Details about the Denial of Service attack that disabled Twitter access

Recently, the micro-blogging platform Twitter was down for more than two hours, thereby denying access to many users across the world for that time. The culprit was found to be a Denial of Service attack launched by multiple zombies sitting on networked computers (Also called as Distributed Denial of Service attacks). We give an introduction to Twitter, DoS attacks in this article.

First, let us introduce Twitter: Twitter is a micro-blogging platform. It is like your messenger, but the communications are generally not one to one but your messages are visible to everyone in your contact list. Of course, you can also send private messages, but that’s not the main functionality. And yes, there is a limit of 140 characters per message and links are allowed (usually url shorteners are used for links).

It works like this: You need to sign up for a free account and start following other twitter users (You can search users based on keywords). Hopefully, other users will also follow you. The basic idea of Twitter is to keep updating all your followers what you are doing (Social networking), at a given point of time. Of course, Twitter has outgrown that concept long time back and now it is used to intimate the followers of some interesting link in the internet, or a quote which you liked or anything else (It helps to have a twitter account focussed on a particular topic, like photography for example so that like minded users can follow your account to get tips and latest updates/interesting links on photography). Even companies and webmasters have twitter accounts. Webmasters are using Twitter for updating their followers when a new article is released on their website and to share other interesting articles in their niche. Companies have twitter accounts to intimate their partners/customers about important announcements, press releases and even to get a customer feedback. If a big company wants a feedback about a newly released product, for example, it needs to search for that keyword(product name) in Twitter and all conversations containing that keyword in Twitter would be shown. What better way to do an instant market survey?

Since it has multiple applications, a lot of people are using Twitter around the world. You can even follow the tweets of this website (If you are interested in Network infrastructure, that is) by searching for our account name excITingIP in twitter, and clicking on ‘Follow’ button.

So, it made big news when Twitter was down for about two hours last week. Even Facebook was partially down. It was announced later on that the cause for the downtime was a DDoS – Distributed Denial of Service attack launched from multiple computers connected to the internet (most of them not being aware that their computer was being used for such a purpose). Every server has an upper limit to the number of connections that it can handle simultaneously. When there are unnaturally very high number of users trying to connect to the same server/ service at the same time, there is a congestion and excess requests would be turned down. So, some attackers on the internet launch huge number of simultaneous requests to connect to a server in order to deny other genuine users from accessing the service. Their intent could be anything from just showing off their skills or politically motivated – to stop some messages from being spread (this is the suspected motive in the case of Twitter).

There is more to Denial of Service attacks than just sending a large number of requests (Like SYN Floods) and there are ways to mitigate such threats via commercially available network security products. For more detailed information on Denial of Service attacks and how they are mitigated, click on this link.

excITingIP.com

You could stay up to date on the various computer networking technologies by subscribing to this blog with your email address in the sidebar box that says ‘Get email updates when new articles are published’