Iraq, five years later

Posted on by
Reply

On occasion of some spring cleaning in my office I stumbled across an old copy of The Economist (April 5-11, 2003) published as the US forces were marching on Bagdad during the invasion that eventually swept Saddam Hussein from power.

I was opposed to that war at the time (it’s not hindsight, you can ask my wife!) and still am, but with the benefit of five years of experience of how things actually turned out it is interesting what the editors had to say then. I still respect the Economist as (overall) a relatively unbiased source of information though I’m no longer a subscriber.

The defect of these comparisons [with Vietnam and Palestine] is that Iraq is nothing like Vietnam, not much like Palestine or Afghanistan, and, on present evidence, no quagmire. (…) In Vietnam the Americans fought for ten years. The Soviet army spent ten years in Afghanistan. This war entered its third week with the Americans battering through Iraq’s Republican Guard divisions to the gates of Bagdad. At this rate, it will be a surprise if the Americans have to fight for ten weeks, let alone ten years. Israel’s occupation of the West Bank and Gaza has lasted for 36 years. If America has its way, its occupation of Iraq is more likely to last for fewer than 36 months. And there is no reason why America should not have its way: unlike Israel and the Palestinians, America and Iraq have no territorial quarrel. America’s stated aim is to remove the regime and its mass-killing weapons, allow the Iraqis to replace their dictatorship with a representative government, and then depart.

Well, those 36 months (3 years) already expired more than two years ago and no departure is in sight yet. Even someone who would (if elected to the highest office in the country) withdraw the troops after roughly twice that time has to face accusations of wanting to “cut and run”, while John McCain is talking about staying in Iraq for a hundred years.

Not only the time scales have shifted: Before President Bush decided to invade Iraq, his country was the only remaining superpower, having lost the Vietnam war but won the cold war. Following September 11 his people and country had an enormous amount of good will on its side from people and governments all over the world. Now the country is bleeding hundreds of billions of tax dollars and hundreds of lives every year in an undeclared war it can’t win. The Iraq war is deeply unpopular at home and abroad, not to speak of Iraq, where tens of thousands have died in the resulting civil war and “ethnic cleansing”.

The biggest winner of the US effort in Iraq so far has been the unfriendly regime in next door Iran, which saw one of its biggest enemies destroyed at the hands of the US, allowing its closest friends and allies to take over in Iraq.

I am looking forward to a new leadership in the White House that will have the courage to face reality: When you’ve taken a wrong turn you don’t then “stay the course”, especially when you’re heading into a dead end.

Recommended reading:

Yahoo! Mail “0000-00-00 and 9999-99-99” bug

Posted on by
3

You may have noticed emails from Yahoo accounts recently that include the string “between 0000-00-00 and 9999-99-99” at the bottom of the email. Apparently it gets added to outbound email only on new emails that were composed.

It’s a bug in Yahoo which crept in on April 15 during an upgrade. It’s an issue related to accessing the MySQL database and a date / time comparison. There is no way for Yahoo! Mail users to fix the problem, but it also doesn’t appear to cause any harm beyond thoroughly confusing everyone.

Yahoo is aware of the problem. Their current statement on it is:

“Please be assured that we are aware of this issue and have escalated this to our Engineering Department for further investigation. We hope to have it resolved as soon as possible”.

Toyota Prius hybrid versus BMW diesel

Posted on by
3

The Sunday Times did a road test, driving a BMW 520d SE and a Toyota Prius from London to Geneva. The BMW used 49.3 litres of diesel, versus 51.6 litres of petrol (gasoline) used by the Prius.

While the BMW’s results are clearly respectable, the figures quoted in the Sunday Times article do not tell the whole story.

For a start, about 40% of the trip were on motorways, another 40% on B-roads and the rest in urban areas. A driving mix that includes only a token 20% of urban driving is hardly typical for usage patterns of most motorists in our largely urban / suburban societies (for example, 79% of the US population lives in urban areas, with most European countries having similar rates). This unusual mix seems almost purposely designed to ensure that the advantage of the hybrid drive train of the Prius would lie mostly idle: Driving at constant speed on a flat road, you are not going to see any real benefits from a hybrid system, which really thrives in stop-and-go rush hour traffic with lots of traffic lights, as most of us experience on the way to work or home.

Secondly, even with these skewed parameters, the BMW lost out on greenhouse gas emissions. It burnt 10.84 Imperial gallons (13 US gallons) of diesel, while the Prius used 11.34 Imperial gallons (13.6 US gallons) of gasoline. Because of diesel fuel’s 15% higher carbon content by volume, the BMW added 131 kg of CO2 to the atmosphere versus 120 kg by the Prius.

Personally, I see no reason why in the long-term efficient diesel engines can not be mated to a hybrid system and have the best of both worlds. Sure, it may not yet be cost-effective at current fuel prices, but things may look very different 10, 20 or 30 years down the road.

Japanese petrol (gasoline) prices to fall 25c per litre

Posted on by
1

Following political gridlock in the Japanese parliament, a “temporary” tax on petrol (gasoline) that has been in force for three decades after being renewed every couple of years is set to expire on 01 April 2008 (to readers outside of Japan: No, this is not an April Fool’s joke). As a result prices of petrol are set to fall by 25 yen per litre (about US$0.95 per gallon, EUR 0.16 per litre).

I’m utterly unimpressed by how both major Japanese parties have handled this conflict.

Fuel taxes in Japan consist of the basic fuel tax and a “temporary” but de-facto permanent surcharge. The ruling conservative Liberal Democratic Party (LDP) wanted to hold on to the surcharge, as well as to a peculiar rule that fuel taxes must only be used for road construction and repair. This road-use-only restriction was defended by the so-called “road tribe”, an informal group of politicians with cozy ties to construction companies which in turn support their election campaigns.

The opposition Democratic Party, which controls the less powerful Upper House of parliament, called for dissolving the fuel – road construction link, as well as abolishing the surcharge altogether and only keeping the basic fuel tax, as it was until the 1970s.

The two did not compromise in time before the set expiration date and so prices will fall from tomorrow. Most likely the Lower House, which is controlled by the LDP-led coalition, will override the Upper House about one month later and reimpose the higher tax rate. Meanwhile Prime Minister Fukuda offered to remove the road construction link from April 2009 in order to get the opposition to agree to an extension of the surcharge.

While motorists will welcome cheaper fuel, petrol stations are likely to collectively lose about US$200 million over night, as they hold stocks of some 800 million litres of petrol in their underground tanks on which the tax has already been paid and which will not be refunded to them. Motorists are likely to give their business to whatever petrol station that starts selling at the new low prices first, making it near impossible for other stations to pass on to the consumer the taxes these stations have already paid on stocks delivered before April.

To me it makes no sense to maintain the outdated restriction on how fuel taxes can be used, which serves primarily the interests of construction companies, not the general public. Japan as an aging society with a declining population will need more and more cash for supporting elderly people and their health care, not more and more roads. Why can’t taxes be used where they are needed the most? This pork barrel restriction should have been abandoned a long time ago!

On the other hand it would be irresponsible to cut fuel taxes while the government is running a huge budget deficit. It would just mean more red ink, piling up higher debts to be repaid by our children and grandchildren. Also, cheaper fuel today will do little to encourage consumers to switch to more economical cars or public transport and to cut their output of greenhouse gases. Japan is already way behind on its efforts to meet its obligations under the Kyoto climate treaty.

It would make more sense to maintain and even raise fuel taxes and use the revenue to subsidise CO2 conservation measures, from better home insulation to solar collectors for warm water and subsidies for hybrid cars. Thirty years from now the world will live on maybe half the crude oil output per year as today, shared amongst more consumers. Whatever country comes up with intelligent solutions for living with scarce and expensive oil will do best in the 21st century. Trying to sneak back into a “golden age” of cheap fuel is not the way to succeed.

First impressions of Vista and Ubuntu

Posted on by
12

Last week I was on a business trip to the USA and decided it was finally time for me to buy a new notebook computer. Here in Japan it’s difficult to get machines with US keyboards.

My previous one was a 650 MHz Pentium III whose RAM was maxed out at 512 MB while my main desktops and servers have 2 GB or more. Lack of RAM slows down PCs much more than a slow clock speed does. People who buy entry level Vista machines equipped with only 512 MB would be better off with a sub-1 GHz CPU but a full 1 GB of RAM.

I picked a Gateway M-6750 with a 1.66 GHz Core 2 Duo CPU, a 250 GB 3.5″ hard disk and 3 GB of RAM. It comes with a built-in microphone and webcam, very handy for Skype-addicts like me.

Every single machine at Best Buy and Circuit City that I looked at came with some form of Vista preinstalled. Microsoft sure does not want to give customers any choice whether they stick with XP. Ideally, I would have wiped off Vista and installed Windows XP on it. Until now I had kept my office a Vista-free zone, but knowing that occasionally I will needed to test some software on it, I stuck with it for the new machine.

I spent some time reconfiguring the Vista desktop to be as Windows 2000 and XP-like as possible. The constant alerts to permit some actions I had requested soon became annoying. Often a single operation results in the user having to agree two or three times. Inevitably, agreeing to anything without giving it much thought soon becomes a habit. Does Microsoft seriously believe that training users to constantly click “Allow”, “OK”, “Yes” will lead to a noticeable gain in security?

So far I have seen little reason for anyone to upgrade from Windows XP or Windows 2000 (my favourite Windows version) to Vista. Sure, there is plenty of new eye candy, but who but the makers and vendors of graphics chipsets, CPUs and RAM benefits from that? Users spent countless hours relearning the user interface and getting old application working (or replacing them). Even for upgrades from Vista to Vista Service Pack 1 there were so many land mines that Microsoft decided to hold off general availability of SP1 via Windows Update for several more months.

One of the reasons I picked this model was its large hard disk, because I was planning to also run Ubuntu. I downloaded the ISO image and burnt it to DVD using the burner software included with Vista. Ubuntu initially boots off a live DVD that includes an installer. The installation was fairly straightforward. The installer shrank the Windows NTFS partition to make space for Ubuntu. After the main installation it downloaded close to 200 updated packages and fixes, then it was all done. The default configuration took up only 2.4 GB of disk space.

I was impressed that I can access shared folders and volumes on Windows machines from Ubuntu, as well as being able to read files in the NTFS (Windows Vista) partition on the drive.

There were two driver issues however, which I have yet to resolve [now partly resolved, see updates below!]:

  • The sound hardware is missing a driver. The loadspeaker symbol in the top right corner of the desktop is showing disabled and I can’t get sound output on the builtin speakers.
  • The builtin wireless card doesn’t appear to be suppported. I can only connect to the LAN and internet by using a wired connection.

In general, driver support in Ubuntu is good, but there are obviously still some rough edges. It would help if Gateway and other manufacturers were to offer pre-configured Ubuntu machines, as Dell already does.

Similar driver issues can occur on Vista. In fact, last week I was helping set up an AOpen MiniPC, which had been upgraded to Vista after a memory upgrade from 512 MB to 1 GB and it also had issues with its wireless, which wasn’t supported until a couple of Windows Update runs.

I think Linux and in particular Ubuntu will become an increasingly serious challenger to Microsoft’s de-facto monopoly on the desktop and not before time.

Update, 2008-03-14:
Ubuntu 7.10 (“Gutsy Gibbon”, released in October 2007) detects the sound hardware on this Intel chipset, but there doesn’t seem to be a driver for it yet. When I enter ” lspci -v” at the shell prompt, it lists this:

00:1b.0 Audio device: Intel Corporation 82801H (ICH8 Family) HD Audio Controller (rev 03)
Subsystem: Gateway 2000 Unknown device 0380
Flags: fast devsel, IRQ 22
Memory at fa500000 (64-bit, non-prefetchable) [size=16K]
Capabilities: [50] Power Management version 2
Capabilities: [60] Message Signalled Interrupts: Mask- 64bit+ Queue=0/0 Enable-
Capabilities: [70] Express Unknown type IRQ 0

I checked the sound drivers for Intel chips listed at http://www.alsa-project.org/main/index.php/Matrix:Vendor-Intel and it appears the ICH8 chipset is not supported yet.

Update, 2008-03-18:
The Marvell TOPDOG wireless adapter is now working with Ubuntu, by following the advice given by others and installing the Windows 2000/XP drivers for the hardware using ndiswrapper. I had first tried the Vista driver, but had no luck with that. The Ndiswrapper project page on SourceForge specifically recommended to avoid Vista drivers and use Windows 2000 or XP NDIS drivers. For PCI device ID 11AB:2A08 you need the NetMW14x.inf file which references the two driver files NetMW143.sys (for Windows 2000) and NetMW145.sys (for Windows XP).

The following threads and instructions proved very helpful, please read them both if you have the same problem as I did:

  1. https://help.ubuntu.com/community/WifiDocs/Driver/Ndiswrapper
  2. http://ubuntuforums.org/archive/index.php/t-575785.html

Here is what I did after installing the Ndiswrapper software and copying over the Windows drivers from a Windows machine where I had run the installer:

$ sudo ndiswrapper -i NetMW14x.inf
installing netmw14x …
$ sudo ndiswrapper -a 11ab:2a08 netmw14x
WARNING: Driver ‘netmw14x’ will be used for ’11AB:2A08′
This is safe _only_ if driver netmw14x is meant for chip in device 11AB:2A08
$ sudo ndiswrapper -l
netmw14x : driver installed
device (11AB:2A08) present

After that I followed the instructions for Configuring Wireless Network Settings. Voila! Wireless network connectivity under Ubuntu anywhere in the building!

Update, 2008-04-16:
Drew’s advice on how to get sound working did the trick for me too: I can now use the audio on my Gateway M-6750. I ran this as he suggested:

sudo apt-get install linux-backports-modules-generic

and restarted the machine. Thanks, Drew!

Microsoft subsidizes Nigerian scammers

Posted on by
7

A four-part series of blog postings at Artists against 419 discusses in detail the massive abuse of Microsoft’s OfficeLive (MSOL) webhosting service by Advance fee fraud scammers, which I mentioned in a previous blog post here. Currently I come across such MSOL domains at a rate of about two new ones per day.

As the Artists point out, one of the reasons for the large number of scam domains hosted at MSOL is that unlike other webhosting services where customers get their own domain, they are not charged any fees for registering and using a domain. Microsoft appears to be so desparate to find any business willing to host their website with them using the basic webhosting package that they fork out cash to VeriSign for the .com / .net domain registration fees. To secure against abuse, the user has to supply a gredit card when signing up, but no charge is ever made to that card. All that MSOL will do with it is get authorization from the card company to charge $1 to it (that means, the card company will verify that the card exists, has not been cancelled and that current accumulated charges since the last statement are at least $1 below its set spending limit). Those $1 authorizations will not show up on a monthly statement that the owner of a card whose data has been stolen could see. If the owner doesn’t see unauthorized charges he has no reason to cancel the card and the scammer could use the same card over and over to register hundreds of scam domains, while Microsoft pays hundreds of dollars in domain registration fees to VeriSign and scam victims lose thousands of dollars to the scammer.

The article series then discusses the problems with trying to get MSOL to take action against the criminal abuse of their system, which appears to be so broken that even a domain that has been disabled (no working website) can still be used for sending email, which is all that some 75% of scammers ever use it for anyway, according to the Artists.

Read the article series here:

Update on child porn hosted at Yahoo

Posted on by
1

Four weeks ago I reported that Yahoo seems to finally have got a handle on the problem of criminals abusing its webhosting service for posting child pornography. Alas, the porn spammer only seem to have taken a vaccation. After those 4 weeks of almost no new child porn sites, they returned. I counted 36 new domains used for hosting child porn between December 12 and January 5.

To their credit, Yahoo have responded promptly to every single report I sent them and have shut down the sites, but it would be far perferable if they took measures to ensure they catch fraudulent registrations before the scammers have a chance to send spam and collect credit card signups from people who respond.

Yahoo abuse handling improves, OfficeLive and Earthlink have their work cut out

Posted on by
2

Nine months ago I reported about a series of child porn sites that were being illegally hosted at Yahoo’s webhosting service. At the time I was seeing about half a dozen new sites pop up every day. I am glad to report that about 4 weeks ago Yahoo finally seems to have done something to stop this. After 18 months of a steady stream of new porn sites that I reported, things went quiet after two sites it suspended on November 5, 2007 that I had reported eralier that day. For the next two weeks I didn’t come across any new sites. Another 9 sites I came across on November 20, 21 and 22 were quickly terminated. Then again no new sites to report for three weeks. Thank you, Yahoo, for stopping these criminals! I don’t know what Yahoo did to prevent fraudulent signups (child porn webhosting signups usually involve stolen credit card data), but whatever it is seems to be working. Now if it could only stop the phishing scammers that still abuse their service.

Meanwhile, two other webhosts constantly keep popping up in connection with various Nigerian scams. For many months Microsoft’s OfficeLive has been the clear leader. I did some counts a few months ago and found that amongst domains connected to Advance fee scams that I was adding to the SURBL blacklist, more than half were hosted at OfficeLive, i.e. more than for all other webhosts combined!

Unlike most other webhosts, OfficeLive does not appear to maintain an abuse reporting email address to which to forward scam reports. All they have is a webform.

The runner up amonsgt Advance fee fraud domains has been Earthlink.net, where numbers seem to be increasing. If you try to report fraudulent domains that have appeared in contact addresses listed inside a scam email, such as a “claim agent” for an “email lottery” or an immigration lawyer for an international employment scam, do not waste your time contacting abuse@earthlink.com. All you would get back is a boilerplate message that the message you reported did not originate from an Earthlink account, which may well be true, but is besides the point. Here’s an example:

Hello,

Thank you for submitting a report to the EarthLink Network Abuse
Department. Unfortunately, we are unable to investigate the email you
forwarded because it does not appear to have originated from the
EarthLink network.

For instructions on determining the origin of an email, please visit:

http://support.earthlink.net/tutorial/mailbox/interpret_headers/

If, after reading the above article, you find that the email did NOT
originate from the EarthLink network, we encourage you to submit the
email to the appropriate network.

If you were trying to report fraud (“phishing”), please contact our
Fraud Department via our Fraud webform located at:

http://securitycenterkb.earthlink.net/fraudmi.asp?route=email

If you find that the email DID originate from the EarthLink network,
please reply directly to this email.

The EarthLink Appropriate Use Policy, Users Agreement, and Privacy
Policy are available at: http://earthlink.net/about/policies

We appreciate your assistance.

Sincerely,

EarthLink Network Abuse

The email I had been trying to report had been sent from a Gmail account, but it was telling people to contact an email address that used an Earthlink-hosted domain name.

I will give the Earthlink fraud report webform a try. Hopefully it works better. Webforms are poor substitute for reporting abuse via email. Much abuse will remain unreported if abuse reporting involves much more than hitting the forward button. Criminals will keep flocking to those providers who do not have effective abuse handling departments, such as OfficeLive and Earthlink.

Food for thought from a chain letter

Posted on by
5

Let’s say you know this guy who has something of a history: A couple of people who were on record of having made fun of him or talked bad about him all came to an early end. One of them was gunned by an assassin who fired six shots. Sounds scary, doesn’t it? What kind of a person could that be, a ruthless gang boss, maybe? You might fear that kind of person, but would you love him? Probably not.

Yet that seems to be how some Christians view God.

Through my work against online scams and spam I come into contact with a wide variety of people of many different backgrounds and viewpoints. Some of them add me to their circle of contacts to whom they occasionally forward all kinds of mail, from jokes to chain letters.

Here is one such email I received today:

DID YOU KNOW THESE FACTS?
I SURE DIDNT TILL NOW

Death is certain but the Bible speaks about untimely death!

Make a personal reflection about this…..

Very interesting, read until the end…..
It is written in the Bible (Galatians 6:7):

“Be not deceived; God is not mocked:
for whatsoever a man soweth,
that shall he also reap.

Here are some men and women
who mocked God :

John Lennon (Singer):

Some years before, during his interview with an American Magazine, he said:

“Christianity will end, it will disappear.
I do not have to argue about
that. I am certain.

Jesus was ok, but his subjects were too simple, Today we are more famous than Him” (1966).

Lennon, after saying that the Beatles were more famous than Jesus Christ, was shot six times.

Tancredo Neves (President of Brazil ):
During the Presidential campaign, he said if he got 500,000 votes from his party, not even God would remove him from Presidency.

Sure he got the votes, but he got sick a day before being made President, then he died .

Cazuza (Bi-sexual Brazilian composer, singer and poet):

During A show in Canecio ( Rio de Janeiro ),

while smoking his cigarette, he puffed out some smoke into the air and said: “God, that’s for you.”

He died at the age of 32 of AIDS in a horrible manner.

The man who built the Titanic

After the construction of Titanic, a reporter asked him how safe the Titanic would be.

With an ironic tone he said:
“Not even God can sink it”

The result: I think you all know what happened to the Titanic .

Marilyn Monroe (Actress)

She was visited by Billy Graham during a presentation of a show.
He said the Spirit of God had sent him to preach to her.
After hearing what the Preacher had to say, she said:
“I don’t need your Jesus”.

A week later, she was found dead in her apartment .

Bon Scott (Singer)
The ex-vocalist of the AC/DC. On one of his 1979 songs he sang:
“Don’t stop me, I’m going down all the way, down the highway to hell”.

On the 19th of February 1980, Bon Scott was found dead, he had been choked by his own vomit .

Campinas (IN 2005)
In Campinas, Brazil a group of friends, drunk, went to pick up a friend…..
The mother accompanied her to the car and was so worried about the drunkenness of her friends and she said to the daughter holding her hand, who was already seated in the car:

“My Daughter, Go With God And May He Protect You..”
She responded: “Only If He (God) Travels In The Trunk, Cause Inside Here…..It’ s Already Full ”

Hours later, news came by that they had been involved in a fatal accident, everyone had died,
the car could not be recognized what type of car it had been, but surprisingly, the trunk was intact.

The police said there was no way the trunk could have remained intact. To their surprise, inside the trunk was a crate of eggs, none was broken .

Christine Hewitt (Jamaican Journalist and entertainer) said the Bible (Word of God) was the worst book ever written.

In June 2006 she was found burnt beyond recognition in her motor vehicle .

Many more important people have forgotten that there is no other name that was given so much authority as the name of Jesus.

Many have died, but only Jesus died and rose again, and he is still alive .

“Jesus”

P.S: If it was a joke, you would have sent it to everyone. So are you going to have courage to send this?.

I have done my part, Jesus said

“If you are embarrassed about me,

I will also be embarrassed about you before my father.”

You are my 8 in 8 seconds. I am not breaking this. No way!

I’M TOLD THIS WORKS!!!!! Bishop T.D. Jakes “8 Second Prayer.” Just repeat this prayer and see how God moves!!

“Lord, I love you and I need you, come into my heart, and bless me, my family, my home, and my friends, in Jesus’ name. Amen.”

Pass this message to 8 people {EXCEPT YOU AND ME}. You will receive a miracle tomorrow. I Hope that you don’t ignore and let God bless you .

The John Lennon quote in the chain letter is not accurate. If you search Google for that wording, all you find are copies of that chain letter. According to the Wikipedia article on Lennon, he had said the following to a friend who interviewed him for an English newspaper in 1966:

“Christianity will go. It will vanish and shrink…. I don’t know what will go first, rock ‘n’ roll or Christianity. We’re more popular than Jesus now. Jesus was all right, but his disciples were thick and ordinary. It’s them twisting it that ruins it for me.”

He later explained that with this comment he was talking about how young people in England were taking a greater interest in the Beatles than in Christianity and that he did not try to compare the Beatles to Jesus or God:

Well, originally I pointed out that fact in reference to England. That we meant more to kids than Jesus did, or religion at that time. I wasn’t knocking it or putting it down. I was just saying it as a fact, and it’s true more for England than here. I’m not saying that we’re better or greater, or comparing us with Jesus Christ as a person or God as a thing, or whatever it is.

The real issue for me is not the accuracy of the supposed Lennon quote though. It’s the qualities ascribed to God that bother me. If someone insulted me in a newspaper interview, I would not go out to make sure they met an “untimely death”. That is not how civilized people deal with people who offend others. Is God more primitive than us?

When I was reading the Bible I never came across anywhere in the New Testament where Jesus threatened he would have anyone bumped off for showing disrespect towards him. The Old Testament is quite different: Under its laws, death was mandatory for many offences, ranging from adultery to showing disrespect towards one’s own parents or working on Saturdays. Those laws are no longer binding to Christians, but that doesn’t seems to have changed how some Christians see their God as someone who likes to take violent revenge.

Thinking about this attitude, I can’t help but feel some sympathy for Lennon when he said about some of Jesus’ followers who distorted his message: “It’s them twisting it that ruins it for me.”

Our site got hit by a Denial-of-Service attack

Posted on by
9

From November 9 to November 19 two of our domains were unter attack by cyber-criminals. Due to a Distributed Denial-of-Service attack (DDoS) involving thousands of remote controlled zombie computers directed from a secret control centre, some of our sites were inaccessible for several days.

First we received an automated warning email from our webhost, which gets triggered if a certain amount of traffic per hour is exceeeded. I started blocking IP addresses of hosts with an excessive number of connections using iptables in Linux, but could not keep up: The server became unreachable. I was left with no choice but to pull the emergency brake, i.e. to replace the IP address of the server with a non-routable IP address such as 127.0.0.1 (loopback address).

I then moved the affected website to a backup server and reenabled it there. The new server was running a later Linux kernel than the old one. If you get DOSed, make sure you have Linux kernel 2.6, which is more suitable for reconfiguration to make it more resilient against such attacks.

After a number of days, other hosts names on our server that had not been disabled were also added to the list of attack targets.

As a result of the tweaks on the new server the sites stayed up most of the time, but the bandwidth usage was tremendous. During one hour the attacking bots generated more than 31 GB of traffic. On that peek day the traffic on that server came to 152 GB, even though we added over 4000 different IP addresses of attacking hosts to the blocklist.

Clearly, anyone who doesn’t have an unlimited traffic allowance for his hosting account would be in trouble with such huge numbers, even if the machine and operating system were able to keep up. Once they exhaust their monthly allowance they would either have to start paying for extra Gigabytes or the server gets disconnected, or the network speed gets throttled down, which would make the site virtually unreachable.

After 10 days the attacks started winding down. By that time we knew where the control center of the botnet was located. It was hosted by a company called AbdAllah Internet Hizmetleri in Turkey. Its upstream provider is TurkTelekom. The IP address range used by the hoster is listed by anti-spam site SpamHaus.org as being used for “Ukrainian/Russian cybercriminal hosting”.

During or shortly after the attacks against our servers, the same botnet also attacked the following sites:

  • newgeneration.lv
  • streamingvideosoftware.info
  • www.kety.org
  • anriintern.com
  • datingsoftware.org

This target list ranges from an anti-spam website (ours) over an evangelical church site to sites related to adult videos.

Distributed denial of service attacks are a mortal danger for any website. There are few effective countremeasures, except load sharing with many fast servers connected via fat data pipes, but even that is no match for some of the largest botnets such Storm. Attacks are used to intimidate, to silence or to extort “protection money”. Victims have little hope of getting effective help from law enforcement.

What needs to happen? First of all, the number of infected computers needs to decrease. Unsecured broadband hosts that come under criminal control are a public menace. Webhosts need to take effective action against botnet control centres. Unlike the actual bots, which are mostly running Windows XP, most of the botnet control centres run on Linux servers in data centres. Hosters must not turn a blind eye to this. If they do that because of money from criminals then their upstream providers must disconnect them.