Akamai “War” Stories Bruce Maggs.

Slides:



Advertisements
Similar presentations
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
Advertisements

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Engineering a Content Delivery Network COMPSCI 214 Computer Networks and Distributed Systems Bruce Maggs.
Akamai OS War Stories Bruce Maggs Gratuitous Quote of the Day Well you’re not hardcore (No you’re not hardcore) Unless you live hardcore (Unless.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
The netperf.net Inter-provider Network Performance Monitoring Project Avi Freedman
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.
Mapping Internet Addresses to Physical Addresses (ARP)
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
1 Chapter06 Mobile IP. 2 Outline What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution?
Website Presentation Written By Mark Brady. Website Advantages Company services can be activated from the customers home, or literally anywhere. Users.
NATs and UDP Victor Norman CS322 Spring NAPT Suppose we have a router doing NAT: half is the “public side”, IP address ; other half is.
Security at NCAR David Mitchell February 20th, 2007.
Birgit Bonham: Prospect High School ARP….or What’s your MAC address?
Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.
Role Of Network IDS in Network Perimeter Defense.
Group project Sept 23 Page 322, Review Questions. Explain your answers! Not just one word or letter. Write a few sentences on why/how. Question numbers.
Akamai “War” Stories Bruce Maggs. Akamai’s First Network Connection We moved into our offices at 201 Broadway at midnight, December 1, 1998, and built.
1 Internetworking Outline Best Effort Service Model Global Addressing Scheme.
NT1210 Introduction to Networking
Matt Jennings.  What is DDoS?  Recent DDoS attacks  History of DDoS  Prevention Techniques.
Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 
19.1 Chapter 19 Network Layer: Logical Addressing Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Lecture 9 Page 1 CS 236 Online Firewalls What is a firewall? A machine to protect a network from malicious external attacks Typically a machine that sits.
25/09/2016 INASP: Effective Network Management Workshops Unit 6: Solving Network Problems.
WEL-COME Facebook Customer Care Number Facebook Customer Care Number For more information visit :-
Mobile IP Lecture 5.
Akamai “War” Stories Bruce Maggs.
LESSON Networking Fundamentals Understand TCP/IP.
Traceroute traceroute is a Unix utility designed by Van Jacobson in 1987 The Windows equivalent is called tracert The Linux equivalent is called tracepath.
Mobile IP.
CISC103 Web Development Basics: Web site:
Akamai “War” Stories Bruce Maggs.
Password Management Limit login attempts Encrypt your passwords
or call for office visit,
How to Fi
7 Network Layer Part IV Computer Networks Tutun Juhana
Networking for Home and Small Businesses – Chapter 6
Troubleshooting IP Communications
Spoofing Basics Presentation developed by A.F.M Bakabillah Cyber Security and Networking Consultant MCSA: Messaging, MCSE RHCE ITIL CEH.
Mr C Johnston ICT Teacher
Subject Name: Computer Communication Networks Subject Code: 10EC71
Networking for Home and Small Businesses – Chapter 6
Internet Control Message Protocol (ICMP)
How to resolve the not working issue of Yahoo mail?
CS 457 – Lecture 10 Internetworking and IP
CISC103 Web Development Basics: Web site:
Senior Design III – Spring 2011 Levi Lynch
Internet Protocol Version4
What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.
Internet Control Message Protocol (ICMP)
Dr. John P. Abraham Professor UTPA
Internetworking Outline Best Effort Service Model
Dr. John P. Abraham Professor UTPA
TRANSMISSION CONTROL PROTOCOL
Akamai “War” Stories Bruce Maggs.
Follow the Data Data (and information) move from place to place in computer systems and networks. As it moves it changes form frequently. This story.
Akamai “War” Stories Bruce Maggs.
Bruce Maggs relying on materials from
Networking for Home and Small Businesses – Chapter 6
The Troubleshooting theory
Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation
Homework 8 Operating Systems CS 3430 Sarah Diesburg.
Internet Safety With Bill And Dave
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
Akamai “War” Stories Bruce Maggs.
Bruce Maggs relying on materials from
Mobile IP Outline Intro to mobile IP Operation Problems with mobility.
The Evolution of a Content Delivery Network: A 21-Year Perspective
Presentation transcript:

Akamai “War” Stories Bruce Maggs

Akamai’s First Network Connection We moved into our offices at 201 Broadway at midnight, December 1, 1998, and built our first cluster that night. An important potential investor was coming to visit on December 2. But our Internet service provider didn’t show up on December 1! We had to engineer a solution!

Lost in Space The most worrisome attack we ever faced: One of our servers was receiving properly authenticated messages from an unknown host Fortunately, the messages were not formatted properly and were discarded After two days of investigation, we discovered that the “attacker” was an old Akamai server that we had lost track of It had been sending these messages for months!

David is a Night Owl Your servers aren’t responding! Why don’t you support half-closed connections? Why don’t you support “transactional” TCP? (Why would transactional TCP be bad for Akamai?)

The Dreaded Double Header http://images.xyz.com/logo.gif - customer has delegated images.xyz.com to Akamai, registered image server http://images.xyz.com/images.xyz.com/logo.gif - didn’t work for Dave, but worked for me! Akamai server strips off first header, sends GET /images.xyz.com/logo.gif to customer image server 5 of 8 customer image servers had been patched to ignore /images.xyz.com

Steve can’t see the new Powerbook Steve’s assistant Eddie explains the problem I spend all night poring through the logs Eddie sneaks into Steve’s office Mystery solved

Packet of Death Akamai servers take care of each other A router in Malaysia is taking down our whole system! The mysterious 570-byte MTU The “final” Linux 2.0 kernel isn’t so final 2.0.36 (Nov. 1998)  2.0.37 (June 1999)

The “Magg Syndrome” We “hijack” a customer’s site? I become the most hated person on the Internet We isolate the problem (nine months of work) Nobody cares?

BIND Miseries Open-source DNS server code Messy, buggy implementations Our customers still run old versions! BIND 4.8 TTL issue Refresh attempt when 15 minutes left Success if new list of IP’s overlaps with old list of IP’s Otherwise, refuse to resolve for next 15 minutes!

We can’t see the pictures on our site! Customer can view its web pages, but none of the pictures served by Akamai are displayed. The rest of the world can’t access the site. (Because it was hosted in their office building, which lost Internet access.) Lingering doubt about the day Akamai didn’t serve the images…

Don’t do this at home Irate end user threatens to go to police Akamai is attacking my home system! It’s in the logs. It all began in a Yahoo! chat room Have your lawyers call our lawyers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.