Holiday Downtime & DDOS Attacks

[More Support]

We would like to apologise for the downtime and packet loss over the holiday period. Our upstream providers have been victims of sustained DDOS attacks against their infrastructure which has in turn made all of our servers unavailable at different times. You can find more details on our monitoring status page here http://stats.internet-radio.com/

Our upstream providers (Linode) have just posted a more detailed updatte about the attacks here http://status.linode.com/incidents/mmdbljlglnfd

It has become evident in the past two days that a bad actor is purchasing large amounts of botnet capacity in an attempt to significantly damage Linode’s business. The following is a partial list of attacks we have received in no particular order:

- Multiple volumetric attacks simultaneously directed toward all of our authoritative nameservers, causing DNS hosting outages
- Multiple volumetric attacks simultaneously directed toward all of our public-facing websites, causing Linode Manager outages
- Layer 7 (“400 bad request”) attacks toward our web and application servers, causing Linode Manager outages
- Large volumetric attacks toward our colocation provider’s upstream interconnection points, overwhelming the router control planes and causing significant congestion/packet loss
- Large volumetric attacks toward Linode network infrastructure, overwhelming the router control planes and causing significant congestion/packet loss

All of these attacks have occurred multiple times. Over the course of the last week, we have seen over 30 attacks of significant duration and impact. As we have found ways to mitigate these attacks, the vectors used inevitably change.

As of this afternoon, we have mostly hardened ourselves against the above attack vectors, but we expect more to come. We are working extremely closely with all of our technical partners, including our network equipment vendors and our colocation providers, to prevent future attacks.

Once these attacks stop, we plan to share a complete technical explanation about what has been happening. Additionally, we will be announcing the details of an ongoing project to significantly improve our internet connectivity and resiliency.

It appears that as of now the attacks have stopped and we would like to apologise again for the outages and thank you for bearing with us while they get resolved. We will continue to post updates in this thread as we get more information.