Thanks for all your hard work and diligence Cort!
We are getting with what's called Distributed Denial of Service attacks. Why they're targeting Health Rising I don't know. Many website are busier than HR.
, a denial-of-service
is an attempt to make a machine or network resource unavailable to its intended users
, such as to temporarily or indefinitely interrupt or suspend services
of a host
connected to the Internet
. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
A distributed denial-of-service
) is where the attack source is more than one, often thousands of, unique IP addresses. It is analogous to a group of people crowding the entry door or gate to a shop or business, and not letting legitimate parties enter into the shop or business, disrupting normal operations. The scale of DDoS attacks has continued to rise over recent years, even reaching over 400Gbit/s.
Criminal perpetrators of DoS and DDoS attacks often target sites or services hosted on high-profile web servers
such as banks, credit card payment gateways
. Motives of revenge
can be behind other attacks.
The most serious attacks are distributed
and in many or most cases involve forging of IP sender addresses (IP address spoofing
) so that the location of the attacking machines cannot easily be identified, nor can filtering
be done based on the source address.
The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down.
These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time.