The Blog

Where's Al Jazeera?

The English-language version website of the Arab news network disappeared moments after going live. What happened?

3:25 PM, Apr 2, 2003 • By KATHERINE MANGU-WARD
Widget tooltip
Single Page Print Larger Text Smaller Text Alerts

THE ENGLISH-LANGUAGE version of Al Jazeera's website was test-launched early last week, but became inaccessible almost immediately and has been down ever since. It appears that American hackers are the most likely culprits. (For a brief period last week, those who tried to access the site were referred to a page with a notice that read "Hacked by Patriot, Freedom Cyber Force Militia" and a logo containing the American flag.)

But what does it mean when reports say the site has been the target of a "data bombing" or "denial of service attack"--and is that really what's keeping the site off the Internet?

On the day the site was launched, the search engine Lycos reported that "Al Jazeera" was the number one search term, beating out Oscar coverage, and even "sex." And Google, the leading search engine, said "Al Jazeera" was the term that showed the greatest increase in the week ending March 31.

"We expected a rise in war-related search terms but we were interested to see some more unexpected terms rising to the top," Karl Gregory, the director of marketing for the search engine AltaVista, said Monday.

In fact, an Al Jazeera web engineer suggests the enormous interest in the site is to blame for its inaccessibility, not interference by hackers. He said the site could not handle the traffic it received early on and that nearly four million people clicked through in two hours. The site would not have been overwhelmed, he implied, if Al Jazeera has not been the only source for controversial footage of captured and executed U.S. and British prisoners.

Today visitors receive a message telling them the page is "unavailable" or "forbidden," suggesting that its servers, located in the United States and France, have been subject to a denial-of-service attack.

But what does that mean? And why hasn't it happened to other sites like, say, CNN.com?

Denial of service attacks happen when a network or server is flooded with too much traffic. The server is unable to distinguish between legitimate requests and traffic generated by the hacker. When the finite amount of data that a web server is equipped to handle is exceeded, the site is forced simply to deny access to everyone.

To execute such an attack, a hacker breaks into a computer system and loads it with a denial of service program and other tools. That system then locates other vulnerable systems and passes on a program which turns them into additional weapons for the attack. The hacker uses the first system to instruct the other systems to send a flood of data, broken up into ordinarily manageable pieces called "packets," to the targeted site simultaneously and continuously. Since very few ordinary DSL or cable connections are sufficiently protected, they can easily become "zombies" and be used to attack another system or website.

High profile sites that are considered vulnerable protect themselves with firewalls, but a firewall alone will not thwart a determined data bomber. Intrusion detection systems (IDS) are often employed to analyze network traffic patterns and warn of possible attacks. But there is no foolproof way to protect against denial of service attacks because the Internet's structure requires a server to reply to every request it receives, regardless of the source. And since extreme popularity and data bombing yield the same overload symptoms, outside observers have no way of knowing the source of continued problems for a site such as Al Jazeera's.

Joanne Tucker, the managing editor of Al Jazeera's English site, said they would be back online today, but the site remained unavailable at the time of publication.

Katherine Mangu-Ward is a reporter at The Weekly Standard.