Web TV network blames anti-P2P firm for DoS attack

Share this article:
The chief executive of an internet television network is raging mad over an apparent, inadvertent denial-of-service attack that brought the network to a screeching halt over the Memorial Day weekend.

The attack knocked the website of San Francisco-based Revision3 offline for all three days of the holiday weekend, preventing users from downloading or watching the internet television shows produced by the network.

CEO Jim Louderback told SCMagazineUS.com this week that his IT team, after spending much of the holiday working on rectifying the problem, was able to trace the source of the digital assault to a controversial Santa Monica, Calif.-based company named MediaDefender.

That company, whose clients include major film studios, is a provider of peer-to-peer (P2P) anti-piracy solutions. Some have criticized the company for using questionable tactics to stop copyright infringement, including placing bogus files in P2P networks to deter users of pirated content.

On its website, MediaDefender said it “uses a range of non-invasive technological countermeasures …to frustrate users' attempts to steal/trade copyrighted content.”

MediaDefender's approach certainly frustrated the personnel at Revision3, which delivers about five million videos a month.

Louderback said the problem started when its BitTorrent tracker – which coordinates peer-to-peer file transfers among users – was left open for a few weeks so the company could stabilize its servers.

MediaDefender determined that the tracker was open and, unbeknownst to Revision3, began using the server to seed BitTorrent networks with fake media files, Louderback said. Sometime, last week, when Revision3 determined its server was stable, it again locked it down.

However, MediaDefender kept trying to deliver the fake media files, but couldn't get in, so the Revision3 servers became overwhelmed by inbound packets, resulting in a denial-of-service (DoS).

“Their servers freaked out and started sending us all these different messages from their server that basically overwhelmed our computers,” he said. “Because we had it locked down, their servers couldn't get responses. [But] standard internet protocol is if you don't get a response, you don't send another [packet] a zillionth of a microsecond later.”

Louderback estimates that the company delivered upward of 7,000 packets per second, swiftly knocking Revision3 offline and costing the company tens of thousands of dollars.

After its tech staff spent much of the weekend trying to decode packets, analyze the attack and determine who was responsible, Revision3 finally made contact with MediaDefender on Tuesday – more than three days after the attack commenced.

Louderback, who wrote a detailed blog about the incident, said MediaDefender immediately halted the packet exchange and apologized.

MediaDefender executives told him that it initially began injecting bogus files of copyrighted material by way of the tracking server because that same server was being used by others to channel unlicensed content.

But Louderback said he wasn't aware of this, but that still does not give MediaDefender the authority to do it. He said the company should have contacted Revision3 to alert them.

“If I leave my door unlocked, does that mean people are free to come and start ransacking my house?” he asked.

According to public reports, MediaDefender plans to implement measures to prevent a similar occurrence in the future.

A MediaDefender spokesman did not respond to a request for comment.

Louderback said the incident forced Revision3 to reconfigure its network and now will implement a load balancer to sit in front of the firewall.

“It's not good to know that another business could just take your business offline,” he said.

“I think I might send them a bill,” Louderback said, who added he was unsure if he would pursue litigation.

The FBI is investigating, he said.

“Whether it was negligent or not, my business was taken offline for three days,” he said. “It's up to people smarter and more knowledgeable than me to determine if that was a criminal activity. We want our weekend back.”

Revision3 produces about 65 original shows for the internet, including the popular Diggnation, in which a pair of hosts analyze the top Digg stories of that week.

Share this article:

Sign up to our newsletters

More in News

DDoS attacks remain up, stronger in Q2, report says

DDoS attacks remain up, stronger in Q2, report ...

Prolexic's second quarter DDoS report noted the proliferation of shorter attacks that ate up more bandwidth.

Superman soars above fellow superheroes as most toxic search term

A McAfee study found that searches pertaining to Superman exposed users to the most infected websites.

Black Hat talk on Tor weaknesses canceled

Black Hat organizers say legal counsel for the Software Engineering Institute and Carnegie Mellon University nixed the session.