• On TechRepublic: Five super-secret features in Windows 7
advertisementGet Smart about Business Spending
January 25, 2008 1:49 PM PST

Technical aspects of the DDoS attacks upon the Church of Scientology

by Robert Vamosi
  • Font size
  • Print
  • 2 comments

Dr. Jose Nazario of Arbor Networks has been looking at the technical side of the distributed denial of service (DDoS) attacks upon domain registered to the Church of Scientology International. In general he finds that while there have been a lot of DDoS attacks, the early ones were mild. They were, however, stronger than the DDoS attacks upon various Estonian sites last spring. As a protective measure, the Church of Scientology has since moved its domain to a more protected space.

Prior to the move, Nazario found that on January 19, there were 488 DDoS events, all of which appear to come from one IP address, "indicating," said Nazario, "that this is not a huge, broadly sourced attack (i.e. it may not have registered on other ISPs systems)." He also notes that the types of attacks he saw on Saturday were "common, garden-variety DDoS attacks."

Nazario's other findings include:

Maximum PPS rates seen: nearly 20,000 pps (packets per second), with an average attack size of 15,000 pps.
Maximum bandwidth seen per attack: 220 Mbps, with an average attack size of 168 Mbps. This is on the high side of an attack, but significantly smaller than the largest ones we commonly see nowadays.
Maximum duration of a single attack: 1.8 hours, which is on the long end of common, but the average attack lasted just under half an hour.

On January 21, the Church of Scientology moved its domain to Prolexic Technologies, a company that protects Web sites from DDoS attacks. Attacks against the site have increased, with a major assault on Thursday night at 6 p.m. EST.

Nazario says "I went looking and was unable to detect attacks against the Scientology Web site in particular. The new IP address of the CoS Web site is located within the Prolexic DDoS service network. It's difficult for (Arbor Networks) to detect these attacks in particular from the milleiu of DDoS attacks" inside the Prolexic service.

As CNET's resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security. Listen to his podcast at securitybites.cnet.com or e-mail Robert with your questions and comments.
Topics:

Criminal Hackers,

Security

Tags:

security,

denial of service,

defacement,

Church of Scientology,

YouTube,

Estonia,

Prolexic,

Jose Nazario

Share:
Digg
Del.icio.us
Reddit
advertisement
Click Here
Recent posts from Defense in Depth
Window Snyder to leave Mozilla
How to handle ID fraud's youngest victims
Is white listing going mainstream?
How Live OneCare changed the antivirus landscape
Express Scripts clients threatened with extortion
Study: DDoS attacks threaten ISP infrastructure
Security expert talks Russian gangs, botnets
Extortion used in Express Scripts database breach
Related
Five competitive differentiators for cloud services
Eastern Europeans charged in payment processor hack
Report: Countries prepping for cyberwar
Human rights groups: No in-game war crimes
Facebook becomes third most popular video site
YouTube to get high-def 1080p player
Hulu lands first music label deal
Al Gore: It's not just about the planet
Add a Comment (Log in or register)
More information about the attack
by Arthur Blenton January 28, 2008 11:18 AM PST
For more info:

http://www.partyvan.info/index.php/Project_Chanology
http://partyvan.info.nyud.net/index.php/Project_Chanology

Learn to hack like a pro:
http://www.metasploit.com/confs/blackhat2007/tactical_paper.pdf

BackTrack3: Super Hardcore pentest distro!:
http://www.remote-exploit.org/backtrack_download.html
Reply to this comment
Support !!!!
by Terryeo February 4, 2008 9:34 PM PST
I support Anonymous. The Cult of $cientology must be exposed for the crimes they commit.!
Reply to this comment
advertisement

Let the battle for holiday gadget shoppers begin

Retailers try different strategies for competing with behemoths like Amazon and Wal-Mart in the cutthroat competition to lure those giving electronics as gifts.

Firefox hopes to one-up IE with fast graphics

Windows 7 features called Direct2D and DirectWrite will speed up Internet Explorer 9 performance. But Firefox hopes it might retool for the same benefit first.

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET