DO NOT run scheduled requests to a public server at the top of the hour, pick a random minute. The worst victims of this problem are community NTP servers - at every hour and especially 00:00:00 UTC, the traffic spike is just impressive.


Also consider rate-limiting and exponential backoff in retry loops. Otherwise the results can be quite spectacular.

Some Internet folklore from China: In 2009, a random guy paid for DDoS to attack a competing game server and disabled its DNS service. Just a regular day, right? Following that, a popular video player with 1 billion installations, appropriately named Storm, all entered an endless retry loop to phone home, DNS requests flooded China Telecom's backbone and caused a nationwide network outage. The attackers suddenly found themselves to the state's enemies.

· · Web · 0 · 3 · 13
Sign in to participate in the conversation

cybrespace: the social hub of the information superhighway jack in to the mastodon fediverse today and surf the dataflow through our cybrepunk, slightly glitchy web portal support us on patreon or liberapay!