Fundamentally, you can't fool Mother Nature in computers, either - Andy Grove - Only the Paranoid Survive
|
|
|
Amazon hosts Wikileaks website after DDoS
FOLLOWING AN ONLINE ATTACK against its servers, Wikileaks has moved its hosting operations onto Amazon's EC2 cloud service.
Almost immediately following its leak of US diplomatic cables, the whistleblowing website announced that it was the focus of a "mass distributed denial of service [DDoS] attack", knocking the website offline. It has since reappeared on Amazon's EC2 cloud service, with visitors being re-directed to servers in Europe and the US.
In recent months the issue of hosting Wikileaks has become a hot topic, with stories that the outfit was being hosted by the Swedish Pirate Party. However a simple nslookup command shows www.wikileaks.org resolving to two IP addresses, both in ranges that have been allocated to Amazon for its EC2 cloud service.
Further whois and traceroute queries show that one of the IP addresses, 184.72.37.90, is routed over Level3's network on the US West Coast with Amazon's EC2 datacenter outside Seattle being the likely endpoint. The other IP address, 46.51.171.90, is allocated to Amazon's European EC2 cluster based in Ireland.
The use of a well-known US company such as Amazon to host a website that publishes material so embarrassing to the US government may be seen by some as ironic, however there might also be some potential problems.
Phil Worms, director of corporate communications for cloud hosting provider Iomart told The INQUIRER that many of his customers are wary about hosting their data on servers in the US. According to Worms, "the Patriot Act is stifling cloud adoption in the US" and said users are looking for hosting in Europe due to the data protection laws, especially in the UK and Germany.
Just how long Amazon will continue to host Wikileaks will be an interesting case study for those looking at the option of using services such as EC2 to host questionable material. Wikileaks' sparse website hosts very little actual content as the group uses Bittorrent to distribute leaked documents.
Potential problems could arise from the audit trails left by any back-office systems used by administrators, though it would be surprising if the Wikileaks team hasn't already thought of mitigating any exposure. Given the haste with which Wikileaks likely made the move, one would think that Amazon is merely hosting a few static webpages and little else.
It's unlikely that Wikileaks views Amazon's EC2 service as a permanent solution to its hosting needs, however its choice of Amazon is perhaps the ultimate single finger salute at the US government. µ
Share this:
Share
Infamous anti-jihadi hacker The Jester (th3j35t3r), who earlier this week claimed responsibility for a denial of service attack that temporarily disabled the WikiLeaks website, reported that he was the subject of a search and equipment seizure by law enforcement...
https://www.infosecisland.com/blogview/9916-Hacker-The-Jester-Reports-Raid-By-Law-Enforcement.html
Hey John, have you even used EC2? Do you know how the AWS firewall works? Why don't you take 15 minutes and read the security doc on the AWS site before posting about your "experience". http://awsmedia.s3.amazonaws.com/pdf/AWS_Security_Whitepaper.pdf The EC2 firewall will black hole DDoS attacks.
In my experience, Amazon-hosted sites are no less vulnerable to Denial of Service attacks as those hosted more traditionally. Does anyone have different experience?