|
News for 021200
contributed by Code Kid
Early reports indicate that Excite may have been hit with a denial of
service attack early this morning. Some evidence seems to suggest that
AOL has also been hit however neither has yet been confirmed.
More information on the attacks is now becoming available as sites
recover from the attacks. After further investigation Yahoo has said
that they have been able to determine that they actually suffered four
separate attacks prior to the one that took them offline. All the
attacks had a large distributed smurf component to them. Other sites
have reported single sourced syn-attacks which may indicate copy cat
activity. Of the several attacks against Yahoo only the one beginning
at 10:30am PST on Monday had any noticeable effect. The massive amount
of traffic generated, in excess of 1G bits/sec, took down one router
and when it recovered Yahoo lost all routing to their upstream ISP. Due
to earlier network hardware problems investigators believed this to be
the reason for the outage at first. After completely pulling the plug
from their upstream ISP, Yahoo was able to stitch things back together
and finally realized that they had been under a widely distributed DoS
attack. The attacker(s) seemed to know about the network topology and
planned this large scale attack in advance. Global Center, the Yahoo
ISP, is now throttling all forms of ICMP until they can determine the
best configuration to prevent future attacks.
|
contributed by Frank
Mixter, based in Germany and the author of Tribal Flood Network, has
granted several interviews. He has said that using his tools to create
such attacks "is quite easy".
Heise -
German
ZD
Net
|
contributed by suthercj
The National Infrastructure Protection Center has reissued its advisory
concerning Distributed Denial of Service attacks. The advisory was
originally issued in December of 1999.
FBI.gov
|
contributed by Evil Wench
"We might have to pass some legislation to get even tougher" on
computer
crime, Senate Judiciary Committee Chairman Orin Hatch, R-Utah, said
Wednesday. Hatch intends to hold a hearing sometime in March to
determine whether current laws give law enforcers the "tools that they
need" to prosecute computer crime offenses.
News
Bytes
|
contributed by Weld Pond
Yesterday HNN published an excellent overview of Denial of Service
Attacks in general. In case you missed it we will link to it again.
Have Script, Will Destroy (Lessons in
DoS)
David Dittrich has performed an excellent job dissecting some of the
various attacks and the tools that enable them in extreme detail. You
can find David's analysis of these tools at:
Trinoo
Tribe
Flood Network
Stacheldraht
|
contributed by n
A rather funny political cartoon that pretty much sums up many peoples
feeling on this matter has been posted.
Cartoon
|
contributed by Lady Sharrow
The UK Government came under fire on Thursday from the internet
community after it published a Bill to regulate covert surveillance.
The critics say the legislation, if passed, could lead to innocent
people being sent to jail simply because they have lost their data
encryption codes. The Regulation of Investigatory Powers Bill covers
the monitoring and the interception of communications by law
enforcement and security agencies. It will, for example, lay down the
legal rules that must be followed by the police and security services
when they tap someone's phone.
BBC
|
contributed by n
The British and US Governments are to be sued in France after claims
that the countries have spied on French companies, diplomats and
political officials. Lawyers are planning a class action suit after
confirmation last
week that a global eavesdropping spy network exists.
The
Times UK
|
contributed by Evil Wench
Not that she ever really went away but the Melissa virus reappeared
Thursday afternoon clogging the email systems of Washington's Snohomish
County government's e-mail system.
Nando
Times
|
contributed by Anonymous
They are lots of and lots of rumors floating around the internet right
now. Most of which can not be confirmed. Some of them are pretty far
out/funny/weird etc. Remember these are only rumors and have not been
confirmed.
February 8th: The attacks coincide to the day President Clinton signed
the Telecommunications Act of 1996 into law.
A group known as the "Sovereign Anarchist Internet Militia" has claimed
responsibility however their story does not match up with actual
events.
Many of the attacks where actually perpetrated with the help
of an insider at each company.
These attacks are actually the result of a security company trying to
drum up business.
Microsoft is behind it all to promote the better security of MS
Windows 2000.
The FBI is doing it to get more money from Congress.
Now that Kevin Mitnick is out of jail he must be the culprit.
Remember these are only rumors and have not been confirmed.
|
|
|