posted on Sep, 11 2008 @ 09:56 PM
Without getting into details that may assist future attempts to disrupt the board, it does indeed appear as though we were a brief target of some type
of attempt to cause havoc.
Three separate IP addresses (that track back to server hardware, not personal computers) we're found to be repeatedly accessing pages that are
generally high load... the three computers were averaging 20-30 hits on our servers every second.
(SIDE NOTE: for the purpose of providing forensic data for such events, one of our three web servers logs hits from a specific type of access --
null referrer data, no accepted cookies, and malformed browser signatures -- these are typical of spiders and automated attack attempts, and are not
typical of ATS users. The data is retained for 72 hours.)
This type of access ultimately caused a high-load on our database, which resulted in the inability to access the board.
The ISPs of the servers have been notified, and they're now offline. It was three different ISP providers, in three different locations of the
country, running what appeared to be nearly identical scripts.
Our tech team is taking measures to install a custom system that automatically detects such disruption attempts, without degrading overall system
It's been a busy day, with this issue and the new announcement for political topics... and even with the near four hour outage, we're still on track
for today to be one of our top-ten highest-trafficked days.