http://www.theregister.co.uk/2004/11/03/protx_ddos_attack/ By John Leyden 3rd November 2004 Online payments processing firm Protx is continuing to fight a sustained internet attack which has severely impacting its services for the fourth successive day. Since Sunday (31 October), Protx's systems have been reduced to a crawl because of a malicious DDoS attack. Although Protx felt it was on top of the problem by Monday (1 November) the attack once again intensified, prompting the company to draft in heavy duty DDoS defences which it hopes will finally thwart the assault. In a statement, Mat Peck, chief technical officer, Protx said: "Earlier today [1 November] the parties responsible for the Distributed Denial of Service attack on our systems stepped up their assault, this time pushing our systems beyond their capacity to cope. A large number of compromised machines from a wide range of spoofed IP addresses have been attacking our site in a varied and well structured manner. We have been working all day with Globix, our ISP, to implement a specific DDoS solution which can burst up to 1Gb connectivity during periods of peak load whilst also analysing and killing traffic generated by zombie machine on the Net." "We have migrated the WWW site across to this system first to check the functionality and now that's working, we will be moving the payment servers in the next few hours. This new service, whilst expensive, still mainly developmental and bleeding edge, should enable us to continue to process transactions even under DDoS attacks ten times the size we've seen so far. Future attacks will be dealt with in a matter of minutes instead of hours (or days as many victims of such attacks have found). We're continuing to work closely with the National High Tech Crimes Unit (NHTCU) to bring the perpetrators to task," he added. On 2 November Globix said it was also beefing up the hardware used by its systems in the process of moving across to a new platform. "Whilst all the payment services are available, some of the auxiliary services will not be available until tomorrow," Peck wrote in an update. However Register readers report problems processing payments through the service today. "Thousands of small transactional websites, like mine, have been affected," Reg reader Bruce Stidston tells us. At the time of writing Protx's website was unavailable but you can get an insight into what's going on through Google's cache of the firm's status page. _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/ --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'