You may have already heard, but someone’s been messing with in an electronic kind of way. Jerks. It’s a great resource, and it sucks that it’s being messed with. Makes the site hard to use.

For those with the ability, here’s how to set up a mirror site.

Here’s a list of the existing mirror sites I’m aware of, from off the site last time it loaded (it doesn’t always, just now). They request that folk use the closest one to them, I don’t know why.

Asia and Australia





Eastern US

Southern US

A February 5, 2007, article from the International Herald Tribune had this to say:

“Online Marxist archive blames China for electronic attacks

If ever there was a believer in the power of the written word, it was a best- selling author and former librarian, Mao Zedong.

As Mao explained to an early chronicler of his life, Edgar Snow, “Three books especially deeply carved my mind, and built up in me a faith in Marxism, from which, once I had accepted it as the correct interpretation of history, I did not afterward waver.” Those books, he said, were a book about the history of socialism, a book about the history of class struggle and “The Communist Manifesto” by Karl Marx and Friedrich Engels.

According to the Marxist Internet Archive at, an online community that produces and organizes an ever-growing Marxist library, the wheel has turned full circle.

People at the site say they suspect the Chinese government is behind computer attacks that are jeopardizing the site’s ability to provide Marxist texts, and might force the library to stop providing material written in Chinese.

“We are not 100 percent sure this is the Chinese government; there are a lot of possibilities,” said Brian Basgen, who has worked on the archive since 1990. But he noted that the archive had been temporarily banned by the Chinese government before, about two years ago.

“There is a motive,” he said. “They have done it to us in the past. What they are doing is targeting just the Chinese files.”

Since January there have been hundreds of “denial of service attacks,” Basgen said, 99 percent of which emanate from China. The attacks involve a computer trying to download the same document over and over again, until it prevents others from accessing the archive.

He said the site has managed to stay ahead of the attackers by creating “mirror sites” around the world, but the attacks have prevented the archive from updating its collection.

Since the Chinese government has banned the archive before, this raises the question of why it would use computer attacks.

Also, security experts say that computers in China can be exploited by people outside the country, making the attacks appear to come from China, because those computers often lack sophisticated protections.

Basgen said the purpose of the attacks seemed to be to motivate the archive to sacrifice its Chinese-language material to keep the rest of the archive available.

It is a move the archive may have to consider, he said.

While some might find it odd that the government created by Mao’s Communist Revolution would be behind an effort to deny access to the texts so important to its founding, Basgen said he did not.

“It is ironic for people who don’t know what is going on in China,” he said. “The Chinese so-called Communist government has nothing to do with communism. It has been going toward capitalism for a long time.”

The Marxist archive does not even consider Mao to be a true Marxist. He is considered a “reference writer,” along with other authors like Adam Smith, Stalin and Jean-Jacques Rousseau. Basgen said Mao was excluded because he failed a key question: “Did he serve to liberate working people?”

Here’s what the site itself had to say:

“Important information about the current state of MIA

Februar 9, 2007: On January 13th the MIA server was taken down by a sustained denial of service attack from China. You can still access MIA thanks to our mirror servers, who have overcome the Chinese attackers. Please note that any e-mail sent to will not work until we have our new server setup by March 1st.”

The UK mirror site said

“January 17, 2007: The MIA server has recently been attacked, which caused severe downtime and hardware failure. Furthermore, our service provider is abruptly closing down on February 1st. Therefore, the MIA server will not be highly available over the course of the next three weeks, and we recommend you use a mirror. Also note that e-mail to MIA volunteers will not be reliable, or may not even be functional, so important e-mails should be held until mid-February, when we are up and running with a new server.”


“January 10 – 13: Sporadic reports come in from volunteers in Australia and Asia that the MIA is not accesible for a few hours, and then comes back.
First attack

January 15: MIA detects a series of DoS (Denial of Service) SYN floods from various Chinese networks. Unlike the attacks of the previous few days, these are constant. These attacks cause our server to have a kernel panic and crash. Just as soon as the server reboots, the SYN floods [CVE-1999-0116] cause another crash, and this continues constantly.

First, we write a crude script that blocks every SYN flood attempt, every minute. This is successful only for a short period, as the sheer number of Chinese IPs sending the SYN floods is too large to overcome. Next, we figure out that the SYN floods are exploiting a vulnerability in the Linux kernel (version 2.4.23), and we rebuild the Linux kernel to version 2.4.34, which overcomes these attacks. Meanwhile, the nature and origin of the attack, our previous history with the Chinese government (censorship, etc), and the experience of others suggest that this maybe politically motivated and directed by the Chinese government.
1 hour sample of attacking IP origins China Railway Telecom, Beijing CNC Group, Liaoning Province Network, Liaoning China Net, Guangdong Province Network, Guanzhou China Net, Changsha Node Network China Net, Shandong Province Network, Jinan Xinhua News Agency CNC Group, Beijing Province Network, Beijing Nanjing Medical University, Nanjing Jiangsu Province Network, Nanjing China Net, Jiangsu Province Network, Jiangsu China Railway Telecom Center, unknown city

At this point, however, our 4 year old server heaves under the strain. The string of constant reboots has taken its toll: the server reports a Machine Check Exception of a CPU context corruption, causing further crashes. This process further bludgeons the damaged server, and subsequent boots cause a failure in the RAID, forcing a rebuild of the array. During further crashes, one of the disks fails, causing future rebuilds of the array to be quite hopeless.

Ironically, MIA had planned to purchase a new server in 2007, since our server was 4 years old, and our life expectancy for the server had nearly arrived. This attack forced this process to double, but another disaster would soon strike.

January 16: In order to buy a new server, we needed to speak to our hosting provider and ISP, CCCP. We had been trying to contact CCCP for several months, to no avail, but after an urgent appeal, we finally recieved a response: CCCP is shutting down on February 1st. This, at least, explained our difficulties in contacting them!

To recount events to date: first, we are attacked by China; second, our server hardware fails; third, our hosting provider is shutting down in two weeks.

Late in the day, after reviewing several options, we resolve on the kind of server to buy to meet our needs.

January 17: After a long search consisting of about 12 different options for colocation, we find one that suits our high bandwidth needs at a reasonable, low cost.

January 18: After three days of debate, MIA votes 14 to 4 to include notice indicating that the source of the attacks was likely the Chinese government.

January 20: is redirected to our mirror servers. On the following day, a round robin DNS is setup between three MIA mirrors.
Second attack

January 21-24: Mirror sites find a change in tactics, now a more crude Denial of Service attack is launched: Chinese sources download in mass material from the Chinese section. The German mirror combats this by limiting the number of connections to the server. Nevertheless, server load remains extremely high. “