The Attack of the Spiders from the Clouds


 
Thread Tools Search this Thread
Special Forums UNIX and Linux Applications Virtualization and Cloud Computing The Attack of the Spiders from the Clouds
# 1  
Old 07-31-2008
The Attack of the Spiders from the Clouds

We have seen a lot of discussions of cloud computing in the news recently, as a technology to permit "users to access technology-enabled services without knowledge of, expertise with, nor control over the technology infrastructure that supports them." This sound great doesn't it?! Users with little to no IT expertise can log into the cloud and launch 8 instances of a server with the equivalence of 16 high performance CPU cores. However, as we all know, all things, including cool technologies have the potential for both good and evil, opportunity or threat; and cloud computing is no different.

It just so happens that I have been experimenting with Amazon Elastic Computing Services (EC2), documented in Computing in the Clouds with AWS over at The CEP Blog. The server over at The UNIX and Linux Forums has been experiencing some very hardware-limited, high load averages recently. We thought we should take a look at moving the forum server up to the clouds.

Then, a fellow system admin over at the forums suggested that maybe some rogue bots were causing high server loads; so I wrote a one-line command to do a bit of real-time spider hunting in the Apache2 logfiles. Surprise! I found there were a number of rogue, hungry spiders that would not follow our robots.txt directive not to crawl the site. One of the bots was from Russia, one was from China, and another one was from Korea. There were spiders from places I never heard of, all consuming precious resources and denying our users!

So, I did what any Linux admin would do. I used iptables to block the networks of these rogue, hungry, spiders (sorry I was not very kind to these cyber creatures). It probally comes to no surprise at this point in the story that four of the spiders were from the Amazon EC2 cloud. Here is a sample of the output from iptables -L:
root@www:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- ec2-67-202-45-0.compute-1.amazonaws.com/24
DROP all -- ec2-75-101-243-0.compute-1.amazonaws.com/24
DROP all -- ec2-75-101-197-0.compute-1.amazonaws.com/24
DROP all -- ec2-75-101-213-0.compute-1.amazonaws.com/24

Well, imagine a not-so-distant future dystopian world where criminals or terrorists want to launch a massive denial-of-service attack against some critical infrastructure, like the root DNS servers, or maybe attack major financial institutions, military or e-commerce sites.

First, the bad guys create an instance of powerful operating system with a malicious network application, they test it, and they place it the cloud (without invoking the instance, paying a very small storage fee, no computing time fee) and they wait. Then, at the precise moment of their planned attack, they launch 128 instances each with the equivalence of whatever is the mega-platform at the time, and just blast away at their attack target(s). Even more damaging, they do this from many cloud computing infrastructures. (Note: The cost of the attack is minimal because the criminals are only charged a few pennies an hour for each running instance and the attack runs an hour or two.)

My experience with cloud computing, which is still maturing, is that cloud computing has great promise for both good and evil. The very real example of the "spiders from the clouds" is a harmless enough story of folks using a cloud computing infrastructure for web crawling, perhaps hoping to be the next Google billionaires.

One the other hand, cloud computing brings with it an emerging and growing danger for the misuse of the power of cloud computing infrastructures. The misuse could be malicious, or accidental, but never-the-less, the danger is real.

What an interesting world we have created! Would would have ever dreamed 10 years ago that we could be attacked by ......

#include

... Spiders from the Clouds.




Image
Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

3 More Discussions You Might Find Interesting

1. Virtualization and Cloud Computing

Private, Public and Hybrid Clouds

Hi all, Private, Public and Hybrid Clouds I'm now testing OpenStack; Home OpenStack Open Source Cloud Computing Software -Infrastructure as a Service (IaaS) -Platform as a Service (PaaS) -Software as a Service (SaaS) It is an Open Source software. I'm interested to know whether... (0 Replies)
Discussion started by: satimis
0 Replies

2. Virtualization and Cloud Computing

Computing in the Clouds with AWS

Tim Bass 07-25-2008 02:34 AM The admin*team at The UNIX Forums*have been considering moving the UNIX and*Linux*Forums to the clouds - the Amazon Web Services (AWS) cloud.* Amazon EC2 is one option to scale the forums, which is a*LAMP application.* Amazon EC2 allows*us to rent dedicated... (3 Replies)
Discussion started by: Linux Bot
3 Replies

3. Virtualization and Cloud Computing

The Attack of the Spiders from the Clouds

Tim Bass 07-31-2008 08:09 AM We have seen a lot of discussions of cloud computing in the news recently, as a technology to permit “users to access technology-enabled services*without knowledge of, expertise with, nor control over the technology infrastructure that supports them.”* *This sound... (0 Replies)
Discussion started by: Linux Bot
0 Replies
Login or Register to Ask a Question