What do you get when you take an ISP accused of being a spammer, the organization doing the accusing, the several security organizations defending the accuser, and one hell of an axe to grind? If you answered a wicked nifty cool DDoS attack, you get yourself a cookie. But since I have no cookies, you can settle for vodka. The attack in question started out just aimed at spamhaus, who manages an antispam blacklist for primarily mail trafick to prevent certain types of spam from hitting a mail server (disclosure: it’s one of the 4 I use, and use heavily). When a bunch of organizations jumped in to help Spamhaus minimise that attack, it escalated. The attack ended up aimed at the folks what provide a backbone to the internet (because someone’s going to ask, it’s explained better than I ever could).
The long and short version is, if one of the connections that make up the backbone of the internet ever takes a dive, large chunks of the internet can potentially take that dive right behind it–it happens every once in a great while, usually because somebody cocked up. But sometimes, it can be triggered for any number of reasons. On Wednesday, it was denial of service time.
Now, these things can typically handle a hell of a lot of trafick. They’d have to, considering pretty much any and all internet trafick eventually passes through them to get, well, anywhere. So you’d think they’d be pretty close to difficult to attack. And you’d be right, more or less–the attack from Wednesday measured at, well, about [youtube http://youtube.com/w/?v=f99PcP0aFNE], eh?
So if you were growing an issue or two on Wednesday, it could have been your local technology. It could have been your ISP mucking something up. Or, it very likely could have been that someone really did just try and break the internets. I might actually be somewhat vaguely impressed–if the attempt at calculating that bandwidth bill didn’t just cause my brain to implode. I hope these folks had uncapped connections…