A developer named Danny Guo has shared a narrative of the time his cat alerted him to a DDoS attack.
In a put up on his private website, Guo revealed that he as soon as labored at a startup that was but to develop a proper on-call rotation.
He additionally revealed that his cat would sometimes groom his hair. “She did it sometimes, and I optimistically took it as an indication that she really appreciated me and did not simply tolerate me.”
But the cat did not often do that type of factor at 3am. Which it did on the day of the DDoS.
“In 9 years, that was the one time she did it whereas I used to be sleeping.”
The grooming woke Guo, who rolled over and picked up his cellphone to examine the time – and located “an AWS CloudWatch alert had gone off a pair minutes in the past due to unhealthy targets for our load balancer.”
Guo tried to go to his firm’s web site and located it didn’t load.
“I groaned and went to log onto my work laptop computer,” he wrote, and located “an enormous variety of requests coming from many IP addresses that had been related to totally different international locations.”
This was odd as a result of his then-employer solely made its merchandise available within the United States.
All that visitors from elsewhere was a DDoS.
Guo tried to repair it.
“My first and never nice thought was to dam IP addresses on the server degree, which might have been tedious and probably ineffective if the attacker had considerably extra supply IP addresses to make use of,” Guo wrote. “But then I remembered that we had already arrange AWS Web Application Firewall.”
He created a rule to dam requests from international locations apart from the US, and an hour later the DDoS visitors had all been deflected, the web site he labored on grew to become available, and the overseas visitors tailed off.
Guo thinks he discovered the supply of the attack – an e mail despatched to a buyer assist inbox that landed at about the identical time because the DDoS began.
“With horrible grammar, the sender claimed to have discovered a vulnerability with our web site that crashed Apache, which we did not even use,” Guo wrote. “They mentioned they stopped all visitors to our web site and will preserve it that approach for months” – for the very affordable worth of $5,000 in Bitcoin.
“We did not reply, although on reflection, it may have been enjoyable to attempt to troll them,” he wrote.
To at the present time, Guo is not certain why his cat determined to wake him on that night time.
“You would possibly guess that the AWS alert induced my cellphone to vibrate or make a sound, waking my cat up first,” he wrote.
If that is your guess, you are mistaken. Guo retains his cellphone in don’t disturb mode throughout the night time.
“I similar to to assume that in some way, she sensed one thing was mistaken that could not wait till the morning. It was definitely a extra nice option to be woken up than by a blaring PagerDuty alarm.” ®