Sunday | 31 August, 2008
Computerworld
Lessons learned from 'Net root server attack
Most corporate Web sites and IP networks couldn't withstand the ferocity of the latest attacks
Carolyn Duffy Marsan (Network World) 12/02/2007 13:33:45
Page:

Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data , Trend Micro , SafeNet , Revelation Software , GFI , MessageLabs , CA , 3Com
Related Features
  • +

    Process Trip 04/02/2008 13:07:03

    Why Maritz Travel revamped key business processes — and how business and IT came together to make it work
    When Rich Phillips became COO OF Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the big industry picture
  • +

    Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15

    Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
    Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
  • +

    Order Takers to Innovators 02/10/2007 15:20:08

    How four CIOs energized their staffs to take risks with new technology and generate fresh value for their businesses
    When David Behen became IT director for Washtenaw County, Michigan, the department was little more than an order-taker. And not a very good one. It was kind of like the waiter who makes you wait, then brings the entree with the mains and brings you a bottle of Grange when you asked for a carafe of the house red
  • +

    Your World. . . Hacked 02/10/2007 10:51:23

    As your business becomes more collaborative and global, the risks to your company’s trade secrets rise proportionally. Fortunately, there are new strategies to protect the data that allows you to compete
    The call to Bob Bailey, an IT executive with a major US government contractor, came on an otherwise ordinary day in October 2003. "Why are you attacking us?" demanded the caller, an IT leader with a Silicon Valley manufacturer. He wanted to know why Bailey's company had launched a denial-of-service attack against his network
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Zones
Zone logoZones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

Sign up for our Computerworld newsletters!
Computerworld's twice-daily news service keeps you in touch with the latest, most important headlines from Australia and around the world.
Keep up with the latest virtualisation technologies, products, news and features.
RSS Feeds

Michael Witt, deputy director of US-CERT's cybersecurity section, who spoke at a panel discussion at the RSA Conference last week, said the DNS root server attack was targeted at three root servers, known as G, L and M. "G is the military's top-level domain," Witt said. According to information at the US-CERT Web site, L operates on behalf of ICANN, and M is dedicated to the WIDE Project.

"The attacks didn't impact the root-level servers," Witt said. "They continued to do their job. The Department of Defense had no impact toward degradation on their network."

Witt said mitigation of the attack was carried out with the help of the North American Network Operators Group. "We worked closely with those in the organization to minimize that attack," he said.

While these three root servers were disrupted by the botnet attack, 10 other root servers worked fine. Overall, the Internet's service suffered little disruption, and few corporate users even noticed that the attacks were happening.

"This attack was maybe one-tenth of the size of earlier attacks that we've seen on the DNS infrastructure," McPherson says. "It wasn't really that large, and it started tapering off quickly. More importantly, the user experience was not that far degraded."

This was the first major attack against the root servers since 2002, when all 13 root servers were targeted in a more severe distributed denial-of-service (DOS) attack.

"The oddest thing about this attack is that it happened at all," Bellovin says. "We haven't had any major pure vandalism attacks in the last few years. The energy in the hacking world has shifted to a profit motive. Most of the DDOS attacks we see are for extortion. Sports gambling sites are especially affected."

Howard Schmidt, former White House cybersecurity adviser and now president and CEO of Issaquah, Washington-based R&H Security Consulting, said the fact that the attack on the DNS root servers this week had no perceivable impact on the public indicates how resilient the underlying system is. "But we shouldn't let our guard down," Schmidt says.

Schmidt recalled how the massive attack in February 2002, when he was White House cyber-security adviser, also had no perceivable public impact but it did draw attention to the potential for grave consequences in loss of the Internet.

"We didn't find out who was doing it in 2002," Schmidt says. "Until we catch the people doing it, we'll never know their motivation."

Page:
Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data , Trend Micro , SafeNet , Revelation Software , GFI , MessageLabs , CA , 3Com
More about Internet Corporation for Assigned Names and Numbers, CERT, ICANN, Resilience, Arbor Networks, RSA, VeriSign
Market Place
Software & Systems Quality Conferences: 30 – 31 October 2008 in Canberra. Book now!
Discover trends in the B2B infrastructure market in 2008 | Download new Gartner white paper now.
Download now for free Security whitepapers !!
Discover the latest web security SaaS solutions | Download new IDC white paper to lessen your IT burden
Free Forrester Report on Ubiquitous mobility download now.
WIN a printing technology upgrade worth $20k* with HP MFPs! >> CLICK HERE TO ENTER.
Computerworld Webinar | Business Mashups - Building the Intelligent Organisation by Empowering Users | 11am Tues 16th Sep 08
Harness ‘The Power of Collaboration’. Register now for Cisco Networkers 2008 and stay informed on industry changing technologies.
Computerworld Webinar | Learn how to deliver value to your business through IT Service Management | 4th Sept 11am

Computerworld Member Login


 

Prioritizing Services with IT Service Management (ITSM)

Computerworld Live Webinar
Wednesday 20th, August 2008
11:00am EST (Sydney, Australia)

To be repeated on:

Thursday 4th, September 2008
11:00am EST (Sydney Australia)

Sign up and receive a free copy of The Forrester WaveTM Service Desk Management Tools, Q2 2008 at the conclusion of the Webinar.

Attend and discover:

  • How to deliver value to your business through ITSM
  • Best practice ITSM implementation
  • Why emphasis is changing from optimizing IT management processes to better servicing customers and demonstrating real dollar value
  • If service-oriented ITSM is best for your business
Whitepaper
Wireless LANs: Is my enterprise at risk?

Read Whitepaper

Wireless LANs: Is my enterprise at risk?

Achieve an overall understanding of the risks associated with wireless LANs. Discover their inherent properties, as well as what makes them different from wired networks. Read on to uncover a list of recently published articles on real-life breaches and incidents illustrating the need for proactive measures to mitigate wireless security risks.

Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links