ad info
   personal technology

 Headline News brief
 news quiz
 daily almanac

 video archive
 multimedia showcase
 more services

Subscribe to one of our news e-mail lists.
Enter your address:
Get a free e-mail account

 message boards

CNN Websites
 En Español
 Em Português


Networks image
 more networks

 ad info




The denial-of-service aftermath


February 14, 2000
Web posted at: 9:23 a.m. EST (1423 GMT)

by Ann Harrison

(IDG) -- Attorney General Janet Reno announced earlier this week that the FBI has launched an investigation into the source of the denial-of-service attacks. Reno said the U.S. Department of Justice still doesn't know who instigated the attacks, where they originated, how many computers were involved or the motives of the perpetrators.

But they were effective. "We experienced 1GB/sec., and we can handle 100M bit/sec. on a typical strong day operating at 30% capacity. During the attack, we had eight to 10 times regular capacity, and no one can sustain that," said Greg Hawkins, CEO of Inc. in Aliso Viejo, Calif.

Check here to see how a denial of service attack works.
Paranoia strikes deep at Web's top spots

Consulting firm says its server was used to attack AOL

Transcript: A chat with Avi Rubin about Internet Security and Denial of Service attacks

Denial of service hackers take on new targets

Justice Department wants more funds to fight cyber crime

TIME: Classic Hackers Decry Heavy-Handed Upstarts

Net execs to meet with Clinton


Hawkins said the attack, which came from multiple locations, overwhelmed the site's monitoring software, which scans for unusual traffic loads and blocks invasions from one IP address.

U.S. Department of Commerce Secretary William M. Daley warned that sites remain vulnerable. "There is no surefire defense," said Daley, who appealed to the computer industry to improve security monitoring and intrusion response to detect malicious code before it can do damage.

"It points to vulnerabilities that need to be addressed in the new world we are going to," said Daley. "The private sector has a greater stake in making sure there are protections than we do."

The online assaults began Monday on Santa Clara, Calif.-based Yahoo Inc.'s, which was blasted with packet traffic at 1GB/sec. -- more than some Web sites receive in a year. The site was down for three hours. On Tuesday, San Jose-based eBay Inc., Seattle-based Inc., and Atlanta-based were hit with the same type of attack. Palo Alto, Calif.-based ETrade Group Inc. and ZDNet Group in San Francisco were the victims on Wednesday.

In addition, Excite@Home suffered a brief denial-of-service attack this week, according to a company spokeswoman. The attack began around 7 p.m. PST and lasted less than an hour.

The Department of Defense is also investigating this week's hack attacks. Navy Rear Admiral Craig Quigley said all elements of the DOD have been ordered to examine their computers worldwide to ensure they weren't used as hosts for the denial-of-service attacks.

"But so far, we have not seen anything. We certainly continue to watch," Quigley said during a DOD briefing.

Despite Daley's insistence that the attacks came without warning, the incidents followed a pattern of well-documented, distributed denial-of-service attacks. In each case, sites have been targeted with a high volume of packets using falsified Internet addresses, which made the source of the attack hard to trace. Distributed denial-of-service attacks embed malicious code in weakly defended computers to create entire networks of master machines and subnetworks of slave machines.

  CERT warns of networked denial-of-service attacks
  Cyberassaults hit, eBay, CNN and Amazon
  Keep hackers out of your Web site
  A primer: How the hackers attack
  Reviews & in-depth info at
  Year 2000 World
  Questions about computers? Let's editors help you
  Subscribe to's free daily newsletter for IT leaders
  Search in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Many of the attacks have targeted large Internet service providers and the hosts of the high-profile sites. Gary Grossman, director of security research and development at Santa Clara, Calif.-based Exodus Communications Inc., said this isn't the first denial-of-service attack directed toward his customers. is an Exodus client.

"We host 40% of the major sites on the Internet, and so statistically, we are going to see a good fraction of those," said Grossman. "It's not infrequent. It just means that we have to do more sophisticated analysis and have a wider range of addresses that we filter for."

But David Remnitz, CEO of Ifsec LLC, a New York-based information security firm, noted that this strategy only works up to a point. If the attackers shut off the original master hosts that are used in the attacks and assign false IP addresses to another set of attack hosts, the problem will continue. "I am basically chasing my tail if I put in filtering to identify the spoofed addresses but not (to) identify the culprit," said Remnitz.

Remnitz said government and private-sector cyberwarfare experts have known about distributed denial-of-service attack tools for almost a year (see "CERT warns of networked denial of service attacks," link below). "We had 12 to 14 months for the tools to get out there and (be) built up," said Remnitz. "There could be a very large number of attacking hosts waiting to launch instructions."

According to a White House spokesman, a meeting will be held Tuesday with high-tech executives to discuss Internet security on the heels of recent hack attacks. White House Chief of Staff John Podesta will chair the meeting, and Attorney General Janet Reno is expected to attend.

Consulting firm says its server was used to attack AOL
February 11, 2000
FBI agents focus on university, business computers as cyber-attack launch pads
February 10, 2000
Denial of service hackers take on new targets
February 9, 2000
Cyber-attacks batter Web heavyweights
February 9, 2000
'Immense' network assault takes down Yahoo
February 8, 2000
Legendary computer hacker released from prison
January 21, 2000

CERT warns of networked denial-of-service attacks
New wave of denial-of-service attacks hit Web
Cyberassaults hit, eBay, CNN and Amazon
'Immense' network assault takes down Yahoo
Keep hackers out of your Web site
The hacker in all of us
A primer: How the hackers attack
(PC World Online)
Diary of a hack attack
(Network World Fusion)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

Exodus Communications, Inc.
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.