ad info




CNN.com
 MAIN PAGE
 WORLD
 U.S.
 LOCAL
 POLITICS
 WEATHER
 BUSINESS
 SPORTS
* TECHNOLOGY
   computing
   personal technology
 SPACE
 HEALTH
 ENTERTAINMENT
 BOOKS
 TRAVEL
 FOOD
 ARTS & STYLE
 NATURE
 IN-DEPTH
 ANALYSIS
 myCNN

 Headline News brief
 news quiz
 daily almanac

  MULTIMEDIA:
 video
 video archive
 audio
 multimedia showcase
 more services

  E-MAIL:
Subscribe to one of our news e-mail lists.
Enter your address:
Or:
Get a free e-mail account

 DISCUSSION:
 message boards
 chat
 feedback

  CNN WEB SITES:
CNN Websites
 AsiaNow
 En Español
 Em Português
 Svenska
 Norge
 Danmark
 Italian

 FASTER ACCESS:
 europe
 japan

 TIME INC. SITES:
 CNN NETWORKS:
Networks image
 more networks
 transcripts

 SITE INFO:
 help
 contents
 search
 ad info
 jobs

 WEB SERVICES:

COMPUTING

From...
Computerworld

The denial-of-service aftermath

Image

February 14, 2000
Web posted at: 9:23 a.m. EST (1423 GMT)

by Ann Harrison

(IDG) -- Attorney General Janet Reno announced earlier this week that the FBI has launched an investigation into the source of the denial-of-service attacks. Reno said the U.S. Department of Justice still doesn't know who instigated the attacks, where they originated, how many computers were involved or the motives of the perpetrators.

But they were effective. "We experienced 1GB/sec., and we can handle 100M bit/sec. on a typical strong day operating at 30% capacity. During the attack, we had eight to 10 times regular capacity, and no one can sustain that," said Greg Hawkins, CEO of Buy.com Inc. in Aliso Viejo, Calif.

 RESOURCES
Check here to see how a denial of service attack works.
 
  ALSO
Paranoia strikes deep at Web's top spots

Consulting firm says its server was used to attack AOL

Transcript: A chat with Avi Rubin about Internet Security and Denial of Service attacks

Denial of service hackers take on new targets

Justice Department wants more funds to fight cyber crime

TIME: Classic Hackers Decry Heavy-Handed Upstarts

Net execs to meet with Clinton

 
  MESSAGE BOARD
 Insurgency
 

Hawkins said the attack, which came from multiple locations, overwhelmed the site's monitoring software, which scans for unusual traffic loads and blocks invasions from one IP address.

U.S. Department of Commerce Secretary William M. Daley warned that sites remain vulnerable. "There is no surefire defense," said Daley, who appealed to the computer industry to improve security monitoring and intrusion response to detect malicious code before it can do damage.

"It points to vulnerabilities that need to be addressed in the new world we are going to," said Daley. "The private sector has a greater stake in making sure there are protections than we do."

The online assaults began Monday on Santa Clara, Calif.-based Yahoo Inc.'s Yahoo.com, which was blasted with packet traffic at 1GB/sec. -- more than some Web sites receive in a year. The site was down for three hours. On Tuesday, San Jose-based eBay Inc., Seattle-based Amazon.com Inc., Buy.com and Atlanta-based CNN.com were hit with the same type of attack. Palo Alto, Calif.-based ETrade Group Inc. and ZDNet Group in San Francisco were the victims on Wednesday.

In addition, Excite@Home suffered a brief denial-of-service attack this week, according to a company spokeswoman. The attack began around 7 p.m. PST and lasted less than an hour.

The Department of Defense is also investigating this week's hack attacks. Navy Rear Admiral Craig Quigley said all elements of the DOD have been ordered to examine their computers worldwide to ensure they weren't used as hosts for the denial-of-service attacks.

"But so far, we have not seen anything. We certainly continue to watch," Quigley said during a DOD briefing.

Despite Daley's insistence that the attacks came without warning, the incidents followed a pattern of well-documented, distributed denial-of-service attacks. In each case, sites have been targeted with a high volume of packets using falsified Internet addresses, which made the source of the attack hard to trace. Distributed denial-of-service attacks embed malicious code in weakly defended computers to create entire networks of master machines and subnetworks of slave machines.

MORE COMPUTING INTELLIGENCE
IDG.net   IDG.net home page
  CERT warns of networked denial-of-service attacks
  Cyberassaults hit Buy.com, eBay, CNN and Amazon
  Keep hackers out of your Web site
  A primer: How the hackers attack
  Reviews & in-depth info at IDG.net
  E-BusinessWorld
  Year 2000 World
  Questions about computers? Let IDG.net's editors help you
  Subscribe to IDG.net's free daily newsletter for IT leaders
  Search IDG.net in 12 languages
  News Radio
  * Fusion audio primers
  * Computerworld Minute

Many of the attacks have targeted large Internet service providers and the hosts of the high-profile sites. Gary Grossman, director of security research and development at Santa Clara, Calif.-based Exodus Communications Inc., said this isn't the first denial-of-service attack directed toward his customers. Buy.com is an Exodus client.

"We host 40% of the major sites on the Internet, and so statistically, we are going to see a good fraction of those," said Grossman. "It's not infrequent. It just means that we have to do more sophisticated analysis and have a wider range of addresses that we filter for."

But David Remnitz, CEO of Ifsec LLC, a New York-based information security firm, noted that this strategy only works up to a point. If the attackers shut off the original master hosts that are used in the attacks and assign false IP addresses to another set of attack hosts, the problem will continue. "I am basically chasing my tail if I put in filtering to identify the spoofed addresses but not (to) identify the culprit," said Remnitz.

Remnitz said government and private-sector cyberwarfare experts have known about distributed denial-of-service attack tools for almost a year (see "CERT warns of networked denial of service attacks," link below). "We had 12 to 14 months for the tools to get out there and (be) built up," said Remnitz. "There could be a very large number of attacking hosts waiting to launch instructions."

According to a White House spokesman, a meeting will be held Tuesday with high-tech executives to discuss Internet security on the heels of recent hack attacks. White House Chief of Staff John Podesta will chair the meeting, and Attorney General Janet Reno is expected to attend.


RELATED STORIES:
Consulting firm says its server was used to attack AOL
February 11, 2000
FBI agents focus on university, business computers as cyber-attack launch pads
February 10, 2000
Denial of service hackers take on new targets
February 9, 2000
Cyber-attacks batter Web heavyweights
February 9, 2000
'Immense' network assault takes down Yahoo
February 8, 2000
Legendary computer hacker released from prison
January 21, 2000

RELATED IDG.net STORIES:
CERT warns of networked denial-of-service attacks
(Computerworld)
New wave of denial-of-service attacks hit Web
(Computerworld)
Cyberassaults hit Buy.com, eBay, CNN and Amazon
(Computerworld)
'Immense' network assault takes down Yahoo
(Computerworld)
Keep hackers out of your Web site
(Computerworld)
The hacker in all of us
(Computerworld)
A primer: How the hackers attack
(PC World Online)
Diary of a hack attack
(Network World Fusion)
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.

RELATED SITES:
Yahoo!
Exodus Communications, Inc.
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
 LATEST HEADLINES:
SEARCH CNN.com
Enter keyword(s)   go    help

Back to the top   © 2001 Cable News Network. All Rights Reserved.
Terms under which this service is provided to you.
Read our privacy guidelines.