4857 : SlashDotted Targeted DDoS
Printer | http://osvdb.org/4857 | Email This | Edit Vulnerability

Views This Week
4

Views All Time
19

Info

Last Modified
4 months ago

Percent Complete
100%

Disclosure
Sep 01, 1997

Discovery
Unknown

Dates

Exploit
Sep 01, 1997

Solution
Unknown

Description

 Your web site contains a flaw that may allow a remote denial of service. This is typically due to a misconfiguration of the webserver or lack of money that has been invested into the webhosting infrastructure. The issue is triggered when your site warrants the attention or ire of the SlashDot horde or other high traffic sites. This issue will result in loss of availability for the server and/or the entire network.

Classification

 Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Available
Disclosure: OSVDB Verified

Technical

 The Slashdot Effect is the sudden, relatively temporary surge in traffic to a Web site that occurs when a high-traffic Web site or other source posts a story that refers visitors to another Web site. The effect gets its name from the Slashdot Web site.

It is also under much debate whether or not a site that gets Slashdotted (unable to handle the traffic) is a honor or a disgrace. Smaller sites including open source projects typically are vulnerable to this issues, however, it is well documented that even many commerical sites have been brought to their knees.

Nerd fact:
Slashdot, the Web site, is named, according to Slashdot originator Jeff "Hemos" Bates, as "a play on how terrible it is to say domain names out loud." In this case: h-t-t-p-colon-slash-slash-slash-dot-dot-o-r-g

Solution

 Upgrade your web hosting infrastructure to be able to handle a large amount of unexpected computer nerds visiting the website, as it has been reported to fix this vulnerability. If you are an Open Source project with little to no funding then it is also possible to correct the flaw by implementing the following workaround(s):

1. Keep your web site out of the cross hairs of SlashDot or other similar sites
2. Hope that there is a cached verison of the site posted
3. Create additional mirrors for the site
4. Solicit all cowards that wrote nasty comments for hardware donations
5. Invest in additional bandwidth, it may or may not help

Products
All Vendors
Watch-list
All Products
Watch-list
 All Versions

References

Credit
  • Anonymous Coward - infoBrand New Doo Dooslashdot.org - Slash Dot
  • crawdaddy -
  • ponds -

Blogs

Provided by Technorati

 None found at this time

Comments

Add Comment

No Comments.

DONATE NOW!

User Status

Quick Searches

Advertisements

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2008 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use