Search Slyck  
isoHunt Recovers From DDoS Attack
January 12, 2009
Thomas Mennecke
Font Bigger Font Smaller
If you have an RSS feed of isoHunt and wonder why it went dead today, the reason is threefold. First, isoHunt suffered a DDoS (Distributed Denial of Service) attack from what Gary Fung, administrator of the site, calls "russian user agents". The site actually suffered 2 intentional attacks, and one incidental.

According to Gary, the initial attack was launched against the search feature of the site, and the second was against the RSS feed. Implementing massive requests to both, which we're told was about 7,000 requests per second above normal, the site was brought to a virtual standstill. From the isoHunt forums:

"Starting a couple hours before midnight GMT on 10-Jan-2009 we started receiving a lot more requests and traffic than we would normally have at that time of day, which topped out at 8500 CPS (connections per second) before we could get in, figure out what was happening and act to mitigate it. Thankfully, the folks that attacked us the first time made it fairly easy for us to locate and filter their traffic, since I don't think there are many people living in South America or Asia who legitimately run their browsers in Russian."

The isoHunt administration counterattacked with IP bans and temporarily disabling the RSS feed. As they say in network administration, no guts, no glory. The day was saved and as of now, the site appears operational and functional. Additionally, the RSS feed has been restored.

As a side note, there was a suspected 3rd attack as well. However the third 'attack' was merely "silly IE toolbars" that were frantically trying to reconnect when the RSS feed was taken offline.

This story is filed in these Slyck News categories
BitTorrent :: Trackers/Indexers

You can discuss this article here - 4 replies

© 2001-2019