We would like to give you an update regarding the recent DDOS related
network security events that have caused brief network congestions on three
separate occasions over the past 2 months. First of all, we would like to
thank you for your support and your trust in Wowrack thus far. We have
talked and listened to your comments, critiques and support and we would
like to ensure that we will not abuse your trust and continue to strengthen
our client relationship for many years to come.
After the third subsequent attacks in many months, we have decided that
sitting around and doing nothing is NOT an option. We have to act in order
to minimize the impact of large scale DDOS attack to our network and our
emergency committee has come up with a set of viable immediate short term,
medium term and long term solution to strengthen our network. We have
discussed our plan with our upstream vendors, hardware vendors and some of
the most prominent network and security experts in the industry to ensure
that we have the best possible long term solution to this problem.
Following are the details of our plan to better prepare our network for
future large scale DDOS attacks
IMMEDIATE SHORT TERM ACTION (ETA: Immediate Action)
- Double our upstream connectivity by subscribing to multiple Gigabit
Upstream connectivity.
- Increase our attack surface by spreading our inbound and outbound traffic
between all of our upstream providers
- Implementation of Blackhole Community that will improve response time and
mitigation time during the attack.
- Implementation of automated null route feature that will automatically
mitigate large and abusive network traffic.
MEDIUM TERM ACTION (ETA: 2-4 weeks)
- Upgrade our border and core routers in our network backbone to support
Multiple 10Gigabit Connectivity.
- Upgrade our upstream connectivity to multiple 10Gigabit and multiple
Gigabit connections, effectively increasing our upstream connectivity to 6
times the size of our connection today.
- Doubling the size of our point to point dark fibers to our remote
facilities.
LONG TERM ACTION (ETA: 12+ Months)
- Fully upgrade our network backbone to 10Gigabit Connectivity
- Improvement of Blackhole and BGP community that will ensure better
response time and mitigation time during attacks.
- Implementation of 10Gigabit Network to all Remote Facilities.
Over the course of next few days and next few weeks, you will be receiving
network upgrade notifications from us to confirm that the project is
ongoing and to ensure that it has been successfully completed. We will make
our best effort in order to minimize the impact of the project to your
network availability. Our goal is to complete the upgrade with zero
downtime. We thank you in advance for your understanding and patience to
help us go through this difficult period.
We welcome any comments, critiques, and questions from each and every one
of you. If you are interested more in technical details, please contact us
at [email protected] and we will respond to each and everyone of your
questions.
Thank your attention.
Best Regards,
Erward Osckar
Wowrack.com
2001 6th Ave, Suite 2008
Seattle, WA 98121
Work: 206-522-4402
Fax: 866-969-8878
Follow us @ http://twitter.com/wowrack
MSN IM: [email protected]
=======================================
NOTE: Some of our customers have told us that they have never received the
first notification email that we’ve sent out on Wednesday 3/3/2010. You
can read the original notification below:
RE: Letter from Wowrack Management Regarding Recent Security Events
Dear Valued Wowrack Customer:
As you may have already known, our network was under an extremely large
DDOS attack again yesterday evening 3/3/2010 from around 7:35PM to 8:40PM.
As you may also know, this has been the third major DDOS attack in recent
months that have severely affected our network and causing extreme sluggish
network performance that may have adversely affected your network and
applications. We have been fortunate so far not to suffer prolonged network
problems due to the quickness of our Network Operation Center team and our
upstream providers in identifying and mitigating these major DDOS attack.
However, we understand that delivery of 100% healthy network is important
and we are taking this matter seriously.
To help you understand how we currently have our network setup, let me dive
into how we have initially designed our network in order to deliver the
uptime that we have promised. We currently have multiple border routers
with multiple upstream providers with gigabit network uplinks. In a normal
network operation, we are only utilizing 10-25% of our available network
capacity with the option to quickly double our network capacity in within
24-48 hours.
When we initially designed the network (about 18 months ago), we believe
that we will be able to deliver 100% healthy network by having the excess
capacity and by having multiple layers of redundant network equipments.
Unfortunately as our network grows and as our customer base increased, we
have attracted many different kinds of customers and different kinds of
application infrastructure into our network. This has also resulted in
having a much larger exposure of our network in the Internet. We have been
receiving many different kinds of network and security threats (such as
DDOS attacks) over the past few years and have successfully withstood the
smaller DDOS attack. Unfortunately as the attackers are getting more
sophisticated, we have recently suffered from multiple major DDOS attack
that I would put in the same category as an Internet based terrorist
attacks. These terror attacks are unpredictable, extremely massive in
nature (with multi gigabit attacks) and in the end hurts everyone in our
Network. We will be working with law enforcement agencies and hope that
perpetrator(s) will be brought to justice.
When we first started Wowrack, we believed in delivering a quality service
and products with the goal of long term business relation. We still
strongly believe in this value today and we are depending on this value to
run and grow our business. We have called upon a formation of an emergency
committee in order to evaluate and recommend upgrades in our network to
reduce the possibility of large DDOS attack crippling our network. We are
confident that we will be able to deliver yet again and we will report back
to you as soon as we have made a decision on how to proceed.
We invite you to talk with us to share your comments, support, and
critique. Please do not hesitate to contact our management directly at [email protected]. We promise to get back to each and everyone of you
to discuss your comments.
Thank your attention.
Best Regards,
Erward Osckar
Wowrack.com
2001 6th Ave, Suite 2008
Seattle, WA 98121
Work: 206-522-4402
Fax: 866-969-8878
Follow us @ http://twitter.com/wowrack
MSN IM: [email protected]作者: cpuer 时间: 2010-3-6 19:38
他们的10TB比较吸引人,价格也便宜,所以国人也比较多吧。