Lessons learned from 'Net root server attack

Most corporate Web sites and IP networks couldn't withstand the ferocity of the latest attacks
Page:

There's some good news and some bad news for corporate network managers about the latest Internet root server attack.

The good news is that the Internet demonstrated once again that it is the most resilient network infrastructure ever built. Companies shouldn't be afraid to put mission-critical applications such as voice and streaming video on the `Net because of these attacks, security experts say.

The bad news is that that the Internet continues to be a target for vandals and criminals, particularly those looking to make money through extortion, fraud or theft. Experts say that most corporate Web sites and IP networks couldn't withstand the ferocity of the latest attacks.

"These attacks weren't that substantial," says Danny McPherson, chief research officer for Arbor Networks, which provides detection services for these types of attacks. "They've gotten a lot of attention, but they're not as significant as the attacks we see every day against our customers, which are much more targeted and more damaging."

Steve Bellovin, an Internet security expert and professor of computer science at Columbia University, agrees.

"I'd be more worried about somebody trying to target my corporation than somebody trying to target the infrastructure because no one corporation has the kind of replication and bandwidth that the infrastructure has at this point," Bellovin says.

Last Tuesday, an attack was launched against three of the Internet's 13 root servers, which oversee the Internet's Domain Name System. The DNS is a global distributed database system that matches domain names with corresponding IP addresses.

Three root servers -- operated by the Defense Department, the Internet Corporation for Assigned Names and Numbers (ICANN) and the Widely Integrated Distributed Environment (WIDE) Project -- were inundated with phony requests from a group of compromised PCs, called a botnet.

Page:
More about: Arbor Networks, CERT, ICANN, Internet Corporation for Assigned Names and Numbers, Resilience, RSA, VeriSign
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Whitepapers
Latest Stories
Community Comments
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/14/gimp/

GNU Image Manipulation Program (GIMP)

When you think Open Source software, you may think of half-baked programs too hard to use, or perhaps lacking power. Well, think again. This Open ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia