'Immense' network assault takes down Yahoo
by Martyn Williams
(IDG) -- In what company officials are describing as a "fast" and "intense" assault on its network, U.S.-based Web sites of Yahoo Inc. and some of its companion sites were unreachable for about three hours Monday.
"At 10:30 a.m. (Pacific Standard Time), it appears a Yahoo router experienced a distributed denial-of-service attack," a Yahoo spokesperson said on condition of anonymity. "We believe it was coordinated, coming from multiple points on the Internet."
It hit not only the main U.S. Yahoo site but also some companion sites, such as Yahoo Mail and the Yahoo-owned GeoCities Web site.
A denial-of-service attack doesn't involve breaking into the target Web site but simply overloading it -- or in this case the router connecting it to the rest of the Internet -- with so much fake traffic that it becomes unable to cope. Once this is achieved and the site is overloaded, genuine users find themselves unable to get connections. The distributed denial-of-service attack generates traffic from multiple points on the Internet.
The amount of data hitting the router took engineers at Yahoo by surprise.
"This was so fast and so intense that we couldn't even redirect our traffic," the spokesperson said. It was not until three hours later, at 1:30 p.m. PST, that the company began restoring access to most of its sites through the use of filters that removed most of the hostile traffic before it had a chance to hit the router.
"From what I gather from the engineers, this was immense," said Secret Fenton, a spokeswoman for GlobalCenter Inc., the company that hosts Yahoo's Web sites. "Nobody has ever seen one like this before. It was truly huge."
The outage, coming as it did in the middle of the U.S. business day, is likely to have affected millions of users. Together, Yahoo's family of Web sites attracted 42.4 million unique visitors in December 1999, according to Web audience measurement firm MediaMetrix Inc. This made it the second most popular Web family on the Internet after those of America Online Inc.
The Yahoo spokesperson was keen to emphasize that no user data was compromised during the attack and that its Web sites and systems were at no time hacked.
Engineers at both Yahoo and GlobalCenter are investigating the incident, and Fenton added that the companies aren't fully certain it was an attack, although at this stage in their investigation, all evidence points toward a distributed denial-of-service attack.
A denial-of-service attack took down the Web site of the FBI last May in one of last year's best known Internet attacks.
RELATED IDG.net STORIES:
The Web is a hacker's playground
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.