Attack on Internet Called Largest Ever

[Balandar]

http://www.acm.org/technews/articles/2002-4/1023w.html#item1

"Attack on Internet Called Largest Ever"

Technews.com (10/22/02); McGuire, David; Krebs, Brian

What key online backbone organization officials are calling the largest and most sophisticated attack ever on the Internet's root servers disrupted eight or nine of the 13 computers that control global Internet flow late Monday afternoon for about an hour. The distributed denial of service (DDoS) attack, which began at around 5:00 p.m. EDT and ended abruptly about an hour later, went largely unnoticed by users as the Internet continued to function normally thanks to safeguards built into the Internet's architecture. The FBI says it is looking into the incident but, there are no suspects so far. Internet Software Consortium Chairman Paul Vixie said, "It was an attack against all 13 servers, which is a little more rare than an attack against any one of us." The Internet's 13 root server computers, about 10 of which are located in the U.S., control the worldwide flow of data over the Internet via the Domain Name System (DNS). VeriSign operates the "A" root server, which twice a day provides the other 12 root servers with the Internet domain information that is used to route Web traffic. VeriSign says that server was unaffected by the attack. Although the DNS was designed to operate even if eight or more of the 13 servers fail, Vixie says that had the attack lasted longer, Internet use would likely have been disrupted. DDoS attacks are hard to defend against; SANS Institute research director Alan Paller says, "The only way to stop such attacks is to fix the vulnerabilities on the machines that ultimately get taken over." Others say more needs to be done to ensure the safety and stability of the Internet.

http://www.washingtonpost.com/wp-dyn/artic...-2002Oct22.html