The Tiger Effect and Internet DDoS

An anonymous reader writes "Many US and Canadian ISPs thought they were under a massive denial of service attack yesterday — traffic spiked by hundreds of gigabits across North America. Turns out that the traffic was due to live streaming of the U.S. Open and Tiger Woods nail-biting victory."

naming this effect?

tigerd

Tigerdotted

I Got wooded?

ok /.ers you can do better. I need to update my ids logs to take this into consideration ;)

Jennifered?

Jennicam caused massive overloading the first time she had realtime sex. Likely there were other occasions before that too.

Re:naming this effect?

What does Final Fantasy 3 have to do with this? You leave that ragtag crew out of it!

You learn something new every day

Who knew that there was a professional nail-biter's competition, let alone that Tiger Woods won it?

Not Firefox?

You mean it wasn't due to Firefox downloads? Guess it's not yet as mainstream as I'd like it to be. :)

Re:Not Firefox?

Joke --------> *whoosh*
          O <--- You
        --|--
          |
        / \
 

(Credit [seenonslash.com] and credit [slashdot.org])

Re:Not Firefox?

Ouch, the guy's poor legs.

Tiger effect?

Haven't most users updated to Leopard by now?

Re:Tiger effect?

Haven't most users updated to Leopard by now?

Oh, FSCKING JEBUS. Why does some nitwit have to make everything about Apple?!

Hint to Steve Jobs genuflecting tards: No, life is not all about Apple. No go outside and get some fresh air. Now.

Office bandwith

I remember working at a streaming media startup and a Tiger nail bitter was our first live event. 8 Years ago that was 24gb a sec and the average bit rate was 368kbs if I remember correctly. There is a lot more bandwidth now than then. The fun part was running the logs and associating the AS and often the big company associated with it, there seemed to be a lot of people with comfy offices a lot of bandwidth and a love of golf back then.

Re:Office bandwith

there seemed to be a lot of people with comfy offices a lot of bandwidth and a love of golf back then.

Really? You don't say?

Nail-biting victory?

I find it hard to believe that there's anything that can possibly be nail-biting about watching golf.

Re:Nail-biting victory?

I used to feel the same exact way -- I thought watching golf was about as exciting as watching the grass its played on grow.

I don't know what happened, but I've gotten kind of hooked on the major tournaments. There's enough camera coverage that they actually spend most of the time with a decent golfer hitting the ball, so its not just a bunch of guys walking around, and they're almost exclusively in high definition.

Wow! Could Thse ISPs be in Trouble!?

If these ISPs were overloaded to the point of thinking they may be being DDoS'ed over one event online, they are they wholly unprepared for any sort of attack that may actually be focused at them? Imagine the carnage a real attack would wreak on the ISPs! Is there anyone out there that knows the likelihood of ISPs going down if they came under a real attack? If a few botnets targeted these ISPs, could they be brought down completely? Imagine one of these ISPs really stepping up the game for a tiered internet service model, putting themselves out there as a lightening rod for angry nerds. Could a coordinated effort break the back of an ISPs ability to provide any service whatsoever?

Your thoughts are most welcome and I thank you in advance for sharing your thoughts!

Re:Wow! Could Thse ISPs be in Trouble!?

Umm, I knew a person who managed a very large botnet. He use to be able to take down the internet for a general area. He use to have "wars" with other botnet people and you would notice the internet gone for a few hours, in my neighborhood at least. Then he was hired to take down a website in the west side of the Pennsylvania. He actually took down the internet for the whole area. Banks there couldn't communicate and all that. Well, he was caught and spent some time in prison. Now he doesn't really fit in with society any more and spends time in and out of prison.

Re:Wow! Could Thse ISPs be in Trouble!?

And you sat on your ass and said nothing eh?

Great.

Re:Wow! Could Thse ISPs be in Trouble!?

I didn't see anyone else catch this. WTF do you mean to tell me that they 'thought' it was a DDoS? Thought? So much for that traffic shaping magic. Sure, if it had been P2P we'd know exactly what little johnny down the street has on his iPod this morning and the RIAA would be all over the news with it and how file sharers killed the Internet.

From the looks of this, co-ordinated effort is nothing more than a couple thousand bot computers infected with a 'lets watch sports over the net' worm. Think of it. One bot net with 100,000 computers all trying to watch ESPN at the same time, and those that can, also trying to watch something from Europe at the same time.

One word: multicast

Uni-casting VOD over the Internet will keep doing this over and over again and ISPs will continue to blame file sharing for their lack of both foresight and bandwidth.

omfg!ponies

Run for the hills! Internet traffic doubles/triples during a major sports event? Who could have known!

That's about as worthy of an article as one "discovering" Euro Cup 2008 matches causes certain European streets to be abandoned for ninety minutes.

I can understand how such a traffic increase would be reason for alarm for the average network administrator, but you'd think service providers whose main business is the infrastructure would be aware of major streaming events. This shouldn't have surprised so many people.

firefox

Just thought of something. Was mozilla.org hosting US Open highlight clips yesterday or something? Because that would explain a lot.

Troubling it wasn't recognized sooner

How could this possibly be confused with a DDOS attack?

It makes me nervous that it even got to that point. How can a competent ISP confuse DDOS attacks with streaming video (most likely, the same streaming video sent to all people)? Isn't there a pattern there? Couldn't they see the connections were all coming from the same server or block of servers? Couldn't they see all of the connections were using the same protocol? Couldn't they see they were all using the same port?

How the hell do they confuse that with a DDOS? I am just a lowly part-time IT network manager at my company and even I can see the difference between streaming video and "other bad stuff".

Someone smarter than me please help me understand more about this. How did this get far enough to convince the ISP's they were being DDOS'd?

It was good quality video.. I watched.

I guess I was part of the problem. I watched a good portion of it, at least the first nine holes until it switched to NBC coverage where my MythTV DVR could record it (the first half was on ESPN, and I don't get cable).

I was surprised at how good the video looked. I have tried several other events in the past, and have always been disappointed, or completely unable to view it. Although, for the NCAA Final Four this year, I was finally able to actually watch a game after failing the last few years. I had to use Win2K within a VMware VM, but it did work.

The U.S. Open video worked directly from my Mac, had decent sized video, and was completely watchable on my laptop. Nice job USGA, NBC, etc.

What Cable Providers are afraid of

All these moves to charge per usage is going to blow up in their face.

They're worried this kind of usage will eat into their own TV viewership. What better way to prevent that from happening than by charging those who use it.

What will end up happening is customers will get in a tizzy and without suitable alternatives lawsuits will fly.

In the end either they'll have to abandon these plans or competition will be forced into the market.

Re:Oops.

Seriously, hundreds of gigabits across North America is a problem? 500 gigabits is approximately 62 GB.

that'll be per second.

Re:Match

I couldn't access the NBC stream at all.

Fortunately Hong Kong's Star Sports was accessible through Sopcast P2P.

That's awesome. Someone in the US (I assume you're in the US, since you referred to NBC and not some other network) had to watch a US sporting event by bouncing off a server in China.

The best part? It's not really all that impressive nowadays. But the entire concept was unthinkable to most people even 10 years ago.

Multicast.

Yep, this is exactly the sort of situation that IP Multicast was created for. It has been part of the IP RFCs [faqs.org] since forever. Maybe more incidents like this will convince more ISPs to configure their routers to support it, so we could start using it.