[GTER] Fw: Experts make changes to defend against Internet attacks

Thu Nov 7 16:15:01 -02 2002

fyi

[]s
le


> http://www.nandotimes.com/technology/story/609017p-4702120c.html
> 
> By TED BRIDIS, Associated Press 
>  
> WASHINGTON (November 6, 2002 4:39 p.m. EST) - Experts have made an
> important change to the 13 computer servers that manage global
> Internet traffic, separating two of them to help better defend against
> the type of attack that occurred last month.
> 
> Verisign Inc., which operates two of the root servers, moved one
> computer overnight Tuesday to a different building in an unspecified
> location in northern Virginia and onto a different part of its
> network, company spokeswoman Cheryl Regan said Wednesday.
> 
> Verisign said the change was designed to ensure that a hardware outage
> or focused attack targeting part of its network could not disrupt both
> servers.
> 
> The last such move to any of the 13 servers occurred in 1997.
> 
> The FBI is investigating an unusual electronic attack Oct. 21 that
> briefly crippled nine of the 13 servers, located throughout the United
> States and in three other countries. Seven failed to respond to
> legitimate network traffic and two others failed intermittently during
> the attack, which lasted about one hour.
> 
> Service was restored after experts enacted defensive measures and the
> attack suddenly stopped. Verisign maintains that both root servers it
> operates were not among those overwhelmed during the attack, even
> though they were on the same part of its network.
> 
> Most Internet users did not notice the attacks because the Internet's
> architecture was designed to tolerate such short-term disruptions, but
> many experts were surprised at the coordination and brief success of
> the attackers.
> 
> In "denial of service" attacks, hackers traditionally seize control of
> third-party computers owned by universities, corporations and even
> home users and direct them to send floods of data at predetermined
> targets.
> 
> FBI Director Robert Mueller said last week that investigators traced
> most of the attack traffic back to hacked computers in South Korea and
> the United States.
> 
> This week's change was approved by the Commerce Department, said Louis
> Touton, an official with the Internet Corporation for Assigned Names
> and Numbers, the nonprofit organization that manages technical changes
> for the Internet under authority from the U.S. government.
> 
> Verisign moved the server after it received approval for the change
> Monday, Regan said. The company first sought permission this summer.
> 
> Microsoft Corp. discovered and fixed a similar architectural flaw on
> its own corporate network after attacks in January 2001 prevented
> millions of customers over two days from visiting the company's main
> Web sites.
> 
> In that case, Microsoft discovered that all four of its key
> traffic-directing computers were on the same section of its network,
> allowing hackers to overwhelm them easily by sending floods of
> spurious data to that part of the network.
> 
>