Thoughts on a DOS attack

Checking your browser before accessing freethoughtblogs.com.

This process is automatic. Your browser will redirect to your requested content shortly.
Please allow up to 5 seconds…
DDoS protection by CloudFlare

See this lately? Wondering what’s up?

Well, this Saturday, some jackasses decided they didn’t like us — nor Skepchick, nor Feminist Frequency — and tried to take us off the internet.

And they woulda gotten away with it, too, if it weren’t for us meddling techs.

Some gearheaded stuff followed by some analysis of why this might have happened. Skip to the bolded red note if you aren’t so interested.

When I found out that our downtime Saturday night was anything sinister, I immediately got in touch with our webmaster, a rather clever chap who was already on the case. We had New Relic data for our site, external metrics that we could look at to figure out what was actually happening. As it turns out, while the site was under attack, the only metric that spiked was network — whoever attacked us used a pure network-based attack. It wasn’t loading the website itself, as our CPU was not taxed at all while our network was completely pegged. The metrics showed that from 7:49pm CST, til 7:54 when the server went offline, our network interface jumped up from its usual 2-ish megs a second all the way up to 100 megs a second where it capped out. The server was totally responsive during this time, though.

The server only stopped responding because our web host detected the DDOS (Distributed Denial of Service) attack, and their automated systems null-routed our server. Us being a target was having a detrimental effect on the rest of their services, and they had to block the target at the firewall. This automated script was set up to block for an hour. After that hour was up, we were able to get in for a little while. I downloaded the Apache logs during that time. But the attack continued, and our host automatically blocked us again — this time for four hours. This pattern would continue with the time exponentially increasing repeatedly, apparently.

However, while investigating the problem, our web guy discovered that the previous tech — who’d since abdicated the position with family issues — had the server set up in such a way that it responded on another IP as well, and we could get in and do more diagnostics. We learned that Apache, the web server program serving all these page requests, was not actually receiving any spurious requests when the site was under attack, correlating the belief that the attack was “dumb” — not intended to hack us, or cause a denial of service by causing too much CPU load. They just aimed a fire hose at us and fired away.

The attackers themselves, in addition, were attacking the server directly — bypassing the Cloudflare service we’d put between us and the internet. Normally, getting the IP address of your target server is not possible when attacking something behind a CDN like Cloudflare, but there were a few sub-domains pointing to the same IP address and the attacker obviously found one. Because we had a second IP already pointed to the domain, and our hosting provider’s script was kind of terrible in its lack of intelligence by null-routing only the IP being attacked, we were able to give Cloudflare that other IP instead. This one isn’t set up anywhere else but Cloudflare.

So, the attack profile that we faced last time won’t work again. Something would have to change, and some info would have to be obtained that the attackers don’t have presently. We also ratcheted up the Cloudflare protection, though that might not be entirely necessary any more. Plus, we’re planning on moving to a new web hosting provider soon anyway, a company that has more experience with dealing with DOS attacks and does stuff a little more surgically than effectively just turning off our server’s internet connection.

Skepchick recovered with the help of their hosting provider, and I’m not actually sure how Anita Sarkeesian recovered from the attack. This is probably a good thing, honestly. It means they’ve got people watching their back too — techs like our clever web guy.

That all answers the question of “how”, to the degree that I’m comfortable answering it without giving away too much. But the real question that interests me the most is, “why?”

The less technically-inclined can skip to here!

The obvious answer lies in the choice of targets. Why would anyone target Freethought Blogs, Skepchick and Feminist Frequency all at the same time? Because we’re feminists, and we have platforms on the internet. That much is pretty clear — and this despite the fact that Freethought Blogs has over fifty bloggers across thirty-five blogs, few of whom talk about gender issues, and not all of whom are feminists. We are, despite some vocal assholes’ exclamations, a fairly diverse crew. If we’re groupthink at anything, it’s that we’re all proudly atheist, and the majority of us are liberal with the odd libertarian streak.

But there’s this perception that because some of the more prominent voices are feminist, so too is all of Freethought Blogs. And so the “big lies” of us being bullies for being feminists rage on, for having moderation policies on our blogs, for generally disagreeing with the more strident antifeminist and otherwise libertarian factions within movement secularism and atheism. We have a place where reasonable discussion can happen, and sometimes the only way that can happen is by tossing out the hyper-fixated and unreasonable interlocutors. Nobody balks when the person being banned on the blog is David Mabus, but some people really lose their shit when the person being banned is a libertarian in otherwise good standing elsewhere, who just happens to be perniciously arguing against things like the sociologically sound concept of privilege and is doing so in the most uncivil manner imaginable.

So you get this crew of people who have a sense of entitlement, who misunderstand what “freedom of speech” is, who think that because you have a place on the internet and the internet is publicly accessible, you are absolutely forbidden from having a moderation policy, or else you’re a censorious fascist nazi something-something. The cries of being “blocked for disagreement” get repeated and eventually believed by the faction that refuses to engage in civil discourse, and refuses to acknowledge they were actually banned for being raging assholes. Some of these people have tech savvy. They believe that because places like Feminist Frequency, where comments on videos and the blog are disabled because of the thousands of death and rape threats Anita Sarkeesian endures anyplace they’re enabled, do not allow the publication of these rape and death threats on their server, they are therefore against free speech. (These misunderstandings of the concept are what led people to counter by calling their misapprehensions “Freeze Peach”.)

So these tech-savvy people, with little understanding of free speech, take it upon themselves to get revenge — if they can’t have their immoral, atavistic displays of rage and lack of empathy published where they want them to be published, then the server should be taken off the internet entirely. They get themselves a botnet, they aim a network firehose at their targets, and they blast them right off the internet altogether. That’ll learn ’em for disagreeing with you, right?

So much for free speech.

“He puts one of your guys in the hospital, you put all of his in the morgue”, to appropriately scale the quote from The Untouchables. If I can’t post on your blog, neither can you or anyone else for as long I decide. If I can’t enter your home and shout slurs at you through a bullhorn, then I’ll burn your house down.

Hacking or DOSing a place that disagrees with you because you can’t out-reason them, well, that’s pretty unbecoming for someone who is likely also an atheist. It smacks of the mental trap behind Self Projection As God: your voice alone isn’t enough to force people to conform to your will, so you claim that a supreme deity also wants others to do that thing that you’d prefer. Only in this case, these people are taking matters into their own hand, probably because they know there are no gods. They amplify their voice beyond their actual ability to reason and argue and have discourses, since they’ve already failed at the attempt. They take vengeance by preventing their targets from being able to speak.

They’ve taken on the role of the government in the argument about free speech — they’ve taken upon themselves extraordinary power to block others from being able to speak. And I don’t mean in the limited sense of being blocked on a single blog, I mean they’ve been blocked from speaking at all.

I don’t have any real evidence tying this even to a member of our community, but we’ve already seen a number of people with libertarian, anti-feminist bents who are otherwise respected (for some reason) in this community — people who claim that we got what was coming to us, that the DDOS was somehow defensible or even justified, all because certain people are banned at our blogs for being assholes. If we were anything like the censorious fascist monsters this contingent makes us out to be, though, this action is STILL not justified.

I absolutely support freedom of speech. When I ban someone, I tell them to take their nonsense elsewhere. I sometimes helpfully point them to one of a number of free blogging services where they can vent their spleens freely — my kicking them out of my pub does not prevent them from visiting other pubs or even starting one of their own. I might even link to them to point people to their terrible arguments on occasion, by way of doing a fisking or even just a facepalming post. And I can assure you, if someone from the slimepit, or, say, A Voice for Men, or some other such hate site, had problems with their server that they thought I could help with, I would be a consummate professional and offer them my normal (undiscounted) consulting fee, delivered in escrow, while I work on the problem on their behalf.

Mind you, I know this is an empty promise, because the former is convinced that the size of my penis and how it apparently fits into a thimble determines my worth in this world, judging by their pet name for me; and the latter is convinced that I’m only good as someone to throw under a bus on occasion, in order to prove some larger point about the evils of women. But I’m being completely honest when I say that if they offered me money to help them fix their server, or to help them recover from a DDOS attack, or whatever other technological or sociological problem was preventing them from speaking freely on the internet, I would do it. I wouldn’t even hesitate. Not because I am particularly hard up for money, but because I love free speech that much. They could even be assured that I would do nothing to compromise their security, or destroy their server, because not only am I a professional, but I have an extremely strong moral impulse and I have empathy for them even when they have none for me.

Besides, how else can I “drama blog” by pointing to things that they say that I disagree with, the way that they do every single day? How else can I use their words to show how their philosophies are atavistic or antisocial or detrimental to humanity or the cause of egalitarianism if their words are scrubbed from the internet by a truly censorious asshole with a script and a botnet and a grudge?

I WANT their speech on the internet. They, or some subset of them at least, DON’T want MINE.

I will always side with the people fighting to ensure that established platforms aren’t yanked out from under them, even while I will argue unabashedly that this does not extend to your speech on someone else’s platform and that freedom of association enshrines that you damn well get to choose who’s on your platform for whatever reason.

Freedom of speech as a right ensures that a government — an entity with supreme power in this world — cannot take your right to speak away. A blog is not a supreme power like a government, and much like a home, you are not entitled to someone else’s private property. By trying to burn someone else’s home down, you are the one in the wrong. You are the one being censorious, and you are the one who has ceded any moral high ground or appearance of intellectual enlightenment.

And all because you were incapable in the first place of arguing your points without acting like an asshole.

{advertisement}
Thoughts on a DOS attack
{advertisement}

63 thoughts on “Thoughts on a DOS attack

  1. 51

    those who seek to impose this world view on others

    See, this is just meaningless. Yes, FTB promotes feminst views. In what sense is this imposing them on others?

    Are gay rights activists ‘imposing their world view on others’? Of course not, but that’s what the Christian right frequently says…so you’re in good company with that argument.

    What you actually mean is that you don’t like the promotion of feminism, and it annoys you to hear it. Well, tough. No one is dragging you out of bed in the middle of the night and demanding at gun point that you accept the concept of patriarchy. *That* would be imposing a world view. A blog network which can sometimes be aggressive and blunt when it comes to criticising people? No.

  2. Muz
    52

    re: brive

    I think it would be a mistake to present the pit folk as merely likeminded on the matter of certain sociological notions and/or the mindset (as they see it) behind them.
    The place wouldn’t exist without an, at least initial, shared and deep seated anger at Pharyngula and PZ in particular. Usually over perceived censorious behaviour.

    Sure it coalesced around that anti-feminist, anti-social-construct theory conservatism as that was at least part of the initial disagreement (and was redefined so more concretely after the Tf00t debacle). But this isn’t really some academic philosophical disagreement.

  3. 53

    brive1987: you think “at the moment” includes a comment by a commenter from 2011, but this very post, by a blogger on the network as opposed to a commenter, from two days ago, doesn’t count as “specific contemporary” post that defines “the mood”?

  4. 54

    @Brive, I can only assume you are delusional, the pit is defined by being against it’s figures of hate. With the odd contrarian like Steersman criticising the overwhelmingly anti-FTB/Skepchick/feminist stance from time to time. With the result that he is on “mute” for many on the forum, but this of course is not censorship, because it’s your side doing it, oh and reasons šŸ™‚

    If this is not true why were there regular calls for “champions” from FTB to come and debate them? (As I’ve mentioned before since the pitters failed to make anything other than fools of themselves in the atheistskepticdialogue.com this has died down). If there is this “diversity” you speak of then why is there any need for these representatives of FTB/Skepchick … For that matter why do you need to come over here for arguments, surely the “diverse” nature of the Slymepit can encompass any and all permutations on an argument! *Hint* You like to present this fantasy of a diverse membership and “free thought” paradise of the Slymepit, reality disagrees with you however.

  5. 55

    Brive1987:

    Tom, thanks for your comment. I would be better persuaded if you had supplied some counter evidence to mine.

    I countered your single, unlinked, unsourced cherry-picked comment excerpt with exactly the amount of evidence it required.

    Ie specific contemporary posts welcoming the continued existence of the ā€˜pit community albeit on a different server.

    Um…the ‘pit community was dedicated to hate speech and abuse. I’m sure we’d all prefer that hate groups stop existing, that people stop being hateful and abusive. Regardless, look at how quickly those goalposts move.

    At the moment I donā€™t see the mood can be defined as anything ā€œletā€™s deprive these people of oxygen by focussing on closing down ERVā€.

    This sentence makes no sense, and I don’t know what you’re quoting here. But, again, please cite anyone focused on closing down ERV, rather than closing down The Monument or comments in general on ERV. They are not the same claim.

  6. 56

    Oh, somebody needs a contemporaneous statement about intent, huh? Will this one do:

    It was exactly my intent, and the intent of people pressuring Russell Blackford and others, to cut off all social support for that inexcusable behavior.

    I don’t recall that “social support” falls under the duties of network administration.

  7. 57

    One is tempted to suggest a difference between blocking someone because they are from the wrong side – which gets zero respect from me – or because they said something so unacceptable one had no choice but to block them – which also gets zero respect though is far more understandable. I think it is good once in a while to get blocked because your reaction to it makes you better if it is one of simple neutrality or resigned acceptance. Anger on the other hand is most definitely a no no though this may take years to learn

    I only have two rules when it comes to online discourse. One is that I do not do groupthink. This is wonderful when wanting tribal support but not so wonderful when literally thinking for yourself. The other rule is that I turn no one away. I am not permitted to. Only if the subject matter is uninteresting but if that is the case then I will not be engaging anyway. There was a time when I would have suggested this be the natural default position but no more. Now I just have rules for myself. What others do is entirely up to them. I see some comparisons here to Free Thought and the Slyme Pit. I make no distinction in principle. Far as I know they all have forty six chromosomes and that is the only thing that really matters. I do not check who is saying something before deciding whether I like it or not. That is not the way one does it. I am not interested in who you are or what you are but I am very interested in what you have to say. That is black and white. I do not do grey. Life is too short to waste on such irrelevances

    Before I came here I had a negative opinion of Free Thought. But now I find it reasonably accommodating and not as bad as I perceived. It is wrong to say they censor those they disagree with as that is not true or at least not absolutely so anyway. But these are blogs not forums. Which means that censorship is in the hands of the one whose blog it is as supposed to many mods which is the case on forums. Bloggers do not have to give reasons for banning whereas mods do. So maybe a bit less democracy on blogs but such is the nature of the beast. Remember that being banned just means the blogger does not like either you or your opinions. It does not mean they are necessarily right. So remember that the next time you are denied your freedom of speech

    The principle however of refusing the voice of those one disagrees with is fundamentally wrong. Not having any children means I can actually say I would die for it and mean it. I am a nihilist and not afraid of death so it is not something that bothers me. There are some things worth dying for and that is one of them. We in the West are so fortunate to have such a wonderful freedom. And those across the water in America are even more fortunate to have The First Amendment. Not absolutely perfect in practicality of course but completely beautiful in spirit. Which is why I at least ban no one. And I have pushed it as far as it can go. What I allow has actually been banned in my country and no one in their right mind would allow it but I cannot be constantly banging on about freedom of speech one second and then deny to someone the next because it is on a topic so disgusting that no one in their right mind would let it be viewed in public. You have to push this as far as it will go. Some who say they believe in freedom of speech really should be aware of how unlimited that concept actually is now

  8. 58

    There have been a couple of articles on Slate about bullying and trolls that have made the behavior of most of the ‘pitters who wander over to FTB on a regular basis much clearer in my mind.

    First, the article by Mooney on the personality characteristics of trolls is relevant. I think what happens is that trollable people quickly move on from the ‘pit,’ and how much fun can it be for people with narcissistic, Machiavellian, psychopathic and sadistic tendencies to try and troll each other? They come back here for some fresh meat. Notice that most of the trolled threads end up all about the ‘pitters’ and their issues. Narcissistic, much?

    Notice, also, how many of these threads turn into “somebody once said something bad on FTB, so you’re no better than they are?” The article about Incognito’s bullying talked about how bullies are most successful at tormenting people they know well, and the trolls from the pit know that fairness and social justice are important values here. Easy-peasy.

    Any thread that becomes slime-infested gradually denigrates to these two themes. Compare this to, for example, how threads evolve on Ally Fogg’s blog. There is quite the range of opinions represented there, some that seem a bit separated from reality, but nobody is there primarily to troll, so one can learn a lot of interesting things, especially when people back up their opinions with some data.

  9. 59

    okay, I’m curious.

    Does the slimepit have a consant influx of feminists rolling on every conversation they have? because I can’t even imagine having that kind of free time. I can’t even keep up with the things I actually enjoy to be sparing even two seconds for a bunch of fools at the monster douchetruck rally…

  10. 60

    ceesays @ 58

    okay, Iā€™m curious.

    Does the slimepit have a consant influx of feminists rolling on every conversation they have? because I canā€™t even imagine having that kind of free time. I canā€™t even keep up with the things I actually enjoy to be sparing even two seconds for a bunch of fools at the monster douchetruck rallyā€¦

    I sometimes wonder if people here obsess about the hole as much as it obsesses about FtB – then I think “Why would they?” They’ve managed to marginalise themselves so thoroughly I’d be surprised if anyone here gave them much thought at all, except when one of them visits here to start picking and poking or when one of them goes on a two-minutes hate on twitter.

    I also wonder if the hole gets as many visitors from here as FtB gets from there. Then I think “Why would it?” I can’t think of a reason why the hole’s declared enemies-for-life would want to set foot over there, even just to observe. We see the hole’s viewpoints displayed over here often enough by self-appointed reps (quite often, in comments unrelated to the topic of the post that’s being commented on) that it isn’t necessary. We’ve also seen on occasion what’s said offhand at the hole, which clarifies their viewpoints even more and makes it clear that the versions of them seen at FtB are heavily sanitised).

  11. 61

    @ceesays

    Does the slimepit have a consant influx of feminists rolling on every conversation they have?

    One of the most amusing things about the pit is that they realise it’s a massive circlejerk themselves. They are often goading people from FTB to come and “debate” them on the pit with very clever variations on “FTBullies haven’t got the balls to talk outside their safe space, neenuh!” … Dunno about the last year as I’ve avoided the place, but from what I’ve heard only a couple of people from FTB have popped over there to experience the false equivalence, tu quoque and slimy disingenuousness up close. Those people are then obsessed over by the pitters, like myself, as some sort of lover who spurned them.

    They usually just pop here to troll and try and get someone to say something they can twist or laugh at. Then pop back to their safe space to ridicule and tell each other how much more rational than the FTBullies they all are. The circlejerk is thus completed and never ending.

    As to @Hank_says point about people here not thinking about them, I concur. Only reason I am ever forced to consider them is that I like to read the comment sections in FTB. Big mistake really as they are infested with pitters more often than not. On Twitter I have them all blocked and manage to rarely give them a passing thought. I’ve also found out they are a tiny streak of piss in a big pond, 4chan trolls, MRAs, TERFs, christian conservatives all use the same tactics of discovering “hypocrisy” in “SJW” or “liberal” (Or in the case of TERFs trans) activists and allies. Then “beating” them with “their own standards”, by which I mean projecting their own fantasy of what they think feminists/SJ-aware people think then attacking that by taking it to their own straw extreme.

    So the only reason they get any attention here is this particular streak of piss is obsessed with FTBs/Skepchick particularly. Never understood it as there is a wide world out there of people with the same views as FTB who have larger audiences. I’d love it if the ultimate freeze peach option suggested by Josh Spokesgay and others of banning the lot of them was implemented. They reckon this is already the case so why not go for it? Would make the comment sections a lot better and some criticism of an OP might actually be possible without derailing trolls /irony being this whole comment is off topic :-/

  12. 62

    I kinda keep an eye on the pit, only because they have occasionally commented negatively on my many brilliant insights. But even during my most resentful mood towards the islamophobic apologetics of parts of the atheist social justice community, nothing could persuade me to open an account there.

    However I would resist simplifying atheism today as being split into to just two factions like the goodies and the baddies. A blanket ban on all pit members would give this false dichotomy far too much credence. Best to treat people as individuals, and recognise that not all social justice advocates think alike.

  13. 63

    @61: No, I think you’re setting up the actual experience of being on one side of this “great divide” into a false dichotomy. I mock the idea of “deep rifts” all the time, because I know it’s not actually rifty. There’s no actual insurmountable barrier between jumping from one side to the other, and I see lots of people who straddle it — who recognize that there is an entrenched will toward being nasty toward people and who disdain that, but think that, for instance, the feminists in the community go too far by banning these people.

    Really, the “deep rift” is about the people who dislike folks like me, who advocate for things like harassment policies at cons, banding together when they, individually, one at a time, act like insufferable assholes toward us and get blocked on Twitter or banned from the comments. If anyone’s blanket-banning Pitters, it’s nothing more than a convenient heuristic — the denizens of the Pit arrive there after deciding to attack some people, then getting blocked or banned. I would be genuinely surprised if any of them found the ‘Pit BEFORE being kicked off of someplace else.

    And oolon and others: the prevalence of such an action is not nearly what some people suggest it is. You can’t get banned from “all of FtB” unless you, individually, one at a time, pissed off every single blogger enough. And some of the newer bloggers have not yet hit their stride or realized that you have to kick off certain voices who love to threadrupt discussions in various disingenuous ways. One blog is not the whole network. PZ Myers’ strategies for community-building are not mine, nor Greta’s, nor Stephanie’s, et cetera. And none of us would brook the idea of a blanket ban outside of some technological problem like a DOS attack.

    This is a gentle reminder that the DOS is what we’re talking about here. Not the “deep rift”.

Comments are closed.