wikileaks unreachable
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left? randy
They twittered earlier claiming ddos. http://twitter.com/#!/wikileaks/status/8920530488926208 "We are currently under a mass distributed denial of service attack." horse firmly bolted though, The Guardian, NYT etc all have copies apparently. thanks Andrew On Sun, Nov 28, 2010 at 9:34 PM, Randy Bush <randy@psg.com> wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
On Nov 28, 2010, at 1:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has
Reported they were under attack: http://bgg.lv/h2pmsd
I'm surprised it took this long for the DDoS train to pull into the station. Jeff On Sun, Nov 28, 2010 at 4:38 PM, James Downs <egon@egon.cc> wrote:
On Nov 28, 2010, at 1:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has
Reported they were under attack: http://bgg.lv/h2pmsd
-- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
I wouldn't have thought that PRQ would have any significant protection in place. Jeff On Sun, Nov 28, 2010 at 5:03 PM, William Pitcock <nenolod@systeminplace.net> wrote:
On Sun, 2010-11-28 at 16:43 -0500, Jeffrey Lyon wrote:
I'm surprised it took this long for the DDoS train to pull into the station.
Wikileaks gets DDoSed all the time. My understanding is that PRQ nullrouted the IP because the DDoS is much larger this time.
William
-- Jeffrey Lyon, Leadership Team jeffrey.lyon@blacklotus.net | http://www.blacklotus.net Black Lotus Communications - AS32421 First and Leading in DDoS Protection Solutions
Seems like they moved to Amazon a few hours ago: $ whois -h whois.bgpmon.net wikileaks.org Prefix: 46.51.128.0/18 Prefix description: Amazon EU AWS Dublin Country code: IE Origin AS: 39111 Origin AS Name: ADSI-AS Amazon EU DC AS .-- My secret spy satellite informs me that at 10-11-28 2:07 PM Jeffrey Lyon wrote:
I wouldn't have thought that PRQ would have any significant protection in place.
Jeff
On Sun, Nov 28, 2010 at 5:03 PM, William Pitcock <nenolod@systeminplace.net> wrote:
On Sun, 2010-11-28 at 16:43 -0500, Jeffrey Lyon wrote:
I'm surprised it took this long for the DDoS train to pull into the station.
Wikileaks gets DDoSed all the time. My understanding is that PRQ nullrouted the IP because the DDoS is much larger this time.
William
DOS is probably because they released some more stuff. "Secret US Embassy Cables" http://cablegate.wikileaks.org/ -wil On Nov 28, 2010, at 1:38 PM, James Downs wrote:
On Nov 28, 2010, at 1:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has
Reported they were under attack: http://bgg.lv/h2pmsd
On Nov 28, 2010, at 5:19 PM, Wil Schultz wrote:
DOS is probably because they released some more stuff.
"Secret US Embassy Cables" http://cablegate.wikileaks.org/
DDOS according to this http://www.securityweek.com/wikileaks-under-denial-service-attack-ddos Regards Marshall
-wil
On Nov 28, 2010, at 1:38 PM, James Downs wrote:
On Nov 28, 2010, at 1:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has
Reported they were under attack: http://bgg.lv/h2pmsd
I've heard it's a DOS (not DDOS) according to twitter. Allegedly according to the person doing the DOS: Just so we are all straight and clear - wikileaks hit is not a 'Distributed' DoS, its a simple DoS - I dont use intermediaries or botnets. Sun Nov 16 - 15:28 EST http://twitter.com/th3j35t3r Joel On Nov 28, 2010, at 6:42 PM, Marshall Eubanks wrote:
On Nov 28, 2010, at 5:19 PM, Wil Schultz wrote:
DOS is probably because they released some more stuff.
"Secret US Embassy Cables" http://cablegate.wikileaks.org/
DDOS according to this
http://www.securityweek.com/wikileaks-under-denial-service-attack-ddos
Regards Marshall
-wil
On Nov 28, 2010, at 1:38 PM, James Downs wrote:
On Nov 28, 2010, at 1:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has
Reported they were under attack: http://bgg.lv/h2pmsd
Uh... huh?
Just so we are all straight and clear - wikileaks hit is not a 'Distributed' DoS, its a simple DoS - I dont use intermediaries or botnets. Sun Nov 16 - 15:28 EST
That would be just about 2 weeks ago.
Actually, the last time November 16th fell on a Sunday would have been in 2008. So fifty-four weeks ago ... -- () ascii ribbon campaign against html e-mail /\ www.asciiribbon.org
I copied and pasted that from another list, however, when I brought up the twitter feed it said "six hours ago" (when i sent that first email). Now I don't see the tweet. <shrug> So, the truth may vary. Sent from my iPad On Nov 28, 2010, at 9:06 PM, "kmedcalf@dessus.com" <kmedcalf@dessus.com> wrote:
Uh... huh?
Just so we are all straight and clear - wikileaks hit is not a 'Distributed' DoS, its a simple DoS - I dont use intermediaries or botnets. Sun Nov 16 - 15:28 EST
That would be just about 2 weeks ago.
Actually, the last time November 16th fell on a Sunday would have been in 2008.
So fifty-four weeks ago ...
-- () ascii ribbon campaign against html e-mail /\ www.asciiribbon.org
On 29/11/10 1:06 PM, kmedcalf@dessus.com wrote:
Uh... huh?
Just so we are all straight and clear - wikileaks hit is not a 'Distributed' DoS, its a simple DoS - I dont use intermediaries or botnets. Sun Nov 16 - 15:28 EST
That would be just about 2 weeks ago.
Actually, the last time November 16th fell on a Sunday would have been in 2008.
So fifty-four weeks ago ...
106 weeks ago. You need more caffeine. ;) Regards, Ben
On Sun, 28 Nov 2010 21:06:08 -0500 "kmedcalf@dessus.com" <kmedcalf@dessus.com> wrote:
botnets. Sun Nov 16 - 15:28 EST
That would be just about 2 weeks ago.
Actually, the last time November 16th fell on a Sunday would have been in 2008.
So fifty-four weeks ago ...
Um, really? What year is this? Damn! Why didn't I bring back a newspaper from 2010? -- D'Arcy J.M. Cain <darcy@druid.net> | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 425 1212 (DoD#0082) (eNTP) | what's for dinner.
My guess would be that it is busy. Don't know bout your region but au way it has been on the news a bit. M On 29/11/2010, at 8:35, "Randy Bush" <randy@psg.com> wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
I heard there are DDoS attacks on the Wikileaks site. Zaid On 11/28/10 1:34 PM, "Randy Bush" <randy@psg.com> wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
On Sun, 28 Nov 2010 16:46:25 EST, Andrew Kirch said:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
A lot of people at the Pentagon in 1969 said exactly the same thing about Daniel Ellsberg. Whichever side of the fence you are regarding either Assange or Ellsberg, it doesn't make it right to DDOS the server or break in to Lewis Fielding's office. I'll shut up now.
On Nov 28, 2010, at 4:46 PM, Andrew Kirch wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited. You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it. Put another way, perhaps you should take your own 230gr. -- TTFN, patrick
On Sun, Nov 28, 2010 at 5:11 PM, Patrick W. Gilmore <patrick@ianai.net> wrote:
On Nov 28, 2010, at 4:46 PM, Andrew Kirch wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited.
You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it.
Put another way, perhaps you should take your own 230gr.
+1
Remember not everyone who is on this list is a network operator and sometimes their misguided statements make it here. Do not get me wrong I wish wikileaks would disappear, but there are better ways to do this than interfering with other peoples networks. I would hope the moderators are willing to take the correction action when addressing such matters. Sent from my iPhone On Nov 28, 2010, at 6:11 PM, "Patrick W. Gilmore" <patrick@ianai.net> wrote:
On Nov 28, 2010, at 4:46 PM, Andrew Kirch wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited.
You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it.
Put another way, perhaps you should take your own 230gr.
-- TTFN, patrick
On Sun, Nov 28, 2010 at 06:27:13PM -0500, James Jones wrote:
Remember not everyone who is on this list is a network operator and sometimes their misguided statements make it here.
It is an operations list; stick to the topic [reachabinility and the fragmentation of dns or bgp data in this case] or don't post. It doesn't require expert knowledge to stay even remotely on-topic. -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
On Nov 28, 2010, at 6:11 PM, Patrick W. Gilmore wrote:
On Nov 28, 2010, at 4:46 PM, Andrew Kirch wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited.
You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it.
Put another way, perhaps you should take your own 230gr.
+1 Marshall
-- TTFN, patrick
On Nov 28, 2010, at 4:46 PM, Andrew Kirch wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited.
You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it.
Put another way, perhaps you should take your own 230gr.
++ Kind regards, Ingo Flaschberger -- "I worry about my child and the Internet all the time, even though she's too young to have logged on yet. Here's what I worry about. I worry that 10 or 15 years from now, she will come to me and say 'Daddy, where were you when they took freedom of the press away from the Internet?'" --Mike Godwin
I find it distressing when Network Operators are willing to encourage DDoS'ing of a site. Any site. Especially on an operational list, where politics are specifically prohibited.
You don't like Wikileaks, that's between you & Julian. A DDoS affects the infrastructure of multiple networks, users, other websites, etc., etc. Most people who read the last sentence thought to themselves that is beyond obvious. It is a shame you do not understand it.
Put another way, perhaps you should take your own 230gr. Lets be clear here, I'm not encouraging DDoS, I'm enjoying the
On 11/28/2010 6:11 PM, Patrick W. Gilmore wrote: possibility that someone will hopefully put a jacketed hollowpoint in Assange. Andrew
On Sun, Nov 28, 2010 at 10:18:18PM -0500, Andrew Kirch said:
Lets be clear here, I'm not encouraging DDoS, I'm enjoying the possibility that someone will hopefully put a jacketed hollowpoint in Assange.
Andrew
This is always the best way to deal with disagreement. But I think this is the wrong list to tender such contracts. Also, it's odd you hate DDOS's more than murder. Time to take some time off work perhaps? For the first time I'm hoping to not meet some of the nanog members in person at a Nanog conference should I ever attend.... /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
ROFL Sent from my iPhone On Nov 28, 2010, at 10:23 PM, Ken Chase <ken@sizone.org> wrote:
On Sun, Nov 28, 2010 at 10:18:18PM -0500, Andrew Kirch said:
Lets be clear here, I'm not encouraging DDoS, I'm enjoying the possibility that someone will hopefully put a jacketed hollowpoint in Assange.
Andrew
This is always the best way to deal with disagreement.
But I think this is the wrong list to tender such contracts. Also, it's odd you hate DDOS's more than murder. Time to take some time off work perhaps?
For the first time I'm hoping to not meet some of the nanog members in person at a Nanog conference should I ever attend....
/kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
On Sun, Nov 28, 2010, Ken Chase wrote:
This is always the best way to deal with disagreement.
But I think this is the wrong list to tender such contracts. Also, it's odd you hate DDOS's more than murder. Time to take some time off work perhaps?
For the first time I'm hoping to not meet some of the nanog members in person at a Nanog conference should I ever attend....
I think you've got it backwards. See if he's actively like this in person. Email ... "changes things" with communication. Adrian
On 11/28/2010 10:52 PM, Adrian Chadd wrote:
On Sun, Nov 28, 2010, Ken Chase wrote:
This is always the best way to deal with disagreement.
But I think this is the wrong list to tender such contracts. Also, it's odd you hate DDOS's more than murder. Time to take some time off work perhaps?
For the first time I'm hoping to not meet some of the nanog members in person at a Nanog conference should I ever attend.... I think you've got it backwards. See if he's actively like this in person. Email ... "changes things" with communication.
Adrian
There's quite a few right now off list laughing, as they know full well that I'm exactly like this when faced with a threat towards friends and family serving in uniform overseas. Andrew
Yes, we've all read your "blog". Good thing this isn't an operations list or anything. -wil On Nov 28, 2010, at 8:06 PM, Andrew Kirch <trelane@trelane.net> wrote:
On 11/28/2010 10:52 PM, Adrian Chadd wrote:
On Sun, Nov 28, 2010, Ken Chase wrote:
This is always the best way to deal with disagreement.
But I think this is the wrong list to tender such contracts. Also, it's odd you hate DDOS's more than murder. Time to take some time off work perhaps?
For the first time I'm hoping to not meet some of the nanog members in person at a Nanog conference should I ever attend.... I think you've got it backwards. See if he's actively like this in person. Email ... "changes things" with communication.
Adrian
There's quite a few right now off list laughing, as they know full well that I'm exactly like this when faced with a threat towards friends and family serving in uniform overseas.
Andrew
On Sun, Nov 28, 2010 at 10:18:18PM -0500, Andrew Kirch said:
Lets be clear here, I'm not encouraging DDoS, I'm enjoying the possibility that someone will hopefully put a jacketed hollowpoint in Assange.
Not to promote equine defibrilation, but just so you all feel better - http://www.miamiherald.com/2010/11/28/1947638/no-evidence-that-wikileaks-rel... summary: no one got hurt, and wikileaks lets the newspapers do the hard work of redacting info that'd hurt individuals directly. There has been no loss of lives. But s/lives/political careers/ is a different matter, and might catalyse hyperbole that some are buying into. OBONTOPIC: wikileaks has another DDOS going (real DDOS not plain DOS, apparently.) /kc -- Ken Chase - ken@heavycomputing.ca - +1 416 897 6284 - Toronto CANADA Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
What is the MLC position on threatening the lives of political adversaries via the list? At least he didn't swear, I guess. That would be wrong. "Andrew Kirch" <trelane@trelane.net> wrote:
On 11/28/2010 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
Good riddance. The sooner someone gives Julian Assange 230gr of shut the f*** up, the better.
-- Sent from my Android phone with K-9 Mail. Please excuse my brevity.
Didn't took long for Wired to include the "cyberatack" theme on their recent related article. http://www.wired.com/threatlevel/2010/11/cablegate/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+wired/index+(Wired:+Index+3+(Top+Stories+2)) -J
On Nov 28, 2010, at 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
That was two days ago - as of this morning, there is apparently another From @wikileaks on twitter wikileaks WikiLeaks DDOS attack now exceeding 10 Gigabits a second. 1 hour ago wikileaks WikiLeaks We are currently under another DDOS attack. Marshall
On Nov 30, 2010, at 11:07 AM, Marshall Eubanks wrote:
On Nov 28, 2010, at 4:34 PM, Randy Bush wrote:
anyone know why https://www.wikileaks.org/ is not reachable? nations state level censors trying to close the barn door after the horse has left?
randy
That was two days ago - as of this morning, there is apparently another
From @wikileaks on twitter
wikileaks WikiLeaks DDOS attack now exceeding 10 Gigabits a second. 1 hour ago
wikileaks WikiLeaks We are currently under another DDOS attack.
More routing news : Wikileaks has been booted off Amazon EC2 http://arstechnica.com/security/news/2010/12/wikileaks-kicked-out-of-amazons... "Senator Joe Lieberman (I-CT), chairman of the Homeland Security and Governmental Affairs Committee, was among the congressmen who pressured Amazon to stop hosting Wikileaks... The site was down briefly after being ejected from Amazon, but is back up and once again running on the servers of Bahnhof, its previous Swedish hosting provider." regards Marshall
Marshall
Just on an operational front, does anyone know the nature of the DDoS against wikileaks? eg: spoofed source garbage, http get, synfloods, or ? Mike-
http://asert.arbornetworks.com/2010/11/wikileaks-cablegate-attack/ and http://asert.arbornetworks.com/2010/11/round2-ddos-versus-wikileaks/ - Craig On Dec 1, 2010, at 4:38 PM, Mike wrote:
Just on an operational front, does anyone know the nature of the DDoS against wikileaks? eg: spoofed source garbage, http get, synfloods, or ?
Mike-
Message from twitter @wikileaks: WikiLeaks,org domain killed by US everydns.net after claimed mass attacks. So, is this the end of the wikileaks? :) -- Sincerely, Mikhail Strizhov On 12/01/2010 06:50 PM, Craig Labovitz wrote:
http://asert.arbornetworks.com/2010/11/wikileaks-cablegate-attack/ and http://asert.arbornetworks.com/2010/11/round2-ddos-versus-wikileaks/
- Craig
On Dec 1, 2010, at 4:38 PM, Mike wrote:
Just on an operational front, does anyone know the nature of the DDoS against wikileaks? eg: spoofed source garbage, http get, synfloods, or ?
Mike-
and this is based on what facts?
Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS, they are sending repetedly via twitter the following URL http://collateralmurder.com/en/support.html -J
and this is based on what facts? Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS, they are sending repetedly via twitter the following URL http://collateralmurder.com/en/support.html
coincidence != causality
On Dec 3, 2010, at 1:20 AM, Randy Bush wrote:
and this is based on what facts? Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS, they are sending repetedly via twitter the following URL http://collateralmurder.com/en/support.html
coincidence != causality
Neither does correlation. :) But Jorge has a point. If they wanted to help users get past their DNS problems, they could tweet for assistance, tweet their IP addy and ask to be re-tweeted, ask owners of authorities to set up wikileaks.$FOO.com to 'crowd source' their name, etc. So at the very least, they are guilty of not being imaginative. BTW: I personally doubt they are doing this for money. But I don't have any proof of that either. -- TTFN, patrick
But Jorge has a point. If they wanted to help users get past their DNS problems, they could tweet for assistance, tweet their IP addy and ask to be re-tweeted, ask owners of authorities to set up wikileaks.$FOO.com to 'crowd source' their name, etc.
I'll just point to an article I found very interesting about this matter: http://www.techdirt.com/articles/20101202/02243512089/how-response-to-wikile... Aren't we being part of some kind of action-reaction game to produce systematic changes as side effects ? -J
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, Dec 2, 2010 at 10:36 PM, Jorge Amodio <jmamodio@gmail.com> wrote:
But Jorge has a point. If they wanted to help users get past their DNS problems, they could tweet for assistance, tweet their IP addy and ask to be re-tweeted, ask owners of authorities to set up wikileaks.$FOO.com to 'crowd source' their name, etc.
I'll just point to an article I found very interesting about this matter: http://www.techdirt.com/articles/20101202/02243512089/how-response-to-wik ileaks-is-exactly-what-assange-wants.shtml
Aren't we being part of some kind of action-reaction game to produce systematic changes as side effects ?
Yes. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFM+JCrq1pz9mNUZTMRAje8AKCSOUdPNKMKhomYOavcAQWeLU9gLwCfTc7W fvFnKA/JRZAOXZ9VMO2zM+k= =3+y3 -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawgster(at)gmail.com ferg's tech blog: http://fergdawg.blogspot.com/
On Fri, Dec 3, 2010 at 1:19 AM, Jorge Amodio <jmamodio@gmail.com> wrote:
and this is based on what facts?
Instead of tweeting about how to reach their content, or their IP
'they' is a multicast address ... dyn/everydns or wikileaks? which is the 'they' that is doing the twittering?
'they' is a multicast address ... dyn/everydns or wikileaks? which is the 'they' that is doing the twittering?
wikileaks. seems that they (wikileaks) got the message, following tweets included their IP address and the new .ch domain. The current IP address for the cablegate stuff is 213.251.145.96 which is RIPE block assigned to wikileaks, the RIPE WHOIS entry shows 213.251.128.0/18 with AS16276 as originwhois AS16276 (OVH in Paris France), mtr from here (SATX) seems to go through Dallas and enter Global Crossing network or hosting services, currently <2% packet loss. Server seems to be configured to return IP address based URLs. -J
On Dec 3, 2010, at 1:19 AM, Jorge Amodio wrote:
and this is based on what facts?
Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS [snip happens]
http://twitter.com/#!/wikileaks/status/10621245489938433 7 hours ago (Randy, I plan/hope to requote your earlier message — non-commercial use — with attribution) —ravi
I see a new T-Shirt "Free speech has an IP address" Zaid On 12/3/10 8:38 AM, "// ravi" <ravi-lists@g8o.net> wrote:
On Dec 3, 2010, at 1:19 AM, Jorge Amodio wrote:
and this is based on what facts?
Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS [snip happens]
http://twitter.com/#!/wikileaks/status/10621245489938433 7 hours ago
(Randy, I plan/hope to requote your earlier message non-commercial use with attribution)
ravi
there exists a free speech application for fast flux hosting networks, and its in connecticut, not china. (during the icann gnso pdp on fast flux hosting the above assertion was generally dismissed) -e On 12/3/10 12:41 PM, Zaid Ali wrote:
I see a new T-Shirt "Free speech has an IP address"
Zaid
On 12/3/10 8:38 AM, "// ravi"<ravi-lists@g8o.net> wrote:
On Dec 3, 2010, at 1:19 AM, Jorge Amodio wrote:
and this is based on what facts?
Instead of tweeting about how to reach their content, or their IP addresses to bypass DNS [snip happens]
http://twitter.com/#!/wikileaks/status/10621245489938433 7 hours ago
(Randy, I plan/hope to requote your earlier message ‹ non-commercial use ‹ with attribution)
‹ravi
On Fri, Dec 3, 2010 at 1:01 PM, Eric Brunner-Williams <brunner@nic-naa.net> wrote:
there exists a free speech application for fast flux hosting networks, and its in connecticut, not china.
(during the icann gnso pdp on fast flux hosting the above assertion was generally dismissed)
'fast flux hosting' == akamai, no? -chris
On 12/3/10 1:05 PM, Christopher Morrow wrote:
On Fri, Dec 3, 2010 at 1:01 PM, Eric Brunner-Williams <brunner@nic-naa.net> wrote:
there exists a free speech application for fast flux hosting networks, and its in connecticut, not china.
(during the icann gnso pdp on fast flux hosting the above assertion was generally dismissed)
'fast flux hosting' == akamai, no?
of course that use case was considered. it was offered as the rational for default (unconditional) rapid update, though it does fall into the stupid-dns-tricks bucket. -e
Hi, there has been a lot of ethics and religio, ... but what is really important for operation: The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that. Next time the board wants to convince me of cloud computing, I'll propose a botnet is cheaper and more reliable. Besides - outsourcing the directors might be a good idea. GM proofs that :) Cheers Peter -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de http://www.peter-dambier.de/ http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ ULA= fd80:4ce1:c66a::/48
"The Cloud" went down? I think not. Having ones account terminated as opposed to an outage caused by DDoS are two very different things. I'm certainly not an advocate of public cloud computing (I love it inside my own private network though :) ), but in this case asserting that the cloud is a failure is just plain wrong. --jm -----Original Message----- From: Peter Dambier [mailto:peter@peter-dambier.de] Sent: Monday, 6 December 2010 8:38 PM To: nanog@nanog.org Subject: Cloud proof of failure - was:: wikileaks unreachable Hi, there has been a lot of ethics and religio, ... but what is really important for operation: The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that. Next time the board wants to convince me of cloud computing, I'll propose a botnet is cheaper and more reliable. Besides - outsourcing the directors might be a good idea. GM proofs that :) Cheers Peter -- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de http://www.peter-dambier.de/ http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ ULA= fd80:4ce1:c66a::/48
On Monday 06 December 2010 09:47:43 Jay Mitchell wrote:
"The Cloud" went down? I think not.
It did for at least one customer.
Having ones account terminated as opposed to an outage caused by DDoS are two very different things.
Although not for all DNS providers. There are operational lessons here. But do they boil down to technical issues may not be the limiting factor on your uptime. As commented already by someone, perhaps time to review plans for responses to non-technical threats to availability.
The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that.
No, it just proves that organizational decisions are made by human beings that have values. Whether or not those values are 'right' isn't the point - the point is that the technology isn't what failed here. There are plenty of dedicated server hosts that would have shut off wikileaks under political pressure - and there are plenty of 'cloud' hosts who would have kept them up. I don't think we can draw any pass/fail conclusions WRT cloud computing (defined here as virtualization-as-a-service) from the removal of Wikileaks from S3. Nathan
[peter's theory]
The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that.
No, it just proves that organizational decisions are made by human beings t= hat have values. Whether or not those values are 'right' isn't the point -= the point is that the technology isn't what failed here.
There are plenty of dedicated server hosts that would have shut off wikilea= ks under political pressure - and there are plenty of 'cloud' hosts who wou= ld have kept them up. I don't think we can draw any pass/fail conclusions = WRT cloud computing (defined here as virtualization-as-a-service) from the = removal of Wikileaks from S3.
The question would appear to be whether attacks outside the technical space should be considered a failure. It should be obvious that if I can attack your site with a blast of IP traffic and deny others access to it, that's an effective takedown. I believe that someone DDoS'ed EveryDNS hosting of Wikileaks DNS. On the other hand, EveryDNS appears to have *chosen* to stop supplying service to Wikileaks, so this was not a purely technological takedown. The neat thing about cloud computing is that it is, to borrow Amazon's term, "elastic." I'm not sure we've seen scalable computing that can be scaled rapidly in this manner for largely arbitrary purposes in the past, and a cloud the size of Amazon's is probably able to cope with a DDoS of virtually any size, assuming a willingness to throw sufficient resources at it.
From that perspective, I cannot see cloud computing as a failure, but instead a massive success.
From that point of view, cloud computing may be inherently a bit more vulnerable, because clouds tend to be resources being rented to third
However, I can see outsourcing as a potential failure. When you allow a third party (Amazon, EveryDNS, whoever) to become involved in your operation, you are essentially allowing them a veto over your continued technical operations. This makes the outsourcing provider an attractive target for interference of the legal/political type. How tolerant would your webhosting provider be of continuous DMCA complaints being submitted about your web site, for example, even if they were without merit? parties. With dedicated servers and/or your own IP space/servers, you have increasing amounts of control over the response to certain threats outside the technical realm. A risk analysis of these factors is, therefore, suggested when deploying services. On average, the benefits of being able to rapidly provision and scale resources in the cloud probably vastly outweighs the risks to the average operation of political/legal pressures on the cloud hosting provider; that computation necessarily changes for something like Wikileaks. Of course, if one views the Internet itself as a sort of meta-cloud, it should be obvious that meta-cloud computing is proving to be very resilient. But that brings us to a Tron-like mentality about the whole Internet... how apropos. :-) ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.
On Dec 6, 2010, at 4:49 AM, Nathan Eisenberg wrote:
The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that.
No, it just proves that organizational decisions are made by human beings that have values. Whether or not those values are 'right' isn't the point - the point is that the technology isn't what failed here.
There are plenty of dedicated server hosts that would have shut off wikileaks under political pressure - and there are plenty of 'cloud' hosts who would have kept them up. I don't think we can draw any pass/fail conclusions WRT cloud computing (defined here as virtualization-as-a-service) from the removal of Wikileaks from S3.
I do, but not because of Amazon specifically. (As far as I know, Amazon's decision depended not at all on where its servers were located or that they were decentralized.) In a cloud hosting environment, you typically don't know where your data and servers are, and thus you don't know what legal and political pressures they may be subject to. If that means that in practice you are subject to the combination of any pressure that can be applied to any one of the hosting centers maintained by your hosting provider, then "the cloud" indeed would seem pretty unattractive to anyone with politically or socially controversial content. Regards Marshall
Nathan
In a cloud hosting environment, you typically don't know where your data and servers are, and thus you don't know what legal and political pressures they may be subject to. If that means that in practice you are subject to the combination of any pressure that can be applied to any one of the hosting centers maintained by your hosting provider, then "the cloud" indeed would seem pretty unattractive to anyone with politically or socially controversial content.
How is it more or less unattractive than having one's own servers in one's own office? Lieberman and Co would simply have leaned on Mom's Best BGP (r) and Pop's Fastest Packets (r) instead of on Amazon, and the result would have been the same. That's the catch with this here series of tubes - you don't control all of the tubes, even if you're Amazon, or Giant National ISP Co, or Massive National Fiber Plant Co. The server infrastructure is the least interesting part of what happened to WikiLeaks. Nathan
On 12/6/2010 9:29 AM, Nathan Eisenberg wrote:
How is it more or less unattractive than having one's own servers in one's own office? Lieberman and Co would simply have leaned on Mom's Best BGP (r) and Pop's Fastest Packets (r) instead of on Amazon, and the result would have been the same.
That is a possibility, though it also depends on the business mentality and AUP. The problem is, it didn't necessarily require any *leaning* and the AUP may have been enforced anyways.
That's the catch with this here series of tubes - you don't control all of the tubes, even if you're Amazon, or Giant National ISP Co, or Massive National Fiber Plant Co. The server infrastructure is the least interesting part of what happened to WikiLeaks.
Anytime you are dealing with something highly controversial, you open yourself up for technical and social attack. Your business dependencies may be inclined to disassociate themselves with you on any grounds possible; not that they disagree with you, but perhaps they don't want to be that closely associated. It does not require any leaning, notification, or even noticeable service effect for me to decide to shutdown a site/location which is controversial in nature and causing a DOS. If I sold a 'bulletproof' service, I'd have a different through process, but that's because I'd be selling such a service. I don't sell 'bulletproof', and so I'm quickly inclined to request/takedown anything which causes technical/social issues for the network per the AUP. What the Senators did was wrong, but what Amazon did may have not been due to the pressure, but strictly based on "oh, we didn't notice that, and it's violating our AUP." I'm not saying it's the case, but it does happen. I've had to have others tell me of AUP violations from time to time. Jack
On Mon, Dec 6, 2010 at 3:08 PM, Peter Dambier <peter@peter-dambier.de> wrote:
The cloud is a failure. Too easy to get it down. I guess wikileaks returning to dedicated hosting proofs that.
I haven't used this sign in nearly a decade. And certainly not on nanog. Anyway .. I'll end this thread now. And folks .. .:\:/:. +-------------------+ .:\:\:/:/:. | PLEASE DO NOT | :.:\:\:/:/:.: | FEED THE TROLLS | :=.' - - '.=: | | '=(\ 9 9 /)=' | Thank you, | ( (_) ) | Management | /`-vvv-'\ +-------------------+ / \ | | @@@ / /|,,,,,|\ \ | | @@@ /_// /^\ \\_\ @x@@x@ | | |/ WW( ( ) )WW \||||/ | | \| __\,,\ /,,/__ \||/ | | | jgs (______Y______) /\/\/\/\/\/\/\/\//\/\\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ -- Suresh Ramasubramanian (ops.lists@gmail.com)
On Dec 3, 2010, at 1:11 AM, Jorge Amodio wrote:
So, is this the end of the wikileaks? :)
Hardly, IMHO it is a gambit to ask for money.
Craig, don't you guys at Arbor have the IP addresses that were tracking for the DDOS attacks ?
http://46.59.1.2 seems to work. Regards Marshall
-J
Message from twitter @wikileaks: WikiLeaks,org domain killed by US everydns.net after claimed mass attacks.
as someone who has done a lot of tunneling, uucping, funny routing relays, ... for democratic movements in lots of countries, i am not pleased at seeing the need arise in the so-called democratic states. randy
On Wed, Dec 01, 2010 at 04:27:10PM -0500, Marshall Eubanks wrote:
Wikileaks has been booted off Amazon EC2
http://arstechnica.com/security/news/2010/12/wikileaks-kicked-out-of-amazons...
"Senator Joe Lieberman (I-CT), chairman of the Homeland Security and Governmental Affairs Committee, was among the congressmen who pressured Amazon to stop hosting Wikileaks...
Typo there: that's Joe McCarthy. ---rsk
participants (40)
-
// ravi
-
Adrian Chadd
-
Alex Rubenstein
-
Alexander Harrowell
-
Andree Toonk
-
Andrew Kirch
-
Andrew Mulholland
-
Ben McGinnes
-
Christopher Morrow
-
Craig Labovitz
-
D'Arcy J.M. Cain
-
Eric Brunner-Williams
-
Ingo Flaschberger
-
Jack Bates
-
James Downs
-
James Jones
-
Jay Mitchell
-
Jeffrey Lyon
-
Joe Greco
-
Joe Provo
-
Joel Esler
-
Jorge Amodio
-
Ken Chase
-
kmedcalf@dessus.com
-
Mark Hofman
-
Marshall Eubanks
-
Mike
-
Mikhail Strizhov
-
Nathan Eisenberg
-
Patrick W. Gilmore
-
Paul Ferguson
-
Peter Dambier
-
Randy Bush
-
Rich Kulawiec
-
Simon Waters
-
Suresh Ramasubramanian
-
Valdis.Kletnieks@vt.edu
-
Wil Schultz
-
William Pitcock
-
Zaid Ali