Security News > 2002 > November > Experts make changes to defend against Internet attacks

Experts make changes to defend against Internet attacks
2002-11-07 10:51 By TED BRIDIS, Associated Press WASHINGTON (November 6, 2002 4:39 p.m. EST) - Experts have made an important change to the 13 computer servers that manage global Internet traffic, separating two of them to help better defend against the type of attack that occurred last month. Verisign Inc., which operates two of the root servers, moved one computer overnight Tuesday to a different building in an unspecified location in northern Virginia and onto a different part of its network, company spokeswoman Cheryl Regan said Wednesday. Verisign said the change was designed to ensure that a hardware outage or focused attack targeting part of its network could not disrupt both servers. The last such move to any of the 13 servers occurred in 1997. The FBI is investigating an unusual electronic attack Oct. 21 that briefly crippled nine of the 13 servers, located throughout the United States and in three other countries. Seven failed to respond to legitimate network traffic and two others failed intermittently during the attack, which lasted about one hour. Service was restored after experts enacted defensive measures and the attack suddenly stopped. Verisign maintains that both root servers it operates were not among those overwhelmed during the attack, even though they were on the same part of its network. Most Internet users did not notice the attacks because the Internet's architecture was designed to tolerate such short-term disruptions, but many experts were surprised at the coordination and brief success of the attackers. In "denial of service" attacks, hackers traditionally seize control of third-party computers owned by universities, corporations and even home users and direct them to send floods of data at predetermined targets. FBI Director Robert Mueller said last week that investigators traced most of the attack traffic back to hacked computers in South Korea and the United States. This week's change was approved by the Commerce Department, said Louis Touton, an official with the Internet Corporation for Assigned Names and Numbers, the nonprofit organization that manages technical changes for the Internet under authority from the U.S. government. Verisign moved the server after it received approval for the change Monday, Regan said. The company first sought permission this summer. Microsoft Corp. discovered and fixed a similar architectural flaw on its own corporate network after attacks in January 2001 prevented millions of customers over two days from visiting the company's main Web sites. In that case, Microsoft discovered that all four of its key traffic-directing computers were on the same section of its network, allowing hackers to overwhelm them easily by sending floods of spurious data to that part of the network. - ISN is currently hosted by To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.

News URL