Twenty-Four Seven Security

Peter Schooff

New Shield Protects the Internet

user-pic
By Peter Schooff on March 12, 2007 1:02 PM 0 0 Vote 0 Votes

As I blogged about it here, a DDOS (distributed denial of service) attack on the backbone of the internet in February inevitably had little effect. This is in thanks to new protection technology the Internet Corporation for Assigned Names and Numbers said in a recently published document.

DNS serves as the address book of the internet, which maps all the text-based domain names to the numeric IP addresses of the servers connected to the internet, and vice versa. A DDOS attack attempt to take down targeted servers by overwhelming them with an onslaught of traffic from multiple sources, usually from compromised PCs and botnets.

The Internet sustained a significant distributed denial-of-service attack, originating from the Asia-Pacific region, but stood up to it," said the ICANN document.

The attack lasted almost 8 hours and targeted 6 of the 13 root DNS servers. The good news is that only 2 of the 6 were noticeably affected, and both machines affected did not have the new shield, known as Anycast, installed, as the technology was still being tested.

With Anycast now proven, it is likely to encompass the remaining D, E, G, H, and L roots, the ICANN document stated (the letters referring to 5 of the 13 root DNS servers that did not have Anycast installed).

The root DNS servers are at the top of the DNS hierarchy and only get accessed if other DNS serves, like those at an Internet service provider, have a faulty or incorrect address for a certain website. The 13 servers are spread out across the globe and are physically located in 100 different locations.

Anycast was developed after a similar DDOS attack in 2002, which managed to bog down 9 of the 13 root servers. While the internet continued to run, the 2002 attack served as a wake-up call. If the DNS system does go down, email would be undeliverable and web sites would be unreachable.

The one scary prospect about past February’s attack: some experts were wondering if it was just a test run. But with Anycast now tested and installed, it seems the internet is safe, for now.

No TrackBacks

TrackBack URL: http://www.ebizq.net/MT4/mt-tb.cgi/10793

Leave a comment

Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

Peter Schooff

Peter Schooff is Managing Editor at ebizQ. Peter is also very popular blogger in IT Security space. Prior to this Peter managed the database operations for a major cigar company, served as writer/editor of an early internet entertainment site, and also developed a computer accounting system for several retail stores. Peter can be reached at pschooff (at) ebizQ.net and at (914) 712-1500 ext. 273.


Recently Commented On

Monthly Archives

ADVERTISEMENT