Techrights and Tux Machines Subjected to Cyberattacks for Several Weeks
We've occasionally written here and elsewhere about what seemed to us like 'Slowloris'-type cyber attacks aimed at lowering our availability. As this paper puts it: "Slowloris operates by holding as many connections to the target web server open as possible, for as long as possible. It accomplishes this by creating connections to the target server, but sending only a partial request at a very slow rate. Slowloris constantly sends more HTTP headers, but never completes a request. The targeted server keeps each of these false connections open. This eventually overflows the maximum concurrent connection pool, and leads to denial of additional connections from legitimate clients."
From information we've gathered more recently, the attack is probably not "slowloris" specifically but something similar to it. We don't want to elaborate on it as it would merely help the attacker. This is also why we've kept technical details hidden from the public until now. While there is no Web server stress, the queue is being intentionally clogged up. It is definitely a distributed attack. It is definitely malicious.
We don't know who's behind it, but we can see when it started and what happened around that time.
In the past I spoke to the cybercrime unit of British Police or detectives at GMP. Maybe it's time to do so again. The cyberattacks intensified and then culminated in all-time highs yesterday, so we cannot ignore this anymore. See below. █
Last month: Getting Aggressive Suggestive of Loss - Part IV - Shutting Down My Existence