From...

by Martyn Williams

(IDG) -- In what company officials are describing as a "fast" and "intense" assault on its network, U.S.-based Web sites of Yahoo Inc. and some of its companion sites were unreachable for about three hours Monday.

"At 10:30 a.m. (Pacific Standard Time), it appears a Yahoo router experienced a distributed denial-of-service attack," a Yahoo spokesperson said on condition of anonymity. "We believe it was coordinated, coming from multiple points on the Internet."

MORE COMPUTING INTELLIGENCE

IDG.net home page

Thieves try to hit online bank

Shopping-cart glitch could give hackers a discount

Top 5 intrusion detection downloads

'Zombies' clogging networks

Reviews & in-depth info at IDG.net

E-BusinessWorld

Year 2000 World

Questions about computers? Let IDG.net's editors help you

Subscribe to IDG.net's free daily newsletter for IT leaders

Search IDG.net in 12 languages

News Radio

Fusion audio primers

Computerworld Minute

It hit not only the main U.S. Yahoo site but also some companion sites, such as Yahoo Mail and the Yahoo-owned GeoCities Web site.

A denial-of-service attack doesn't involve breaking into the target Web site but simply overloading it -- or in this case the router connecting it to the rest of the Internet -- with so much fake traffic that it becomes unable to cope. Once this is achieved and the site is overloaded, genuine users find themselves unable to get connections. The distributed denial-of-service attack generates traffic from multiple points on the Internet.

The amount of data hitting the router took engineers at Yahoo by surprise.

"This was so fast and so intense that we couldn't even redirect our traffic," the spokesperson said. It was not until three hours later, at 1:30 p.m. PST, that the company began restoring access to most of its sites through the use of filters that removed most of the hostile traffic before it had a chance to hit the router.

"From what I gather from the engineers, this was immense," said Secret Fenton, a spokeswoman for GlobalCenter Inc., the company that hosts Yahoo's Web sites. "Nobody has ever seen one like this before. It was truly huge."

The outage, coming as it did in the middle of the U.S. business day, is likely to have affected millions of users. Together, Yahoo's family of Web sites attracted 42.4 million unique visitors in December 1999, according to Web audience measurement firm MediaMetrix Inc. This made it the second most popular Web family on the Internet after those of America Online Inc.

The Yahoo spokesperson was keen to emphasize that no user data was compromised during the attack and that its Web sites and systems were at no time hacked.

Engineers at both Yahoo and GlobalCenter are investigating the incident, and Fenton added that the companies aren't fully certain it was an attack, although at this stage in their investigation, all evidence points toward a distributed denial-of-service attack.

A denial-of-service attack took down the Web site of the FBI last May in one of last year's best known Internet attacks.