UPDATE: Update to clarify that the downtime was isolated in only customer, and includes comments from Amazon Web Services.
As reported in several sources this week, including the report of the register, a customer of Amazon Services Cloud Computing – bitbucket (www.bitbucket.org), a code-based web hosting service that uses both EC2 and Amazon Elastic Block Storage – reported 19 hours of downtime due to a DDoS attack.
The interruption, as most reports have mentioned, it is certain to raise questions about Resiliance both the cloud and the stability of hosting solutions, and invite quality control in response to Amazon customer situations like this.
In an email, Amazon Web Services public relations manager Kay Kinton writes “Amazon EC2 instance the customer was receiving a large amount of network traffic. This great flood of traffic exceeded the networking example, the client only Amazon EC2 and caused degrade the performance of all network operations for that forum (including access to the EBS volume). Once properly diagnosed the problem, we have worked with clients to implement measures to help mitigate traffic they were receiving unwanted. We have continued working with the customer to apply filtering techniques that have kept the network your site works correctly. ”
Jesper Nøhr bitbucket operator spent a significant amount of power vent their frustration at the situation through Twitter over the weekend and Monday. He also published a detailed account of cutting the timeline in the company blog.
He says in the post, although it is not advisable to disclose the source of the disruption (as the registry, because Amazon developer meaning that the attack would give attackers future fuel for the design of new means of service attack) believed to be customers to explain what went wrong.
“We were attacked. Bigtime” he wrote. “We had a flood of UDP packets that arrive to our intellectual property, basically eat out all the broadband box. This explains why we could not read any of our EBS acceptable pace, as is done in the network. So, basically a massive scale DDOS. That’s good. ”
Nøhr blog entry, and much of the debate that has arisen from the facts, it’s a look at the response from Amazon, and a debate on the nature of the customer service of an investigation into the technical issues involved. His message concludes bitbucket is taking steps to ensure no interruption of this kind happen again, and that such measures could include moving to a new hosting provider.
In the final analysis, are not very hard at Amazon, which indicates that the company devoted much attention to support his cause after a frustrating (and the excessive length) ruling – about 10 hours.
After the service was restored, bitbucket have suffered two more attacks on the morning of Sunday and early Monday.
The technical issue appears to be how an attack outside traffic was able to break the connection between the bitbucket EC2 and EBS resources which can reasonably be considered an “internal” network connection and why Amazon did not have the means in place more quickly identify the outage as a result of a DDoS attack.
Kinton points that AWS may have to work harder to help educate clients on the availability of measures to mitigate the impact of unexpected peaks in traffic.
“We’re working to make sure you learn from this and further improve the speed with which we and our customers can diagnose problems like this,” she says. “We will also provide additional guidance to our clients on how they can best detect such problems and use of existing features of EC2 to run a website scalable and highly available. These functions include taking advantage of scale EC2-OUT ability to run multiple instances in multiple availability zones and regions, the load balancing feature elastic that helps users filter and balance traffic between their cases and self scale that allows users to large scale in response to changes in customer traffic.
In the comments section of the blog post bitbucket, Nøhr wrote that he would not answer many of the technical issues available in comments, but the system administrators of the company “is writing a post up outlining some details more meat with numbers and graphs.”
Incoming search terms:
- Attack Hits Amazon Cloud
- ddos attack hits amazon cloud costumer hard
