kasia in a nutshell

dslreports has been under a massive DDOS attack.. a combination of synflood and bad requests. What's showing in image is actually not accurate, since the attack is much larger than this, but it should give you an idea of what we've been dealing with since last night.

My personal belief is the reason for this is our recent series of anti-spyware articles much like Ben Edelman experienced. I've no evidence to back that up but would love to compare logs.

Ever since I started posting logs of IPs that post spam on my weblog or spam my referrer log, I've been hit with regular trackback attacks. Daily and consistent. What's the relation to the dslr attack? IPs from attacks to my personal server and to the dslr servers are mostly hijacked, trojaned machines on comcast, sbc and other big providers. Big providers who are completely capable to detecting this kind of behaviour and cutting those customers off. Why aren't they doing it? Maybe because they are more concerned with spreading their legs for RIAA and catching small-time file traders instead of making sure their networks aren't used in massive DDOS attacks that take down legitimate websites who provide security resources for everyone?

What will it take to get Comcast to listen? Are you out there SBC?

Comcast cable customers will be kicked off their network and accounts closed if they get caught three times hosting filesharing. There is no similar provision for customers whose machines are used as part of a botnet. Why not? Why isn't this issue as important? Because websites like ours do not have the deep pockets to affect legislature? Because a customer that cannot secure his machine is more important than one who chooses to download movies illegally?

Every broadband customer should be held responsible for securing their machine and if they are incapable of doing so, they should not be allowed on a public network. And no, I can't afford to buy a few senators to make sure that this even gets discussed in a public forum outside of my weblog.