victoria secret's first streamed show had issues.
      Luckily, most of these issues were caught by tissues!
  7. Office bandwith by silas_moeckel · · Score: 4, Insightful

    I remember working at a streaming media startup and a Tiger nail bitter was our first live event. 8 Years ago that was 24gb a sec and the average bit rate was 368kbs if I remember correctly. There is a lot more bandwidth now than then. The fun part was running the logs and associating the AS and often the big company associated with it, there seemed to be a lot of people with comfy offices a lot of bandwidth and a love of golf back then.

    --
    No sir I dont like it.
    1. Re:Office bandwith by corbettw · · Score: 4, Funny

      there seemed to be a lot of people with comfy offices a lot of bandwidth and a love of golf back then. Really? You don't say?
      --
      God invented whiskey so the Irish would not rule the world.
    2. Re:Office bandwith by cheater512 · · Score: 4, Insightful

      I just hope a CEO asks the obvious question: "Why did it take out our big net connections? They were all watching the same thing!"

      Maybe then they will enable multicast.

  8. Re:Oops. by gbjbaanb · · Score: 4, Informative

    Seriously, hundreds of gigabits across North America is a problem? 500 gigabits is approximately 62 GB. that'll be per second.

  9. Nail-biting victory? by Anonymous Coward · · Score: 5, Funny

    I find it hard to believe that there's anything that can possibly be nail-biting about watching golf.

    1. Re:Nail-biting victory? by swb · · Score: 5, Insightful

      I used to feel the same exact way -- I thought watching golf was about as exciting as watching the grass its played on grow.

      I don't know what happened, but I've gotten kind of hooked on the major tournaments. There's enough camera coverage that they actually spend most of the time with a decent golfer hitting the ball, so its not just a bunch of guys walking around, and they're almost exclusively in high definition.

    2. Re:Nail-biting victory? by drew · · Score: 5, Funny

      No, you don't get it. By watching in HD you can actually watch the grass grow while watching the golf game, so you get double the enjoyment.

      --
      If I don't put anything here, will anyone recognize me anymore?
    3. Re:Nail-biting victory? by PitaBred · · Score: 4, Interesting

      If you played, you'd understand the skill going into it.

      It's like the manager who can't possibly understand how hard it can be to add search functionality to the program... I mean, all you have to do is add that button that says "Search", right?

      --
      My blog. Good stuff (when I remember to update it). Read it.
  10. Wow! Could Thse ISPs be in Trouble!? by moore.dustin · · Score: 5, Interesting

    If these ISPs were overloaded to the point of thinking they may be being DDoS'ed over one event online, they are they wholly unprepared for any sort of attack that may actually be focused at them? Imagine the carnage a real attack would wreak on the ISPs! Is there anyone out there that knows the likelihood of ISPs going down if they came under a real attack? If a few botnets targeted these ISPs, could they be brought down completely? Imagine one of these ISPs really stepping up the game for a tiered internet service model, putting themselves out there as a lightening rod for angry nerds. Could a coordinated effort break the back of an ISPs ability to provide any service whatsoever?

    Your thoughts are most welcome and I thank you in advance for sharing your thoughts!

    --
    Invexi - a Phoenix, AZ based web design and web development company.
    1. Re:Wow! Could Thse ISPs be in Trouble!? by thecheatah · · Score: 5, Interesting

      Umm, I knew a person who managed a very large botnet. He use to be able to take down the internet for a general area. He use to have "wars" with other botnet people and you would notice the internet gone for a few hours, in my neighborhood at least. Then he was hired to take down a website in the west side of the Pennsylvania. He actually took down the internet for the whole area. Banks there couldn't communicate and all that. Well, he was caught and spent some time in prison. Now he doesn't really fit in with society any more and spends time in and out of prison.

    2. Re:Wow! Could Thse ISPs be in Trouble!? by Anonymous Coward · · Score: 5, Insightful

      And you sat on your ass and said nothing eh?

      Great.

    3. Re:Wow! Could Thse ISPs be in Trouble!? by zappepcs · · Score: 5, Interesting

      I didn't see anyone else catch this. WTF do you mean to tell me that they 'thought' it was a DDoS? Thought? So much for that traffic shaping magic. Sure, if it had been P2P we'd know exactly what little johnny down the street has on his iPod this morning and the RIAA would be all over the news with it and how file sharers killed the Internet.

      From the looks of this, co-ordinated effort is nothing more than a couple thousand bot computers infected with a 'lets watch sports over the net' worm. Think of it. One bot net with 100,000 computers all trying to watch ESPN at the same time, and those that can, also trying to watch something from Europe at the same time.

      One word: multicast

      Uni-casting VOD over the Internet will keep doing this over and over again and ISPs will continue to blame file sharing for their lack of both foresight and bandwidth.

      --
      Support NYCountryLawyer RIAA vs People
    4. Re:Wow! Could Thse ISPs be in Trouble!? by ACMENEWSLLC · · Score: 5, Informative

      These streams are 800Kb/s each. On top of that, they run over SSL which adds to the overhead. And each connection streams from one of hundreds of IP ranges.

      We have 500 users sharing a dual T1, all wanting to watch this. So why did business transactions begin failing? I wonder.

      Yea, we saw this.

      Since it was SSL we can't inspect it at the application layer for QoS. Since it's a huge number of IP ranges, that gets us too. We can't transparently proxy SSL so Squid can't help. It's a flash stream over https.

      So we QoSed the end users on port 443 in this case. 300b/s seems about right. :P

  11. omfg!ponies by Rob+Kaper · · Score: 5, Insightful

    Run for the hills! Internet traffic doubles/triples during a major sports event? Who could have known!

    That's about as worthy of an article as one "discovering" Euro Cup 2008 matches causes certain European streets to be abandoned for ninety minutes.

    I can understand how such a traffic increase would be reason for alarm for the average network administrator, but you'd think service providers whose main business is the infrastructure would be aware of major streaming events. This shouldn't have surprised so many people.

  12. firefox by mattwarden · · Score: 4, Funny

    Just thought of something. Was mozilla.org hosting US Open highlight clips yesterday or something? Because that would explain a lot.

  13. Re:Match by corbettw · · Score: 4, Interesting

    I couldn't access the NBC stream at all.

    Fortunately Hong Kong's Star Sports was accessible through Sopcast P2P. That's awesome. Someone in the US (I assume you're in the US, since you referred to NBC and not some other network) had to watch a US sporting event by bouncing off a server in China.

    The best part? It's not really all that impressive nowadays. But the entire concept was unthinkable to most people even 10 years ago.
    --
    God invented whiskey so the Irish would not rule the world.
  14. Troubling it wasn't recognized sooner by tacokill · · Score: 4, Insightful

    How could this possibly be confused with a DDOS attack?

    It makes me nervous that it even got to that point. How can a competent ISP confuse DDOS attacks with streaming video (most likely, the same streaming video sent to all people)? Isn't there a pattern there? Couldn't they see the connections were all coming from the same server or block of servers? Couldn't they see all of the connections were using the same protocol? Couldn't they see they were all using the same port?

    How the hell do they confuse that with a DDOS? I am just a lowly part-time IT network manager at my company and even I can see the difference between streaming video and "other bad stuff".

    Someone smarter than me please help me understand more about this. How did this get far enough to convince the ISP's they were being DDOS'd?

  15. It was good quality video.. I watched. by tji · · Score: 4, Informative

    I guess I was part of the problem. I watched a good portion of it, at least the first nine holes until it switched to NBC coverage where my MythTV DVR could record it (the first half was on ESPN, and I don't get cable).

    I was surprised at how good the video looked. I have tried several other events in the past, and have always been disappointed, or completely unable to view it. Although, for the NCAA Final Four this year, I was finally able to actually watch a game after failing the last few years. I had to use Win2K within a VMware VM, but it did work.

    The U.S. Open video worked directly from my Mac, had decent sized video, and was completely watchable on my laptop. Nice job USGA, NBC, etc.

  16. What Cable Providers are afraid of by aliens · · Score: 4, Insightful

    All these moves to charge per usage is going to blow up in their face.

    They're worried this kind of usage will eat into their own TV viewership. What better way to prevent that from happening than by charging those who use it.

    What will end up happening is customers will get in a tizzy and without suitable alternatives lawsuits will fly.

    In the end either they'll have to abandon these plans or competition will be forced into the market.

    --
    -- taking over the world, we are.
  17. Multicast. by pavon · · Score: 4, Interesting

    Yep, this is exactly the sort of situation that IP Multicast was created for. It has been part of the IP RFCs since forever. Maybe more incidents like this will convince more ISPs to configure their routers to support it, so we could start using it.

  18. Re:Oops. by Da+Fokka · · Score: 5, Funny

    The kiloclit