DirecTrack is Down! Pause Campaigns!

[jimbanks]

We are one of the "little guys" who run DT, based in the UK, so most of this shit happened when we were drinking beer, eating dinner and getting ready for the night shift.

We're still waiting to hear from DT that there was/is a problem and still waiting to hear what caused it and still waiting to hear what they are doing to fix it, and what they intend to do to compensate us for the poor service. As has been pointed out, whatever the cause, it could have been prevented, communication has been crap, and absolutely no disrespect to Jon, but if WF is the oracle on whether mission critical systems that run hundreds of millions of dollars of business through them are up or down then I really need to look at my SLA's in the contract. Hats off to Jon for breaking this and saving me a lot of money, next time you are in London Jon let's meet up for dinner on me and get Konrad along, will be worth it. This and the Facebook issue big +reps.

Although certain functions were restored for affiliates, we still, even now, can't access certain back end functions, no doubt as a result of tweaks they have made to the security settings, or that is what I think.

The issue of monitoring for uptime is a thorny one, you pay someone for a service, if you then have to pay someone else to monitor the people you are paying to provide the service it can quickly snowball out of proportion. We've looked at industrial strength url monitoring and the cost was double what we pay DT on a monthly basis.

Any company should have a disaster recovery plan. Clearly, ours sucked. We'll review it, change bits, add bits, put in some extra layers of checking and dig our hands in our pockets to compensate affiliates that clearly were affected by it, lick the wounds and move on. We extract the affiliate data from DT every day, so we could have got something out, but we didn't know what was happening, and if it's a 5 minute blip on our DNS we'd all lose a lot more money. Next time we might not wait, but we're screwed either way.

The issue of networks who don't run DT is this. Unless they have 100% exclusive offers and don't work with any of the top networks they will have been affected by association. Networks run each others offers.

Advertisers sites go down, affiliate sites go down, networks go down, but as long as we learn and we make good we should be OK right?

I'm frightened to go to bed now.

I should probably also let the thread die.........

 

[stumpyb]

I still don't understand why people think it's a good move to use something so centralized, not just DirectTrack, but any "hosted" application.

 

[PeerFly]

I still don't understand why people think it's a good move to use something so centralized, not just DirectTrack, but any "hosted" application.

Exactly! Of course, having a dedicated or virtual server for your website for hosting is one thing, but having your ENTIRE corporation dependent upon a single hosted application is drastically another.

There are so many alternatives out there, why people think that DT is the best option is hard to understand. I've developed networks around the DT system and it's so inherently shitty... not to mention the associated costs.

 

[Unarmed Gunman]

I've developed networks around the DT system and it's so inherently shitty... not to mention the associated costs.

Which networks have you developed around DT?

 

[joshmv]

Which networks have you developed around DT?

He was the one that made the white favicon image that DT always uses. Pretty sweet work if you ask me.

 

[PeerFly]

Which networks have you developed around DT?

CPArev.com Affiliate Network would be a good example.

 

[benzing]

DDOS ?

 

[johu]

I still don't understand why people think it's a good move to use something so centralized, not just DirectTrack, but any "hosted" application.

Any hosted application should not be centralized in one datacenter, no matter the excuse. There should always be remotely hosted enterprise DNS solutions, with end-servers in multiple datacenters that can effectively deal with DDOSes, both on the network side and the server side. It doesn't matter if the traffic looks legit, it should be handled by the DDOS-mitigation specializing host.

Anything less is BS.

 

[motivebrendan]

i see people asking what networks use and dont use DT i put a list here:

Direct Track Vs Non Direct Track - CPA Networks

As a network that does not use DT, i can say we did get a ton of calls of people looking to switch the offers over, and from talking to other non DT networks they got the same.

Hopefully that downtime did not crush too many people, and hopefully DT wakes up and makes some serious fixes.

 

[smaxor]

Pretty crazy that they could take down ALL DT networks. I understand ddos'ing a domain or server. But why does the whole system have to crumble as one person gets smacked around.

I haven't commented much on this, but honestly I pay these guys mid 5 figures a month and they have no support for the most part and just hosting fees. They can't take some of that money and hire someone to tell them how to distribute their platform so the whole thing doesn't going down when someone get's ddos'd? Fail over in the mind of any network admin should be first and foremost. Why does everything go through directtrack.com this makes the system easy to attack.

In the words of Mr. Cakes

http://www.nickycakes.com/wp-content/uploads/2008/03/affspy-failboat2.jpg

 

[PeerFly]

Pretty crazy that they could take down ALL DT networks. I understand ddos'ing a domain or server. But why does the whole system have to crumble as one person gets smacked around.

I haven't commented much on this, but honestly I pay these guys mid 5 figures a month and they have no support for the most part and just hosting fees. They can't take some of that money and hire someone to tell them how to distribute their platform so the whole thing doesn't going down when someone get's ddos'd? Fail over in the mind of any network admin should be first and foremost. Why does everything go through directtrack.com this makes the system easy to attack.

It's because it probably wasn't a ddos, or they don't have scattered servers. It amazes me.

 

[indeep]

I demoed this system and LOLed.

amazing how anyone is using this. amazing how no one has a knowledgeable tech to tell them its a POS inside and out and I would not be suprised if this was all hosted on the same network/data center.

 

[drunkenmantis]

Hey Smax - was wondering if Hit-path is being affected at all?
LinkTrust is still having issues - its almost like rolling blackouts so we are kinda up but then certain areas go down... I heard some new info after a call with Linktrust but im not sure the solution is going to happen b4 the weekend...

 

[turbolapp]

DDOS ?

GOOGLE?

 

[*DirectTrack*]

DirectTrack Facts:



There was a DDOS attack on many DirectTrack clients beginning at approximately 3:00pEST on February 4, 2009.

When the volume and complexity of the attack became unmanageable for our stage 1 and stage 2 lines of defense, all DirectTrack customer usage was redirected to our 3rd party DDOS vendor.

Our 3rd party DDOS partner applies filters to cleanse the bad traffic. Cleansed and secure traffic is then routed back to the DirectTrack data center.

Outage lasted less than 2 hours for the majority of customers. This is well below the average outage time for similar DDOS attacks on industry relevant platforms.

We handle many DDOS attacks monthly – this was the first one in 16 months that required an outage.

Every customer has redundant and real-time backups of their data and additional remote data center redundancy has been deployed for partners.

Over the past 12 months, DirectTrack customers have achieved .998 (99.8%) uptime.

See your network affiliate manager for specific issue resolution or answers to any other questions.

The DirectTrack Team

 

[audax]

Over the past 12 months, DirectTrack customers have achieved .998 (99.8%) uptime.

That's unacceptable considering how much you charge customers and how much traffic relies on your systems.

99.8% is nothing to brag about.

365 days * 24 hours = 8760 hours

8760 hours * 0.2% downtime = 17.5 hours of downtime

Your response clearly shows that you don't think this is your problem. You've only given an excuse and haven't outlined anything you are doing to show that this won't happen again.

 

[PeerFly]

When the volume and complexity of the attack became unmanageable for our stage 1 and stage 2 lines of defense, all DirectTrack customer usage was redirected to our 3rd party DDOS vendor.

Our 3rd party DDOS partner applies filters to cleanse the bad traffic. Cleansed and secure traffic is then routed back to the DirectTrack data center.

Your "3rd line of defense" should be your first. Especially with the prices you charge. Our network is in house and is protected from ddos 24/7. Obviously, you are a much bigger service and require loads of clusters and whatnot, but ddos protection should always be a main priority for the service you guys are giving. Those 2+ hours may have seemed small and insignificant to you, but hundreds of thousands of dollars were lost.

Your clients don't have service 17.52 hours a year? That's nearly a full day of service. Was that before or after this attack?

 

[drunkenmantis]

more bad news from linktrust!!!!

The Drama continues...


"Dear Partner,

Due to the volume of the attack and other efforts by those who would damage this industry, LinkTrust's domain was suspended by our registrar GoDaddy without warning at approximately 1:40 pm MST because it's IP address was listed with Spamhaus. No matter how unfair this action by GoDaddy, we have been granted a 24 hour window to move our domain to a new registrar. This momentary suspension by GoDaddy has caused an intermittent disruption in service that will be felt in various geographic locations depending on the time other DNS servers have set to cache our domain.

GoDaddy has assured us that they will return our domain momentarily.

We are in the process of moving our domain DNS and safe guarding it from further abuse and contacting Spamhaus to resolve the matter. This means that once our domain is moved, there will be zero tolerance with email that creates spam complaints using tracking links."

 

[johu]

The Drama continues...


"Dear Partner,

Due to the volume of the attack and other efforts by those who would damage this industry, LinkTrust's domain was suspended by our registrar GoDaddy without warning at approximately 1:40 pm MST because it's IP address was listed with Spamhaus. No matter how unfair this action by GoDaddy, we have been granted a 24 hour window to move our domain to a new registrar. This momentary suspension by GoDaddy has caused an intermittent disruption in service that will be felt in various geographic locations depending on the time other DNS servers have set to cache our domain.

GoDaddy has assured us that they will return our domain momentarily.

We are in the process of moving our domain DNS and safe guarding it from further abuse and contacting Spamhaus to resolve the matter. This means that once our domain is moved, there will be zero tolerance with email that creates spam complaints using tracking links."

Registrars should have no authority over suspending domains for crap like that, but that's a topic for another debate.

One network I have an account with that uses LinkTrust sent an email out that said that LinkTrust had gotten their DDOS issue under control, with their DDOS protection vendor Prolexic. Both DirectTrack and LinkTrust are using Prolexic for mitigation, interestingly enough.

 

[drunkenmantis]

Registrars should have no authority over suspending domains for crap like that, but that's a topic for another debate.

One network I have an account with that uses LinkTrust sent an email out that said that LinkTrust had gotten their DDOS issue under control, with their DDOS protection vendor Prolexic. Both DirectTrack and LinkTrust are using Prolexic for mitigation, interestingly enough.

Ya they sent that out as well - - i think they are using prolexic so that the FBI can monitor things easier... im not too sure how the co's are tied...