WikiLeaks, Demonoid, and security site felled by crude (but potent) attacks

What do WikiLeaks, Demonoid, and security website KrebsOnSecurity have in common? They've all been the target of crippling denial-of-service attacks carried out over the past two weeks by faceless enemies determined to punish the sites for viewpoints or services they find objectionable.

Radical transparency website WikiLeaks is going into its sixth day of being largely unreachable, thanks to a torrent of junk traffic that makes it impossible for supporters to access the site. It's no modest achievement, since the outage extends to most of WikiLeaks's mirror sites and at times to Defense Fund Net Neutrality, the French non-profit agency that serves as one of the sole ways for supporters to fund the whistleblower site.

Life hasn't been easy for security journalist Brian Krebs, either. In recent days, his site has also buckled under the weight of a series of web attacks. One of them comes in the form of a large number of computers bombarding his servers with multiple requests per second to load the same story. Other attacks relied on a technique known as DNS reflection, in which miscreants use misconfigured domain name system servers to flood a target with IP address lookups. The method is popular with attackers because a single spoofed request to a DNS server can increase the amount of data at the targeted website 70-fold.