Linode Under DDoS Since Christmas (linode.com)

← Back to Stories (view on slashdot.org)

Linode Under DDoS Since Christmas (linode.com)

Posted by Soulskill on Friday January 1, 2016 @01:03PM from the angry-people-creating-other-angry-people dept.

hol writes: Linode has been getting hit with DDoS attacks since Christmas Day, and it looks like their pain is set to continue. The attackers are rotating DDoS traffic through various regions of Linode's service. They say, "All of these attacks have occurred multiple times. Over the course of the last week, we have seen over 30 attacks of significant duration and impact. As we have found ways to mitigate these attacks, the vectors used inevitably change. As of this afternoon, we have mostly hardened ourselves against the above attack vectors, but we expect more to come. ... Once these attacks stop, we plan to share a complete technical explanation about what has been happening." See their status page for updates.

87 of 149 comments (clear)

Min score:

Reason:

Sort:

Oh no! by Anonymous Coward · 2016-01-01 13:07 · Score: 5, Interesting

WTF is "Linode"?
1. Re:Oh no! by ArchieBunker · 2016-01-01 13:19 · Score: 4, Insightful
  
  The janitors who run this site can't even be bothered to hyperlink Linode to Wikipedia.
  
  --
  Only the State obtains its revenue by coercion. - Murray Rothbard
2. Re:Oh no! by Snotnose · 2016-01-01 13:57 · Score: 4, Interesting
  
  Exactly. I've never heard of Linode and I run Linux on one of my machines. Is it too much to ask that you give a 1-2 sentence description of why I should care?
  
  And no, I don't care enough to check wikipedia, nor google. Never heard of 'em, don't care, the summary gives me no reason to change my mind on either.
3. Re:Oh no! by CanadianMacFan · 2016-01-01 15:10 · Score: 1
  
  And why do we care if they are getting hit with a DDOS? If they are an ISP isn't this just an ad for them?
4. Re:Oh no! by rudy_wayne · 2016-01-01 15:19 · Score: 3, Funny
  
  Since your Google appears to be broken
  https://www.linode.com/
  They are a "Cloud Hosting" company. Which makes the recent events quite the Lulz.
5. Re:Oh no! by h33t+l4x0r · 2016-01-01 15:43 · Score: 2
  
  The janitors who run this site can't even be bothered to hyperlink Linode to Wikipedia.
  This site is run by janitors? That actually explains a lot.
6. Re:Oh no! by Razed+By+TV · 2016-01-01 15:55 · Score: 5, Insightful
  
  This is becoming a regular problem on /. Article titles and summaries are increasingly assuming that people have the obscure knowledge of the topic to actually care. In this case, who Linode is, what makes Linode important, why this DDoS merits more attention than other attacks, etc.
  
  It used to be that when I saw a title/summary that I was unfamiliar with, I could follow it and expect to learn something from it.
  Now I find out that JustAnotherCompany experienced JustAnotherThingThatHappensOnTheInternet.
  
  I googled Linode, so I guess I learned something. Cloud hosting/virtual servers. Are they big fish, little fish, do they host someone big, are they known for something they did in particular? Well, I have better things to do than research it.
7. Re:Oh no! by Anonymous Coward · 2016-01-01 16:09 · Score: 3, Insightful
  
  This site is run by janitors? That actually explains a lot.
  No it doesn't; janitors clean up the shit that overflows everywhere
8. Re:Oh no! by Anonymous Coward · 2016-01-01 17:10 · Score: 2, Informative
  
  They're an inexpensive high performance VPS (virtual private server) provider. I've used Linode myself to roll my own VPN (virtual private network) for example. Many major companies and various nerds use Linode to host VPS running on SSD (solid state disk) storage in a KVM (Kernel-based Virtual Machine), they can handle larger loads of users than many other cloud services. And, they tend to be cheaper because they charge you a flat rate instead of nickel and diming you for every cpu/ram/io usage. They give you 2TB throughput, 1gb ram, 1 cpu, 24 gb ssd, 40gb/125gb in/out for $10/mo and these stats scale up evenly for every extra $10/mo. I've used their service, it is pretty good. DigitalOcean is one of their big competitors. Worth noting, I was able to dodge the DDOS attacks because I already geo-block everything but EU and US since I am not providing business to those other countries anyways.
9. Re:Oh no! by Anonymous Coward · 2016-01-01 17:14 · Score: 1, Funny
  
  If you were any sort of geek you'd have heard of server hosting service Linode, especially with your UID.
  Turn your card in and GTFO, please.
10. Re:Oh no! by sexconker · 2016-01-01 17:41 · Score: 1
  
  KVM (Kernel-based Virtual Machine)
  That is most definitely NOT what KVM stands for. Get off my lawn, etc.
11. Re:Oh no! by Anonymous Coward · 2016-01-01 18:53 · Score: 1
  
  Maybe I'm a rubbish geek, but at least I'm a real Scotsman.
12. Re:Oh no! by h33t+l4x0r · 2016-01-01 19:24 · Score: 5, Informative
  
  I believe they're the number 2 player after AWS (Amazon Web Services). So a big fish, and it's an impressive accomplishment to give them so much trouble.
13. Re:Oh no! by Zontar+The+Mindless · 2016-01-01 19:32 · Score: 2
  
  Exactly. I've never heard of Linode and I run Linux on one of my machines. Is it too much to ask that you give a 1-2 sentence description of why I should care?
  And no, I don't care enough to check wikipedia, nor google. Never heard of 'em, don't care, the summary gives me no reason to change my mind on either.
  Since you seem to have to much free time to troll on the forums and brag about your ignorance, why would anyone bother push information under your nose... learn to use search ..
  Maybe, just maybe, the summary could give those of us who aren't experts on everything under the Sun a reason to care?
  
  --
  Il n'y a pas de Planet B.
14. Re:Oh no! by Zontar+The+Mindless · 2016-01-01 19:36 · Score: 2
  
  KVM (Kernel-based Virtual Machine)
  That is most definitely NOT what KVM stands for. Get off my lawn, etc.
  These folks seem to disagree. Moo?
  
  --
  Il n'y a pas de Planet B.
15. Re:Oh no! by vel-ex-tech · 2016-01-01 20:55 · Score: 5, Informative
  
  Linode is a quite good VPS provider. They have several stock distro installs to choose from (Linux and BSD), and then the sky is the limit. They also pay for user-generated documentation, and the focus is on FLOSS software that you can install and configure on your node. This isn't some PHP MySQL crap. I've been a happy user for years now, running a private mail, web, and IRC server. The prices are quite than reasonable. I'm not sure if they offer Xen nodes anymore since KVM is the way to go.
  My nodes at Fremont haven't been affected yet. Soylentnews, also hosted on Linode, seems to be doing well too.
16. Re:Oh no! by vel-ex-tech · 2016-01-01 21:15 · Score: 1
  
  Cloud Hosting
  Yes, but it's my cloud. I call the main server the "server in the clouds."
  That's the essential question for the future of the interweb(s). Are you uploading to "the cloud" or your cloud?
  That cloud is my cloud. There are many like it, but that one is mine.
17. Re:Oh no! by vel-ex-tech · 2016-01-01 21:23 · Score: 2
  
  Let me check Fremont.
  > ping xyz.com PING xyz.com (555.123.45.67) 56(84) bytes of data. 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=1 ttl=50 time=69.0 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=2 ttl=50 time=69.0 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=3 ttl=50 time=72.8 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=4 ttl=50 time=66.7 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=5 ttl=50 time=67.2 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=6 ttl=50 time=68.7 ms 64 bytes from lidsfargeg.members.linode.com (555.123.45.67): icmp_seq=7 ttl=50 time=69.0 ms
  Looks good from flyover country. According to the status page, it seems it's primarily the Atlanta datacenter that's affected. Protip: don't spin up all your nodes in the same datacenter! Fortunately, Linode has a few of those. I'm certain they have top women on this, and they'll have this resolved quickly. (Even better if there are strange, up, down, or charmed women on the job. Not sure about the bottom women....)
18. Re:Oh no! by vel-ex-tech · 2016-01-01 21:29 · Score: 1
  
  Wait.
  > ping xyz.com PING xyz.com (184.169.138.0) 56(84) bytes of data. 64 bytes from ec2-184-169-138-0.us-west-1.compute.amazonaws.com (184.169.138.0): icmp_seq=1 ttl=40 time=70.3 ms 64 bytes from ec2-184-169-138-0.us-west-1.compute.amazonaws.com (184.169.138.0): icmp_seq=2 ttl=40 time=71.1 ms 64 bytes from ec2-184-169-138-0.us-west-1.compute.amazonaws.com (184.169.138.0): icmp_seq=3 ttl=40 time=69.0 ms
  Huh, who knew?
19. Re:Oh no! by Vegard · 2016-01-01 23:12 · Score: 2
  
  DDOS is vandalism, simply. We'd cover it if a mob was throwing rocks at Microsoft, RedHat og IBMs head quarters, would we not? This is just as much vandalism, and there *is* no justification for vandalism.
  This is actually why I am no fan of groups like Anonymous, and do not cheer when they for example hit ISIS targets. There's bound to be a lot of collateral damage, and a lot of innocent people will be targeted.
  As for Linode? God knows what they or some of their customers have done. But this time - like a lot of other innocent people - it actually hit *me* too. I got tired of running a physical machine at home just so I could run all my services, so I got myself a server at Linode. It has a lot better WAF, too.
  So am I satisfied with Linode? You bet. This is not their fault. I am sure they are bound to learn from it, to quicker stop this in the future. But it is not easy, to stop mobs. Because DDOS groups are just that: Mobs! No matter how much you sympatize with a cause, a mob is never justified.
  Period.
20. Re: Oh no! by JonathanHirschbaum · 2016-01-01 23:32 · Score: 1
  
  then who the fuck can ddos them, if they are that big? millions of google servers?
21. Re:Oh no! by i.r.id10t · 2016-01-02 03:31 · Score: 2
  
  Eh, for individual users and small businesses I'd put them ahead of amazon. As in, live chat with real help, very quick response to emails, proactive support, and for the one period I was playign with AWS much better deal (a micro on AWS was gonna run $15/mo with 8gb disk and 512mb ram, at the time on linode $20 got you 1gb ram and 20gb disk), and now linode has a $10/mo plan. Been a very happy customer of theirs for 10+ years.
  And I've not noticed any issues from the DDOS either. Of course, I run simple mail for my own domains and a few images on a web server, so it isnt like I've got customers trying to get to their stuff....
  
  --
  Don't blame me, I voted for Kodos
22. Re:Oh no! by tompaulco · 2016-01-02 03:38 · Score: 1
  
  Exactly. I didn't know who Linode was, but I knew that the article was there to spark controversy over whether they "deserved" it or not. I am here to say that, no, they don't. DDoS is vandalism, as the parent said. Anonymous is a terrorist organization. Anonymous went after ISIS only because they don't like competition. DDoS hurts everybody and costs everybody money. The costs of fixing the issues is passed on to the customers, ultimately, you and me. There is no way anybody with any sense would support DDoS terrorists.
  
  --
  If you are not allowed to question your government then the government has answered your question.
23. Re:Oh no! by fnj · 2016-01-02 04:41 · Score: 1
  
  KVM (Kernel-based Virtual Machine)
  That is most definitely NOT what KVM stands for.
  According to their own goddam fucking site, that IS precisely what it stands for, sparky.
  "KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware..."
24. Re:Oh no! by fnj · 2016-01-02 04:47 · Score: 1
  
  WTF is "Linode"?
  Um, how much of a goddam self-entitled lazy bastard are you trying to be?
25. Re: Oh no! by Anonymous Coward · 2016-01-02 05:48 · Score: 1
  
  "hobbyist" FOR FUCK'S SAKE
26. Re:Oh no! by ihtoit · 2016-01-02 06:31 · Score: 1
  
  Linode is a cloud virtualisation service that runs GNU/Linux from the back room to the reception desk. This keeps their overheads down as they're not fighting Microsofts ever-confusing server licensing model.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
27. Re:Oh no! by ihtoit · 2016-01-02 06:37 · Score: 1
  
  they're based in New Jersey. Howtogeek, The Onion, and several other sites are hosted by them. They've been going twelve years.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
28. Re:Oh no! by ihtoit · 2016-01-02 06:38 · Score: 1
  
  mod parent up.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
29. Re:Oh no! by ihtoit · 2016-01-02 06:39 · Score: 1
  
  they switched to KVM a while ago.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
30. Re:Oh no! by rochrist · 2016-01-02 06:49 · Score: 1
  
  I'm 'on this site', and I've heard of them.
31. Re:Oh no! by Stan92057 · 2016-01-02 07:18 · Score: 1
  
  Very clever way to make the site get moved up in google search don't ya think?
  
  --
  Jack of all trades,master of none
32. Re:Oh no! by easyTree · 2016-01-02 07:56 · Score: 1
  
  This is becoming a regular problem on /. Article titles and summaries are increasingly assuming that people have the obscure knowledge of the topic to actually care. In this case, who Linode is, what makes Linode important, why this DDoS merits more attention than other attacks, etc.
  This is the way *things* work. If you don't know what the article is about, it's not meant for you!
  If you *want* to read every article and know something about it, why not google it?
  
  --
  Requiem for the American Dream
33. Re:Oh no! by sexconker · 2016-01-02 11:27 · Score: 1
  
  "Their own" meaning the clowns that hijacked "KVM".
  That's like saying according to that car thief, that's HIS car!
  KVM is keyboard, video, mouse. Always has been, always will be.
34. Re:Oh no! by CanadianMacFan · 2016-01-03 05:01 · Score: 1
  
  Would it be covered if it was stones being thrown at some software shop in Vancouver, BC that not many people have heard of?
  I wasn't saying that the attack was justified or right. I was questioning why the article was on here. ISPs are hit by attacks all of the time and this just seems like an advertisement for the company.
35. Re:Oh no! by RockDoctor · 2016-01-03 12:46 · Score: 1
  
  Soylentnews, also hosted on Linode, seems to be doing well too.
  Relevant and useful, since I was just over there looking to see if they were any any significant amount better than Slashdot.
  And yes, they were up.
  
  --
  Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
36. Re:Oh no! by qubezz · 2016-01-04 18:13 · Score: 1
  
  There was a Bitcoin exchange, Bitcoinica, that had $250k worth of Bitcoin stolen by what is widely regarded as an inside job by Linode admins or support staff.
37. Re:Oh no! by omfgnosis · 2016-01-05 12:03 · Score: 1
  
  Anonymous is a terrorist organization. Anonymous went after ISIS only because they don't like competition.
  You're kidding right?
  Disclosure: I'm not a particular supporter of Anonymous, I just find this kind of reasoning ignorant and dangerous.
38. Re:Oh no! by omfgnosis · 2016-01-05 16:39 · Score: 1
  
  I didn't know either. Then something I use (clojars.org) was affected. Then I looked it up. Then I was less ignorant.
  If it doesn't affect you, it's okay to be ignorant about it, because why should you care? But do you really need to broadcast that ignorance every time you notice it? Unless you run your own news source, you know there isn't a news source specifically designed to cater to your tastes and whims right? It must be exhausting spitefully trying to curate every web page you visit instead of just scrolling past it.
Haven't noticed a thing... by Anonymous Coward · 2016-01-01 13:07 · Score: 3, Informative

As one of their customers, I haven't noticed a thing. My instances keep on chugging along as if nothing is wrong.
1. Re:Haven't noticed a thing... by h33t+l4x0r · 2016-01-01 15:41 · Score: 2
  
  Mine too, mine's in Tokyo, one of the few regions that haven't been hit.
2. Re:Haven't noticed a thing... by DRichardHipp · 2016-01-01 15:50 · Score: 5, Informative
  
  https://www.sqlite.org/ is hosted on Linode - has been for over 10 years. The site was off-line for about 10 minutes on Tuesday, but service has been OK otherwise.. The folks at Linode have done a good job of keeping things running. I see now that Chris Aker and his team have had a challenging week.
  I've used a variety of hosting providers, but I always keep coming back to Linode. Their product is competitively priced, they provide exceptional service and support, and they are very simple to use. And, unlike AWS, you don't need a calculator and 2 hours spent parsing fine print in the documentation to figure out how much a given level of service will end up costing you. I highly recommend Linode for your cloud computing needs. I hope they are able to resolve their DDoS problems quickly.
3. Re:Haven't noticed a thing... by devilspgd · 2016-01-01 16:08 · Score: 4, Interesting
  
  I've got several Linodes, I've probably seen about 10-15 minutes of downtime total (per node, and not at the same time), so in my case this translated into approximately 8 minutes of customer-facing outage due to my internal redundancy.
  However, my redundancy is within a Linode network, if an entire Linode data-center goes down, so do I, I don't attempt to replicate outside of an individual DC, outside of off-site backups (which I store outside the Linode environment). We do have core infrastructure (DNS, our own mail and system status pages) distributed across multiple providers so that losing a single provider won't take us down, although this is mainly to prevent a situation such as where my Linode account itself is suspended.
  All in all, I'm quite impressed at how well they've handled it.
  
  --
  Give a man a fish, he'll eat for a day, but teach a man to phish...
4. Re:Haven't noticed a thing... by Nexion · 2016-01-01 20:53 · Score: 1
  
  A few days ago, while connected to my server, it suddenly couldn't be reached for 10 or so minutes. I logged in after the event, noted that my machine showed no sign of reboot or ever being offline, and figured it was some DDOS kiddie having a go at someone. Was surprised to see a report here that someone directly targeting Linode. I've been making use of the server often since then and haven't had further issue.
  Whoever is doing it... is coming up short.
5. Re:Haven't noticed a thing... by srw · 2016-01-02 03:59 · Score: 3, Informative
  
  I was wondering why siteuptime was reporting brief outages on my Linode. I guess this explains why I've had the worst uptime in years... just got my December report. 99.66% uptime. I've been with Linode for a very long time and can honestly not say a bad word about them. I've really only ever had one bad outage, when the UPSes at HE Dallas blew up. I think that one ended up being about 8 hours. They kept us updated and even set up a webcam so we could watch them working in the datacentre getting things booted back up after power was restored.
6. Re:Haven't noticed a thing... by Mr.+Slippery · 2016-01-02 04:00 · Score: 1
  
  My instances keep on chugging along as if nothing is wrong.
  Mine haven't. :-( I'm in Atlanta, was off-line most of yesterday, came back up before I went to bed, was off again this morning. It's the suck. Not Linode's fault, but the suck.
  This plus the BBC outage suggests that 2016 is that year we'll learn the net is made of tissue paper.
  
  --
  Tom Swiss | the infamous tms | my blog
  You cannot wash away blood with blood
7. Re:Haven't noticed a thing... by rumpsummoner · 2016-01-02 07:55 · Score: 1
  
  Mine in Dallas have had 4 approximately 15 minute outages since Christmas. It's a bummer.
Why? by Anonymous Coward · 2016-01-01 13:11 · Score: 1

The most interesting question that these kinds of news articles never describe is intent. WHY are they attacking Linode? These attacks cost money. People don't do them for fun anymore.
I understand that some people don't want to give the attackers more attention but that's the most interesting part. Honestly, maybe the attackers have a point? Who knows? You'll never know unless you discuss it.
1. Re:Why? by Anonymous Coward · 2016-01-01 13:27 · Score: 1
  
  Maybe Linode is hosting spam marketers. That is enough of a good reason for me.
2. Re:Why? by Anonymous Coward · 2016-01-01 13:32 · Score: 1
  
  For the LULZ?
3. Re:Why? by HiThere · 2016-01-01 15:01 · Score: 1
  
  Based on other comments I'm guessing they're an ISP. So how about refusing to let someone cancel their service?
  
  --
  
  I think we've pushed this "anyone can grow up to be president" thing too far.
4. Re:Why? by mysidia · 2016-01-01 15:16 · Score: 3, Insightful
  
  These attacks cost money. People don't do them for fun anymore.
  You are sadly mistaken.... just b/c attacks cost money, does not mean people do not still launch them willy-nilly ---- you are a hosting provider, and some website you are hosting makes the wrong person or wrong group angry, or they have a political message to send, they may attack the entire provider.
  Although, quite often such large-scale attacks are launched, then followed up by "ransom demands", and as long as the target does not pay the huge cash ransom, the attacks continue, And the attacker stands to make much more $$$ from ransom than the attacks would have cost them.
5. Re:Why? by mysidia · 2016-01-01 15:18 · Score: 1
  
  How about "Billy joe needs drug money, and so far Linode has failed to pay the 200 bitcoins ransom charge to stop the attacks?
6. Re:Why? by rudy_wayne · 2016-01-01 15:20 · Score: 1
  
  Based on other comments I'm guessing they're an ISP. So how about refusing to let someone cancel their service?
  You're thinking of AOL.
7. Re:Why? by runningduck · 2016-01-01 15:33 · Score: 2
  
  Linode is a virtual server provider. Easy as pie to manage your service starting new instances and deleting instances through their control panel.
  
  --
  -rd
8. Re:Why? by devilspgd · 2016-01-01 16:10 · Score: 1
  
  I've been the victim of a low-grade DoS attack from a Linode IP, an email to abuse@ stopped it quite quickly, although I don't recall getting a response.
  It popped up again from another IP, and again, an email to abuse@ got it stopped quite quickly.
  So in this respect, I'm very happy with them.
  
  --
  Give a man a fish, he'll eat for a day, but teach a man to phish...
9. Re:Why? by sexconker · 2016-01-01 17:51 · Score: 1
  
  Easy as pie
  Have you ever made an apple pie from scratch? It's anything but easy. Hell, step 1 is to create the universe.
10. Re:Why? by runningduck · 2016-01-01 18:09 · Score: 2
  
  "If you think the universe is big, you should see the source code."
  
  --
  -rd
11. Re:Why? by drinkypoo · 2016-01-01 22:56 · Score: 1
  
  These attacks cost money.
  No, no they do not. These attacks do not cost the attackers any money. They compromise other people's computers and use them to make the attacks, and it costs them only time. Compromising systems is its own reward; if it wasn't, we wouldn't have games where the point is to hack computers. Except, it's much more exciting in the really real world. So they take over computers as a game and then their payoff is they get to lash out at people they don't like by using them. Total cost to the attacker: Actually negative, since it costs them no money and they get entertainment out of it.
  
  --
  "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
12. Re:Why? by execthis · 2016-01-02 01:03 · Score: 1
  
  Or someone who writes critical things about China.
13. Re:Why? by ihtoit · 2016-01-02 06:55 · Score: 1
  
  let me clarify: they don't cost the actors money, they cost whoever's hiring them money. If you find yourself in a position of being able to command 12,000 armed men to invade a small Middle East country, you wouldn't instead go in on your own with a slingshot. You send in the big guns and the muppets with their fingers on the fire buttons. Let THEM take the risk, and you can pay them a pittance for doing it, meanwhile they've convinced themselves, truth be damned, that they're doing the right thing because hey, they're getting paid more than they would shaking a tin cup at passersby. You're the Pimp who's raking the sp(oil)s.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
14. Re:Why? by omfgnosis · 2016-01-05 12:16 · Score: 1
  
  Maybe the attackers have a point, even though I disagree with their actions. You don't need to consider an action acceptable to identify a motivation for the action, or even to share some or all of that motivation.
  One of the reasons it's so hard to combat ideologically motivated crime is that, as a society, we do a terrible job either identifying legitimate grievances behind those crimes, or providing a sanctioned and effective alternative for redressing them. Instead, we tend to create an escalation feedback loop by saddling the moral character of grievances with the actions, however irrational, taken in their name.
15. Re:Why? by omfgnosis · 2016-01-05 12:17 · Score: 1
  
  At least I already have the ingredients: hydrogen and time.
Maybe I'm a jerk... by devilspgd · 2016-01-01 13:23 · Score: 4, Interesting

Okay, I'm probably a jerk, but I don't care and I hope their upstream(s) isn't/aren't helpful.
I'm a happy Linode customer, but when one of my customers was being targeted by a DDoS extortion scheme which was using a very specific, very blockable attack, Linode's only solution/suggestion was to boot the customer, or wait it out, and in the meantime, they nullrouted my IP. Now I get that nullrouting my IP keeps the rest of the customers in that subnet/node/etc online, but it frustrated me that they wouldn't even attempt to block selectively, and as such, I can't get a ton of sympathy when they're victims of similar attacks.
And for the record, my customer didn't pay, eventually the DDoS group got bored and moved on.

--
Give a man a fish, he'll eat for a day, but teach a man to phish...
1. Re:Maybe I'm a jerk... by Anonymous Coward · 2016-01-01 14:00 · Score: 3, Interesting
  
  Well, hopefully you won't mind me sounding like a jerk too, but I'm going to outright call you out as a liar on that one plain and straight.
  As a Linode customer for over a decade now with a good number of nodes still running, and who has previously been the target of DDoS attacks, I have never seen caker or any of their staff respond in such a way to one of their customers.
  They have been nothing but above and beyond helpful with blocking attacks and working with me to keep my (and their own) services up, including custom layer 3 filtering at their upstream providers specifically to address the types of attacks directed at me.
  Yes they null route the specific IPs being attacked during the peek of the attacks to keep services up for their other customers first, and you expecting anything different is not only foolish but demonstrates unrealistic expectations and a failure to grasp how network routing works at the backbone level.
  But to claim they threatened either you or your customer must go has no president, and does not mesh with how they have always handled such things in the past.
  Did you go about threatening them with lawsuits like an entitled prick or something? Maybe then I could see such a response (and not really blame anyone for it)
  But you imply trying to work with them on the problem so I doubt that to be the case, which is why I doubt your explanation of what happened is at all the full story.
  All of that aside however, how fucking petty and low to wish such DDoS attacks on them for no other reason than you being a little frustrated at being offline for a few minutes expecting god like powers from those who clearly don't have them.
  Especially when their entire staff has worked around the clock over the holidays to keep services of entitled pricks like you running instead of being with their friends and families, all over a petty exaggerated grudge.
2. Re: Maybe I'm a jerk... by Anonymous Coward · 2016-01-01 15:10 · Score: 1
  
  They nulled my ips before as well for a tcp 53 attack.
3. Re:Maybe I'm a jerk... by mysidia · 2016-01-01 15:56 · Score: 5, Informative
  
  Null routing an IP address under DDoS attack in an emergency is standard industry practice across all major ISPs and hosting providers; companies that use more advanced techniques either have a few tricks up their sleeves which only work in the most common situations, or they bought some $5 million anti-DoS appliances to help mitigate it (usually).
  The simple fact is DoS mitigation is not part of a basic hosting service, once an attack exceeds a few million packets per second, or a couple Gigabits: you are simply not paying network providers enough money for it to be feasible for any ISP to come close to justifying effective DoS mitigation for those rare sizes of attack, for every customer, because the cost involves provisioning hundreds of million$$$ in extra upstream capacity, internal network capacity, and operations staff.
  Then even with all that extra capital spend: (1) It's still not possible to make every attack seamless, Null-routing might still be required in cases, there will still be outages, people like the above will still be unhappy, And.... (2) Most ISPs don't have that much throwaway cash, and most hosting customers aren't going to be willing to pay their share of what it costs to provision 10000x as much capacity as needed.
  (3) Its less expensive to just shed overly-demanding customers who pay little by allowing them to make themselves unhappy and go to a competitor. If someone's paying $100 a month and their site is constantly getting DDoS'd, then it makes perfect sense to terminate them as a customer to, and let the other 10000 $100/Month customers have a better experience, instead of leaving due to the DoS being suffered as a result of 1 customer.
  And if someone wants to arrange for their website to be handled differently, then this is part of a negotiation that should be made with the ISP or provider before turning up hosting service and added to the contract, with response SLA and recourse/refund policy.
  Or you're better off enlisting a 3rd party DoS-scrubbing service such as CloudFlare to conceal your infrastructure from attackers.
  There are also DoS-cleanup services that work at a network range level where your DDoS provider announces your /24 into BGP, cleans DoS, and forwards you traffic.
  Many ISPs do have the flexibility for alternate handling of DDoS, up to a certain point, they can avoid Null-routing an IP, or avoid the Null-routing of one IP from making your service unavailable.... generally, the cost will be much higher --- E.g. $10,000 per month instead of $100 per month.
  Forget about attempting to negotiate expert-level DoS management that will require the provisioning of engineer and infrastructure resources in advance that are quite costly to the providers to keep on hand, Unless you are willing to pay sufficiently to be a large client of the provider with a multi-year committed contract and cover the costs of those extra resources plus sizable profit.
  Also: to host a website resiliently, however, the provider will most likely require that the website be served from multiple server farms in multiple IP ranges with an anycasted internet presence for both the services' IP addresses, and the supporting DNS services.
  This is because in spite of additional resources, it might still be necessary at times to fall back to Null-routing.
4. Re:Maybe I'm a jerk... by devilspgd · 2016-01-01 15:58 · Score: 3, Interesting
  
  I see why you're posting as A/C. Try reading again: Linode didn't threaten me or the customer or anyone else, we (my customer, and me as a host) were threatened by a DDoS extortion scheme -- A "Nice web site you host there, it would be a shame if someone were to keep up a sustained DDoS against it"
  And no, I didn't threaten a lawsuit or anything else, I just asked them for information on the type of attack, and later once I identified the type of attack, help filtering rather than a complete nullroute.
  They were polite, but completely unhelpful in terms of even providing any information about the particulars of the attack (one source or multiple, port numbers, type of traffic, etc) "Luckily" the DDoS hit servers I run on another network too, and the network operator there was able to provide me with said details, which helped to mitigate the attacks.
  
  --
  Give a man a fish, he'll eat for a day, but teach a man to phish...
5. Re:Maybe I'm a jerk... by devilspgd · 2016-01-01 16:03 · Score: 4, Informative
  
  I didn't wish such DDoS attacks on them at all. Has /. reading comprehension really fallen this low?
  What I hope is that their provider is as unhelpful to them as Linode was to me when I was a victim of similar, ongoing and sustained attacks, as it will help them understand the difficulty that customers face and that they're left struggling to resolve it on their own because if so, they may develop both sympathy and tools that can be used to protect both themselves and their customers in the future.
  If "Oh, just shut everything down and wait it out" is good enough for me, it should be good enough for them. If not, well, maybe they'll improve after having a bit more personal experience being the victim.
  And for the record, I'm still a Linode customer (and have more services with them now than I did then); I was just disappointed at their lack of usefulness.
  
  --
  Give a man a fish, he'll eat for a day, but teach a man to phish...
6. Re:Maybe I'm a jerk... by ThatsMyNick · 2016-01-01 16:12 · Score: 2
  
  It is simple, you dont pay them enough to do that for you. They provide cheap, cookie cutter setups. If the setup is not for you, they do not do custom setups, they dont take odd (but possibly simple) requests. Find another business, really.
7. Re:Maybe I'm a jerk... by NormalVisual · 2016-01-01 16:28 · Score: 1
  
  Many ISPs do have the flexibility for alternate handling of DDoS, up to a certain point, they can avoid Null-routing an IP, or avoid the Null-routing of one IP from making your service unavailable.... generally, the cost will be much higher --- E.g. $10,000 per month instead of $100 per month.
  
  This is what it comes down to. If you want real DDoS protection, it's going to cost real money. If you can't/don't want to pay that, then you'll just have to deal with the nullroute. Cheap prices mean cheap service.
  
  --
  Please stand clear of the doors, por favor mantenganse alejado de las puertas
Don't take my word for it by itomato · 2016-01-01 13:32 · Score: 1

"It has become evident in the past two days that a bad actor is purchasing large amounts of botnet capacity in an attempt to significantly damage Linode’s business"
RTFA?
1. Re: Don't take my word for it by ihtoit · 2016-01-02 06:49 · Score: 2
  
  I dunno, ten bucks a month for more power than a four year old laptop and a 40Gig pipe and guaranteed three-nines uptime is pretty fucking good.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
and posting about it on slashdot, would help who? by Anonymous Coward · 2016-01-01 13:43 · Score: 1

(DDoS + Slashdot effect > DDoS)
Damnit!!! by FudRucker · 2016-01-01 13:56 · Score: 2

this is why we cant have nice things!!!

--
Politics is Treachery, Religion is Brainwashing
IMPORTANT NEWS! by Anonymous Coward · 2016-01-01 14:52 · Score: 1

Going forward, on weekends Slashdot will have an entire thread reserved for
"businesses that are experiencing a DDOS, virus, malware, infection, or someone
just called in sick without a lot of head's up to the boss."
That way nobody will say "Hey wait, Linode isn't news" or "Why is it such a big
deal" because lots of companies will be listed here.
Stay tuned for the "Virus of the week" award winners. Next up, a crossover show
with KUWTK where Kiley Jenner starts up a VM instance but then there's like a DDOS
and her makeup is not complete and Tyga and *yawn*.
Christmas by Anonymous Coward · 2016-01-01 15:31 · Score: 1

Christmas under ddos attack from Muslims.
1. Re:Christmas by omfgnosis · 2016-01-05 16:33 · Score: 1
  
  Wah wah I'm part of the wealthiest and most powerful culture in human history and it's still not good enough.
Re:clever advertising by c-A-d · 2016-01-01 16:33 · Score: 1

It's not much of a good ad. They're under attack and not weathering it well.

--
some karma... and kinda lukewarm about it.
Twas The Night Before Christmas . . . by cleara · 2016-01-01 16:43 · Score: 1

Twas The Night After Christmas . . .
When throughout the whole Linode house, all was peaceful and nothing stirred, not even a disk overflow alarm . . .
When suddenly there was a big blizzard of bits flowing in from all directions of the universe!
With a loud clatter and a loud hiss!
The massive shower of bits and bytes, like the Niagra falls, fell upon the little Linode House! And the NOC awoke with a shatter!
"Gandy! Rudolf! Silence the alarms! What is going on!": Santa, the NOC lead engineer cried.
And then a soft melody could be faintly heard through the clatter. A choir of carolers singing outside the Linode data center's massive security gates . . .
Silent Night
Traffic is Light
We don't see any thing here but blowing snowflakes
To us, all this Internet data is about as worthless as the snowflakes on Christmas Eve!
We the great Choir of Anonymous must sing to all the children of the Inernet!
Put down your mice and drop your tablets! Come and sing with us on this Christmas Eve!

--
Most Respectfully Yours Mrs. Cleara Plastique
Re:The real issue.. by vel-ex-tech · 2016-01-01 20:47 · Score: 1

Wow, my usual rant size is dwarfed! My hat is off to you, madam or sir!
BBC often down too: related by Maow · 2016-01-02 02:34 · Score: 2

I've got to wonder if BBC's issues are related to Linode being hit, or if BBC is the target and Linode is suffering for it?
I've seen BBC have issues in the past, but never as bad and for as long as since Christmas.
As recently as a minute ago I couldn't get a page to load.
1. Re:BBC often down too: related by ihtoit · 2016-01-02 07:03 · Score: 1
  
  you have no idea how accurate that assessment is. As far as I can make out, BBC's iPlayer content is hosted by Linode.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
Re:The real issue.. by ihtoit · 2016-01-02 06:27 · Score: 1

TL;DR. Condense it to four fucking lines or fuck off. Better yet, just fuck off.

--
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
Re:The real issue.. by rochrist · 2016-01-02 06:47 · Score: 1

TL;DR
Re:The fuck happened to the comments here by Aurix · 2016-01-02 10:50 · Score: 1

If I had mod points, I'd +1 this.
Long time happy user by mattr · 2016-01-03 11:15 · Score: 1

Long time linode user, I have two and have been extremely happy with them. Awesome support and community, periodic big free upgrades, continuously improving and adding services. Now you can create a cluster temporarily or ramp up a server and then turn it off, paying just for what you use, it is amazing and the most fun and value I've had. If you want to have your own server just get a linode. As for the ddos, I felt nothing in the two cities I have linodes.