[JDEV] Jabber DevZone News - @jabber.org server
Jabber DevZone
webmaster at jabber.org
Wed May 23 02:35:49 CDT 2001
@jabber.org server
The following was posted by jer at jabber.org via the Jabber DevZone web site (http://dev.jabber.org/):
For the past few weeks the server hosting jabber.org has been under
frequent DDoS (Distributed
Denial of Service) attacks. The type of attack has been a SYN flood
to port 5222, originating from
various networks and most likely compromised hosts. We're not sure
who or why, and don't yet have any
information about the abuse, but it's not uncommon for popular open
chat systems to be targeted in
such a way (IRC for instance).
There are two results of the attacks, one is congesting the server on
port 5222 so that nobody can
connect. To combat this, as soon as an attack is recognized we
immediately apply ipchains filters to
block network access to the box and drop all packets from the
offending hosts. The larger problem is
that on a few occassions the size of the attack is greater than and
overwhelms the amount of bandwidth allotted to
our server (a few T1s). It takes a bit longer, but the local ISP
hosting the server calls the
upstream provider and have the offending networks blocked, returning
the
bandwidth capacity to normal.
There have a couple of other service outages recently, due to the
development nature of the server
and that often a transport will runaway and consume system resources,
bringing the server to a halt. As
part of the foundation two new server boxes will be arriving soon, one
for the production-only
jabber.org server, and one available to the community for server and
transport/services development and
testing. With the server developers getting their own domain
(jabelin.org) to [ab]use
and the added focus on the quality of services available from the
foundation, server uptime and administration should improve :-)
One last note is that the service was just updated to the latest
release last night. The flash5
and HTTP-tunneling socket support is now available directly on
jabber.org. WCS (the Web Client
Service) is now configured as well, and will be activated shortly for
testing and experimentation.
http://jabber.org/?oid=1502
More information about the JDev
mailing list