Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

DDoS attack creates major Internet outages


  • Please log in to reply
2 replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:22 AM

Posted 16 June 2004 - 09:43 AM

DDoS attack creates major Akamai and Internet DNS Problems
http://www.incidents.org/diary.php?date=2004-06-15

Starting at around 8:30 am EDT (12:30 UTC), a number of sources started to report a widespread Akamai DNS issue. Large web sites, which use Akamai for its DNS service, no longer resolved in DNS, and became inaccessible to their users. The affected sites were Yahoo, Google, Microsoft, FedEx, Xerox, Apple and likely many others. The situation improved around 10:30 EDT, mainly because some of the affected domains temporarily switched from using Akamai DNS servers to their own DNS servers.

The problems seem to be attributable to a DDoS attack on Akamai's DNS servers, though we do not presently have the information to make a definitive assessment. According to the Akamai spokesperson, the problem was not limited to Akamai. He attributed the outage to an attack on the Internet infrastructure on a larger scale. We do not currently know of any sites that were affected by the attack without using Akamai's services.

CLICK ON THESE LINKS FOR MORE:

NANOG mailing list

Washington Post article

BC AdBot (Login to Remove)

 


#2 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:22 AM

Posted 18 June 2004 - 02:49 PM

Akamai's official press release
http://www.akamai.com/en/html/about/press/press459.html

CAMBRIDGE, Mass. - June 16, 2004 - A widely reported, distributed denial of service attack yesterday impacted Akamai Technologies, Inc. (NASDAQ: AKAM), the global leader in distributed computing solutions and services. The incident, which took place between approximately 8:30 AM ET and 10:45 AM ET on Tuesday, June 15th, was caused by a sophisticated, large-scale attack that Akamai identified as being targeted at specific Web sites that are Akamai customers.

In response to earlier reports by a third-party website measurement service that inaccurately portrayed the impact of the attack on specific Web sites, Akamai released today the following information (based on Akamai's over 1,100 total customers under long-term services contracts):

* The domain name service impact was limited to approximately 4 percent of the Akamai customer base
* 2 percent had noticeable impact
* Less than 1 percent of Akamai customers had a significant impact affecting more than 20 percent of their users



#3 harrywaldron

harrywaldron

    Security Reporter

  • Topic Starter

  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:07:22 AM

Posted 23 June 2004 - 11:58 AM

Last week, Akamai's DNS servers were DDoS targets that slowed large customer sites. The attacks are still being investigated and reveal a higher degree of sophistication than seen in the past.

Akamai Attack Reveals Increased Sophistication
http://www.computerworld.com/printthis/200...4,93977,00.html

An attack last week against Akamai Technologies Inc. demonstrated the disruption of key Web site activity that a well-placed assault on the Internet's Domain Name System can cause. The incident also revealed a troubling capability on the part of hackers to target core Internet infrastructure technologies, security experts said. Several major customers of Akamai's DNS hosting services, including Microsoft Corp., Yahoo Inc. and Google Inc., suffered brief but severe Web performance slowdowns on June 15 as a result of a large-scale attack on Akamai's DNS servers. Keynote Systems Inc., a San Mateo, Calif.-based third-party Web site performance measurement firm, said that in some cases, availability of affected sites dropped to nearly zero for a brief period.

"Akamai is not a two-bit operation. These guys are designed to stay up. They are huge and well distributed, so it doesn't add up," said Bruce Schneier, chief technology officer at Counterpane Internet Security Inc. in Mountain View, Calif. "My guess is that it [was] some kind of an internal failure within Akamai or maybe a targeted attack against them by someone with insider knowledge and access."

Moreover, there was no suspicious Internet traffic or DNS patterns to suggest that such a massive and distributed attack had taken place, said Craig Labovitz, director of network architecture at Arbor Networks Inc., a Lexington, Mass., provider of DoS mitigation technologies. Arbor's network monitoring tools are installed on several carrier networks around the world. In any case, the event was marked by being a step beyond "simple bandwidth attacks" on individual Web sites to more sophisticated targeting of core upstream Internet routers, DNS servers and bandwidth bottlenecks, according to Labovitz. "It's a fairly scary escalation," Labovitz said. "What we are seeing is a shift away from completely brain-dead attackers to folks who know a little bit about the network topology, trace routes and about where the DNS might live" on a network, he said.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users