Campaign Kickstart

You might have heard about the problems Joe Lieberman’s campaign site suffered before the Primary election in 2006. While few can say exactly why that site went down, all agree that it was because of overwhelming CPU/Bandwidth usage. Was it a problem of not scaling to meet demands, or not locating the source of a vulnerability?

Outright cheapness is not what brought down the Lieberman website. On a Monday night the website went dark and email was suspended but early the next morning the site was back up, and they broadcasted an email to supporters before the site went dark again. I think that refutes all the theories about not paying the bill, or exceeding their bandwidth allotment and not buying more.

The Lieberman campaign contends, and indeed long before the site crashed on election day, they were the victim of a Distributed Denial of Service attack, or a DDoS, which may have been paired with an SQL insertion vulnerability. One possibility is they restored the website with the same vulnerability it contained the night before, and subsequently suffered a second attack.

A tool such as google code search could have scoured the public_html folder for database connection passwords and then even if the campaign did patch the hole in the site, or put up a blank page, they could have been getting inundated with database hits.

This would have quickly gobbled up all the bandwidth and server resources, forcing the provider to pull the plug on the site.

No one has shown me any evidence to disprove this theory, though some erroneously claim that since the mail server responded to smtp and pop attempts, the site must have still been functional.

Some would say his campaign should have had a system administrator, but he did have an internet consultant, which I think is all most sites really need. Chances are one person installed the CMS based website, another designed it, and another did updates. Maybe it even came down to a volunteer helping to setup the wireless network in the office. There wasn’t a compelling need for him to have an in-house Unix admin.

Most bystanders concluded that the campaign website was a victim of being too cheap for the services expected, which is true regardless of why the site went down. After all, he was paying $15 per month for his hosting, during one of the hottest Senate primary campaigns in the country.

It’s been said that you get what you pay for, but on the Internet there are so many choices that you really get what you choose. In Joe’s case, his hosting provider was reselling shared webspace on a cluster of servers managed by theplanet.com, with about 70 customers per server. In contrast, a large shared hosting provider like 1and1.com has hosted over 10 million domains on their own managed network.

So cost doesn’t always equal quality.