Tuesday, June 2, 2015

The recent DDoS of the Orain wikifarm and what we've done to prevent it from happening again

Recently, within almost two weeks as of the date of this writing, the Orain wikifarm has sustained a repeated UDP attack,  or a denial of service attack utilizing the user datagram protocol.

The apparent intention behind the attack was either to obtain access to our servers, deny our service to others, or a combination of both motives. The source was an apparent botnet with connections to Russian servers, but with connections as far flung as American Verizon connections, and based on the repeated, malicious nature of the attacks, it is the general belief of our staff Orain was specifically targeted with malice aforethought.

The reason this attack could not be mitigated effectively was unfortunately due to our hosting with DigitalOcean, which shunted off all traffic to our IPv4 servers and kept it that way instead of blocking the source of the attack. IPv6 server connections were unaffected, as the attack originated from an IPv4 source and was aimed at targeting our IPv4 connections.

Orain Staff immediately consulted each other about the best means to restore service without granting further damage capability to the attacker and how to prevent further attacks, and it was decided to move our caching to Cloudflare, which has protections against these sorts of attacks

For my own part, I was one of those who served in an advisory role during the consultations and informed our largest community [All The Tropes] of the problems via related fora and our official Twitter. Other staff identified the attack, proposed the means to deal with it, and have, to my knowledge, successfully implemented means to prevent it from easily happening again.

It is my hope and intention to make sure Orain has reliable service, and for my part as staff, I offer my sincerest apologies to all Orain users who were unable to make effective use of our service thanks to this attack.

2 comments:

  1. I'm going to ask the question that's on everyone's mind.

    Is there any evidence that someone from the TV Tropes community is responsible? I would think that, if anyone has the motive and means for such an attack, they'd be the primary suspects.

    ReplyDelete
  2. I can most emphatically state NO, they had nothing to do with this.

    ALL of Orain was attacked, and they would have nothing to gain and very much to lose by doing something so flagrantly illegal, and I would consider it somewhere to the left of utterly insane to consider TV Tropes responsible for any of our troubles.

    If anything, I cannot say who exactly is to blame, since we still have no leads, but TV Tropes is NOT, repeat, NOT, even up for consideration as a suspect as far as we are concerned.

    ReplyDelete