Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
9/22/2017 12:11:25 AM
Posted: 10/22/2002 6:39:05 PM EDT
[Last Edit: 10/22/2002 6:43:05 PM EDT by thebeekeeper1]
[url]http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html[/url] Attack On Internet Called Largest Ever By David McGuire and Brian Krebs washingtonpost.com Staff Writers Tuesday, October 22, 2002; 5:40 PM The heart of the Internet sustained its largest and most sophisticated attack ever, starting late Monday, according to officials at key online backbone organizations. Around 5:00 p.m. EDT on Monday, a "distributed denial of service" (DDOS) attack struck the 13 "root servers" that provide the primary roadmap for almost all Internet communications. Despite the scale of the attack, which lasted about an hour, Internet users worldwide were largely unaffected, experts said. FBI officials would not speculate on who might have planned or carried out the attack. David Wray, a spokesman for the FBI's National Infrastructure Protection Center (NIPC), said the bureau is "aware of the reports and looking into it." DDOS attacks overwhelm networks with an onslaught of data until they cannot be used. According to security experts, the incident probably was the result of multiple attacks, in which attackers concentrate the power of many computers against a single network to prevent it from operating. "This was the largest and most complex DDOS attack ever against the root server system," said a source at one of the organizations responsible for operating the root servers. Ordinary Internet users experienced no slowdowns or outages because of safeguards built into the Internet's architecture. A longer, more extensive attack could have seriously damaged worldwide electronic communications, the source said. Internet Software Consortium Inc. Chairman Paul Vixie said that if more servers went down, and if the hackers sustained their hour-long strike a bit longer, Internet users around the world would have begun to see delays and failed connections. Chris Morrow, network security engineer for UUNET, said "This is probably the most concerted attack against the Internet infrastructure that we've seen." UUNET is the service provider for two of the world's 13 root servers. A unit of WorldCom Inc., it also handles approximately half of the world's Internet traffic. DDOS attacks are some of the most common and easiest to perpetrate, but the size and scope of Monday's strike set it apart. Vixie said only four or five of the 13 servers were able to withstand the attack and remain available to legitimate Internet traffic throughout the strike. "It was an attack against all 13 servers, which is a little more rare than an attack against any one of us," he said. The server Vixie operates was available throughout the attack, he said. Internet addressing giant VeriSign Inc., which operates the most important server from an undisclosed Northern Virginia location, reported no outages. "VeriSign expects that these sort of attacks will happen and VeriSign was prepared," company spokesman Brian O'Shaughnessy said. Vixie said he was unwilling to compare the attack to others he has witnessed in more than two decades of involvement with Internet architecture, but said it was "the largest in recent memory." The root servers, about 10 of which are located in the United States, serve as a sort of master directory for the Internet. The Domain Name System (DNS), which converts complex Internet protocol addressing codes into the words and names that form e-mail and Web addresses, relies on the servers to tell computers around the world how to reach key Internet domains. At the top of the root server hierarchy is the "A" root server, which every 12 hours generates a critical file that tells the other 12 servers what Internet domains exist and where they can be found. VeriSign manages its servers under contracts with the Commerce Department and the Internet Corporation for Assigned Numbers (ICANN), which manages the DNS. One rung below the root servers in the Internet hierarchy are the servers that house Internet domains such as dot-com, dot-biz and dot-info. The DNS is built so that eight or more of the world's 13 root servers must fail before ordinary Internet users start to see slowdowns. "There are various kinds of attacks all the time on all sorts of infrastructure, and the basic design of the Internet is such that it is designed to withstand those attacks," said ICANN Vice President Louis Touton. "We're not aware of any users that were in any way affected. "Obviously the prevalence of attacks does make it important to have increased focus on the need for security and stability of the Internet," he added. Most often, the computers used in the DDOS assaults have been commandeered by hackers either manually or remotely with the help of automated software tools that scan millions of computers for known security holes. These computers often belong to unsuspecting home users. Little can be done to insulate targets from such attacks, and some of the world's most powerful companies have been targeted in the past. In February 2000, Amazon.com, eBay, Yahoo, and a host of other big-name e-commerce sites came to a grinding halt for several hours due to DDOS attacks. "Only the richest can defend themselves against this type of attack, and most of them can't withstand a concerted attack," said Alan Paller, research director at the SANS Institute, a nonprofit security research and training group that often works with federal investigators to track computer virus writers. Paller also was the lead expert witness at the trial of "Mafiaboy," the Canadian teenager who was ultimately convicted of the February 2000 attacks. "The only way to stop such attacks is to fix the vulnerabilities on the machines that ultimately get taken over and used to launch them," Paller said. "There's no defense once the machines are under the attacker's control." Vixie said he kept the server at Internet Software Consortium operating by "pushing" the flood of data far enough away from his servers that legitimate traffic could flow around the obstruction. Such clogs still affect some Internet users by gumming up Internet communications somewhere else in the network. UUNET's Morrow said it is too early to tell what the attack bodes for the Internet in coming months. "This could be someone just messing around, but it could also be something much more serious. It's too soon to say," Morrow said. washingtonpost.com Staff Writer Robert MacMillan contributed to this article. [red]Edit: Rather than locking this thread, I edited the racial slur out of the title. It doesn't matter what you think you smell, racial slurs violate the Conduct Code. Please refrain from using them. --thebeekeeper1[/red]
Link Posted: 10/22/2002 6:44:50 PM EDT
I didn't know that was a racial slur. Interesting, you learn something every day.
Link Posted: 10/22/2002 6:49:38 PM EDT
What was it that you said 646951357654687? Now it's got me interested. IM me if you don't mind.
Link Posted: 10/22/2002 6:49:57 PM EDT
Is "frenchman" also a slur? I looked it up on [url]www.m-w.com[/url] and it says this:
One entry found for Frenchman. Main Entry: French·man Pronunciation: 'french-m&n Function: noun Date: before 12th century 1 : a native or inhabitant of France 2 : one who is of French descent
View Quote
whereas the "other word" I posted has this entry:
Function: noun Date: 1789 often offensive : a native of China : CHINESE
View Quote
how is it that one is offensive and the other is not? english is a nifty language.
Link Posted: 10/22/2002 6:56:45 PM EDT
ok you got me interested too. what gives?
Link Posted: 10/22/2002 6:57:23 PM EDT
[Last Edit: 10/22/2002 7:00:18 PM EDT by Ponyboy]
I have to disagree beekeeper, that was not a racial slur. What do you call them, chinapeople? No, I got it, chinaguys. [;)]
Link Posted: 10/22/2002 8:13:31 PM EDT
Link Posted: 10/22/2002 8:21:21 PM EDT
[Last Edit: 10/22/2002 8:24:22 PM EDT by BOFH]
[peep] Ignoring the side convo… The root servers were almost gone today!!!!!! This is bad. For those of you that don't maintain a caching nameserver, you may want to put this entry into your hosts file for the ar15.com domain Name: www.ar15.com Addresses: 66.202.29.79, 66.202.29.77
Link Posted: 10/22/2002 8:23:21 PM EDT
Originally Posted By 1_153_370_371_407: ... FBI officials would not speculate on who might have planned or carried out the attack.
View Quote
... Thats because they're the ones working the hardest with the NSA to make this possible.
Link Posted: 10/22/2002 8:29:56 PM EDT
yes yes we all know it could have been locked for such a gross violation.[:D]
Link Posted: 10/22/2002 8:33:49 PM EDT
Originally Posted By Winston_Wolf:
Originally Posted By 1_153_370_371_407: ... FBI officials would not speculate on who might have planned or carried out the attack.
View Quote
... Thats because they're the ones working the hardest with the NSA to make this possible.
View Quote
????
Link Posted: 10/22/2002 8:43:12 PM EDT
[Last Edit: 10/22/2002 8:44:23 PM EDT by Winston_Wolf]
Originally Posted By JIMBEAM:
Originally Posted By Winston_Wolf:
Originally Posted By 1_153_370_371_407: ... FBI officials would not speculate on who might have planned or carried out the attack.
View Quote
... Thats because they're the ones working the hardest with the NSA to make this possible.
View Quote
????
View Quote
... Perhaps my tinfoils hat has a leak but I'm of the belief the once the SHTF those in control of the Government will not want civilians to contact with each other freely. Minimizes organization, innuendo and information exchange. ... Free sites like this will no longer be accessible.
Link Posted: 10/22/2002 10:27:58 PM EDT
[Last Edit: 10/22/2002 10:28:35 PM EDT by ProfGAB101]
A top level DOS attack is indiscriminate - It would hurt all internet users. If the Gov. tried to pull the plug on the web... TSHTF would happen - if they kept in down the economic impact would make 9-11 look like a hiccup. Gov. survives by taxing, no sales, no profits, no income = no tax revenue. Gov. is not stupid, it only acts that way.
Link Posted: 10/23/2002 2:51:02 AM EDT
At one time, I worked for this woman who was (and still is) an idiot. Anyhow, one day, she comes into my office and says 'next time you turn off the internet, could you please let me know'. The thing is, she was serious. She thought there was some sort of switch or something. So, I was going to go out and buy a red switch and a red light and put it on my wall with a sign the says "INTERNET SWITCH". That never happened, I got a new boss.
Link Posted: 10/23/2002 3:47:15 AM EDT
I still suspect the chinese are involved. ...and by that, i mean the red ones, over in china.
Link Posted: 10/23/2002 5:03:43 AM EDT
Originally Posted By thebeekeeper1: When the subject line contains a Member's speculation in the form of "I smell a Chinaman" that constitutes a racial slur. I could have locked it. I didn't. What is the beef? [>:/]
View Quote
I just don't see how that can be construed as a racial slur. If I said, "The internet was almost crashed today and I suspect someone from China did it" would that be a racial slur? It means the same thing. Frankly, I couldn't care less if you would have locked it or not, or the fact that you edited the title, it's not my place to debate such actions. I'm just not understanding how that is a slur.
Link Posted: 10/23/2002 5:06:18 AM EDT
I saw this on [url=http://slashdot.org/articles/02/10/22/2332233.shtml?tid=99]slashdot[/url] and thought it was interesting [i]I mean, if I were a terrorist and read this, I'd immediately start salivating and try to find out as much about Verisign as possible -- everything from employee car rentals and hotel rentals to phone calls, merchandise, shopping... id do everything in my power to find the 'undisclosed location'. Is this another weakness that hasn't truly been protected yet?[/i] Disclaimer, I work for VeriSign. This is a personal opinion, not company policy. The details of the disaster recovery scheme are of course confidential. However I can tell people that we did think about these issues during the design. We have always known that people might think the DNS was a single physical point of failure for the internet. That is why we designed it so that it is not. There are multiple locations. The 'A root' is NOT a single machine. There are actually multiple instances of the A root with multiple levels of hotswap capability. Incidentally it is no accident that the VeriSign root servers stayed up. They were designed to handle loads way beyond normal load. The ATLAS cluster is reported to handle 6 billion transactions a day with a capacity very substantially in excess of that. Even if all the A roots were physically destroyed the roots can be reconstructed at other locations. Basically all that is needed is a site with a very fast internet connection. In the case of a major terrorist attack AOL or UUNet or even an ARPAnet node could be comandered. The root could even be moved out of the country entirely, British Telecom is a VeriSign affiliate, there are also several other affiliates with nuclear hardened bunkers. Most Americans have only been thinking about terrorism since 9-11. VeriSign security was largely designed by people who thought about terrorism professionaly, unless of course they were in charge of securing nuclear warheads. All a terrorist could do is to kill a lot of people, there is absolutely no single point of failure. Even if the entire constellation is destroyed it would result in an outage of no more than a day given the resources that would become available in the aftermath.
Link Posted: 10/23/2002 6:33:55 AM EDT
Originally Posted By Winston_Wolf:
Originally Posted By JIMBEAM:
Originally Posted By Winston_Wolf:
Originally Posted By 1_153_370_371_407: ... FBI officials would not speculate on who might have planned or carried out the attack.
View Quote
... Thats because they're the ones working the hardest with the NSA to make this possible.
View Quote
????
View Quote
... Perhaps my tinfoils hat has a leak but I'm of the belief the once the SHTF those in control of the Government will not want civilians to contact with each other freely. Minimizes organization, innuendo and information exchange. ... Free sites like this will no longer be accessible.
View Quote
...I got the first time because I was of the same mindset, WW, my friend,may I call you my friend?[:D]
Link Posted: 10/23/2002 6:42:11 AM EDT
Link Posted: 10/23/2002 6:46:12 AM EDT
There was an earlier thread where a member questioned the number of hits his firewall had gotten. I saw a unbelievably large number of Sql-server attacks on Saturday and Sunday was almost continuous attemps to activate the sub-seven trojan horse. IMHO, what we are seeing is not just script kiddies anymore. These attacks are organized and sophisticated.
Link Posted: 10/23/2002 6:55:10 AM EDT
Originally Posted By Ire: At one time, I worked for this woman who was (and still is) an idiot. Anyhow, one day, she comes into my office and says 'next time you turn off the internet, could you please let me know'.
View Quote
[url]http://www.turnofftheinternet.com/[/url]
Link Posted: 10/23/2002 7:30:46 AM EDT
Originally Posted By thebeekeeper1: To answer your question--no, that would not be a slur. Read them, there is a significant difference that you do not need me to point out.
View Quote
Well, I guess I just don't get it then. They sound like the same thing to me, at least I would take both sentences the same way. You're the boss though, so I'll defer to your judgement. [:)]
Link Posted: 10/23/2002 7:33:13 AM EDT
It was Islamic Terrorists!!!!!! Trying to stop the great satan from online shopping, porno & mp3s!!!! Those Vile Bastards!
Link Posted: 10/23/2002 7:34:27 AM EDT
Originally Posted By Kar98:
Originally Posted By Ire: At one time, I worked for this woman who was (and still is) an idiot. Anyhow, one day, she comes into my office and says 'next time you turn off the internet, could you please let me know'.
View Quote
[url]http://www.turnofftheinternet.com/[/url]
View Quote
You jackass.....that's a pretty good one. I'll have to remember that. [;)]
Link Posted: 10/23/2002 7:43:40 AM EDT
Link Posted: 10/23/2002 8:20:22 AM EDT
beekeeper we have you surrounded, keep your hands away from the keyboard. now step down from that high horse with your hands in plain view. book him dano, charge pc in the first degree.[:D]
Top Top