The Lieberman campaign is on a whine attack, claiming the Lamont people "hacked" their site.

If they did, get the FBI on it and the guilty parties should be charged and tried.

But the Lieberman campaign has no evidence that the Lamont campaign had anything to do with it.

I'd be willing to bet that their website host couldn't keep up with increased traffic demands. Covering for their own incompetence, they're blaming it on "hackers".

Daily Kos is under constant Denial of Service attacks. Usually it just slows the site down, on rare instances, it actually brings it down for a few minutes. But then I have competent people working for me, and my web host is run by competent people who can fight off DoS attacks against their clients with little effort.

To claim this is somehow an orchestrated attack by "bloggers" or the Lamont campaign is absolutely ridiculous.

I'd like to see it all backed up with actual evidence, but of course, that's not what this is about. This is a last-minute smear job to cover their own incompetence and that of their vendors.

Stoller has an email from a tech guy offering actual facts. Bottom line? It's not a DoS attack, and Lieberman's web company is incompetent.

1.  Unless and until Lieberman's hosting provider releases his logfiles (gateway router, www server, mail server, DNS server) for forensic review, all of this is speculation.

2.  Using the following information:

a. the site has been down for 18 hours

b. email to (and from?) Joe2006.com addresses has been affected

c.  Joe2006.com and mail.joe2006.com resolve to IP 69.56.129.130

d.  the reverse lookup on that IP is 82.81.3845.static.theplanet.com

e.  joe2006.com now forwards to http://server1.myhostcamp.com/
suspended.page/

3.  It's highly unlikely this is a true DoS of DDoS attack.  This is because we can ping all the IPs noted above and we can see the page at http://server1.myhostcamp.com/.... page.  If this was a real DoS or DDoS attack, we'd not be able to see any of this and their servers would not be answering their ping at  an average of 50ms (millisecond) per packet.  True attacks bring down servers, routers and networks.  From all available outside evidence this does not appear to be the case.

4.  Here what might have happened:

a.  Web traffic spikes as national focus on the campaign grows

b.  Based on (2b) above, if the webserver is throttled by traffic (due to actual traffic or poor response tuning or an attack or a combination of the three), this would also affect mail delivery to joe2006.com.  It could also affect outbound mail if users on that domain use that address for SMTP service.

c.  The server is most likely a shared one, since the name, server1.myhostcamp.com, implies lots of other hosts live on it.

5.  Regardless of the explanation (3 or 4), here is what you do when that happens:

a.  You grab your local backup (you do have a local backup of your files (both scripts and database snapshots, right?).

b.  You find a host that specialized in high bandwidth hosting and you get an account going ASAP.  There are plenty of ISPs that would take your money to expedite this.

c.  You move your files up, test that everything is working

d.  You redirect your DNS so that Joe2006.com points to you new
server; this change doesn't take very long to propagate because you make sure that the DNS update uses a very low TTL (time to live).

e.  If needed, you separate your mailserver mail.joe2006.com from
your webserver joe2006.com/www.joe2006.com so as to keep your mail up and going.

Steps a-e can be accomplished, especially with the kind of site Joe had up and running before this incident (nothing particularly
complex), in less than an hour or so by a competent sysadmin.

Update: The Lamont campaign immediately offered its technical staff (they have competent ones) to the Lieberman campaign to help get their site back up. But the Lieberman campaign refused.

Lieberman's people aren't interested in their crappy website working. They're interested in one last smear.