Last week the BitTorrent site Mininova was hit by a large-scale DDoS attack that caused a total of 14 hours of downtime. Regardless of what you think about torrent sites, this was an interesting example of how a website can be incapacitated by a DDoS attack.

We chose this example to illustrate the effect of a DDoS attack because Mininova shared some relevant information about the attack, especially a very telling traffic graph from their Internet connection. The below traffic graph shows the impact on one of Mininova’s two Internet connections during the initial attack.

The site was attacked by a botnet (using hundreds of computers) using UDP connections, and judging by the above graph it reached full effect almost immediately.

The attack generated 2 gigabit of traffic per second. Since the attack maxed out Mininova’s Internet connection it made the site very slow and sometimes impossible to reach.

This is a typical example of a DDoS attack. Its objective is to in one way or another overload a site or service until it can’t function properly.

Now let’s take a closer look at how the site was affected.

How was site uptime and load time affected?

The above network graph is interesting, but what was the actual effect on the website’s load time, and how much downtime did it result in? We have some uptime monitoring data for the site (from Pingdom) which clearly shows the effect of the DDoS attack.

As you can see by the load time graph here below, there were actually two separate attacks; one that started very early on Friday (European time) and one that started on Saturday. The time stamps below are in GMT+1.

Note that the load time in the graph above only includes the loading of the HTML, not images, etc.

The above only shows the load time for when the website could be loaded at all. In many cases the load attempt simply timed out (30+ seconds in our case). So the effect was double. Slowdown AND downtime. Note how the reduced uptime in the graph below matches the periods of increased load time.

Counted over the two attacks, this DDoS attack cost Mininova 14 hours of downtime and some extreme slowdown. It might be good to remember that people tend to leave a website if it is too slow, so even when the website wasn’t technically down many visitors would still have been turned away.

It can happen to anyone

We hope that this practical example gives you a decent picture of how devastating a DDoS attack can be to a website.

It’s worth pointing out that what is described in this article can happen to any type of site. A similar attack could have happened to a blog, an e-commerce site, a social network, a web host, etc.

Another thing to note is that there are a very wide range of different attacks that can happen. To name a different example than the one above, the domain registrar Network Solutions recently suffered from a large-scale attack on their DNS servers that indirectly affected hundreds of thousands of websites that used those DNS servers.

One might also wonder why these attacks happen in the first place. DDoS attacks happen for a number of reasons. Sometimes they involve blackmail (“pay us or we break your site”), other times there are ideological conflicts or other reasons behind it.

Do you know of other recent examples of DDoS attacks that have had a negative impact on websites or services on the Internet? Please feel free to share in the comments.

Further reading (with more DDoS examples): Conflicting opinions causing DDoS blitzkriegs online

The New England Patriots held what seemed to be a commanding lead (17-15) with five minutes left of Super Bowl XLVI last night. But the New York Giants came back and managed to win with 21-17.

As exciting as the game sounds, we missed the whole thing, instead spending our time watching the Superbowl.com website.

It turned out to be a rather dull thing to do because the site held up well and there was no downtime at all. The response time also didn’t give away anything significant in terms of online Super Bowl traffic.

Read more

As Super Bowl 46 is approaching, fans will flock to the Lucas Oil Stadium in Indianapolis, Indiana, and to TV sets around the world to follow the New York Giants battle it out with the New England Patriots.

Kickoff is scheduled for 6:30EST on Sunday, February 5, and we’re already monitoring Superbowl.com to see how the site will handle the event.

What team will win Super Bowl 46? How will the site cope? We can only wait to find out.

Read more

Every Friday we bring you a collection of links to places on the web that we find particularly newsworthy, interesting, entertaining, and topical. We try to focus on some particular area or topic each week, but in general we will cover Internet, web development, networking, performance, and other geeky topics.h

This week we bring you a collection of articles focusing on cloud, with a few other topics thrown in to boot.

Read more

Out of the 59 US-based e-commerce sites we monitored during the holiday season last year 28 scored a perfect 100% uptime for December.

Whether this helped spur on the booming sales in the US, we don’t know, but retail e-commerce spending in the US reached $37.2 billion for the November to December 2011 period. That was an increase of 15% from the same period in 2010.

We decided to dig into the numbers for these e-commerce sites to see how well they did in terms of uptime and performance. After massaging the data coming from our Pingdom probes, it turns out that the sites overall performed well during December 2011 in terms of uptime, but response time was an issue for several sites.

Read more

Pingdom’s Mobile Podcast is a weekly show about Internet, web, and mobile stuff.

In this show, Saleh also gives us an update on the pending submission of his Carbon for Windows Phone Twitter client. We’re also joined by Mario Lurig, who talks about using Amazon S3 and Cloudfront to speed up a website.

Read more