UK2.NET smashed offline by '10-million-strong' botnet
Punters' websites go titsup after DNS servers nobbled
Customer Success Testimonial: Recovery is Everything
British web hosting outfit UK2.NET was on the business end of a distributed denial-of-service attack last night that took down customers' websites.
The company's chief operating officer, Martin Baker, told The Register that UK2 had never seen a DDOS attack on this scale before.
"There was a botnet attack last night on our DNS servers. It was intermittent for people so they might see some sites up or down depending on when they're making the requests for pages," he explained. "We saw around 10 million apparently unique IPs attack us."
UK2 saw the peak of the attack at around midnight although customers first started seeing problems with their websites yesterday afternoon.
"We took various actions to trace this back to the IP addresses that they were attacking from so once we identified that we were able to put in mitigating activities to reduce it down and managed to get it off our network by about 3am," Baker said.
"The scale [of the attack] just took us longer than usual to mitigate," he added.
This isn't the first time UK2 has fended off a DDoS attack as the company is seen as a prospective target due to its size, Baker said. He added that customer websites might still be having problems today, but it should all be cleared up by late tonight.
"The way that DNS works is that it's cached elsewhere across the internet so it will take the time that it takes those servers to get refreshed by the internet [to totally clear up], so it could take up to 24 hours for it to refresh all the way through," he said.
Punters had, of course, taken to Twitter to express their outrage as their websites fell off the net, although not in large numbers. Some complained that UK2's service status page wasn't kept up to date.
While the firm's status site did mention that some domains "may be experiencing slow DNS lookups at the moment", the last update was given at 4.51pm yesterday. One tweeter mildly put it: "@UK2 are you at least going to update your service status page to apologise for the downtime? even a statement on twitter would help!!!" ®
COMMENTS
Whilst there is no gain for anywhere - I must admit to a tiny amount of Glee after the shoddy service I had with them.
Yes, you can cancel you services online in the dashboard - except it doesn't really cancel them - it just stops them being auto renewed - you MUST cancel in writing - which we did 4 times over the course of a year - but it never made it a difference - so when they started saying we owed them £300 we transferred the domains elsewhere - and they can just keep screaming at us - via a no longer active email address....
Who gains?
Can't see the logic in attacking the sites unless it was part of an extortion attempt which otherwise ought to have been reported to Police
Is it just an excuse for service outage?
Re: the twatters
They were fending off a massive DDOS attack and you were worried about a status page?
I'd rather they were putting in all their resource to fending off an attack.
/Happy UK2 customer for many years
//Other hosts are available
IT infrastructure monitoring strategies
What you need to know about cloud backup
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Customer Success Testimonial: Recovery is Everything
