14 DAY TRIAL // Multiple users reported connection problems on Justin.tv during the weekend. The live video streaming website's administration announced that the intermittent downtime was caused by a sustained distributed denial of service (DDoS) attack against its servers.
The problems started sometime on Saturday morning and, at 1:52 PM, Justin.tv's Caleb Elston released a statement on the website's official blog. "We apologize for the intermittent downtime we have been experiencing today. Our network has been flooded with malicious requests which prevents legitimate requests from getting through. This is a classic DDOS attack," he explained.
Such attacks are performed by sending a very large number of bogus packets to a server during a short period of time. The server attempts to process these requests until it eventually runs out of resources and becomes unresponsive. Any legitimate request that is received after that critical point will be dropped or timed out.
With enough resources, it is possible to keep a server under a denial of service condition for hours or days at a time. The "distributed" part in DDoS refers to the fact that the attack does not originate from a single IP, which would be trivial to block, but from thousands of addresses.
In Justin.tv's case, the problems lasted for at least eight hours and Mr. Elston posted an update at 9:34 PM saying that, "Things have settled down since our crack team of network engineers have been working all day to fix stop these attackers." He also thanked the users for their patience and support, and, indeed, judging by the comments received, at least a part of them were understanding.
However, some not-so-sympathetic messages also stood out, with one individual even suggesting that he was responsible for the attack. "Serves you right. Do you silly [expletive] think you can get away with banning people who paid for pro accounts for no reason? This is just the beginning," the clearly upset user threatened. "HAHA delighted for you JTV u hypocrical [sic.] [expletive]! its [sic.] probably someone you banned for showing something that one of your long time broadcasters gets away with showing! [...] I hope your site is down for weeks!!!" another wrote.
Caleb Elston's blog post has since been deleted for some yet-to-be-determined reason, however, at the time of writing this article, a copy of it was still available in Google's cache. We have sent an e-mail to the company asking for additional details about this incident and we will return with updates when/if they become available.
Update: A Justin.tv spokesperson responded to our request for comment and confirmed that the DDoS had stopped. "We've added a new security system to prevent a similar attack in the future," he stressed.
When asked why the announcement had been removed from the company's blog, the official explained that, "We wrote the post to alert users to the situation as it was happening. After we resolved it, we removed the post because we didn't want to reward the attackers by drawing more attention to them. The post had served its purpose and may have been confusing to users coming to the site after the fact."
