You probably didn’t notice, but the Internet suffered a set of attacks on its infrastructure today stronger than anything seen since 2002.
There are 13 primary “Root” servers that serve as the authoritative domain name to IP address naming devices for the whole Internet. All other Domain Name System (DNS) Servers update their mapping tables from these root servers either directly or indirectly through some number of intermediaries. 3 of the 13 root servers were pounded Tuesday and temporarily overwhelmed. The attack was focused on boxes serving public domain spaces like .org and the US Department of Defense (apparently .mil but unclear from the wire reports).
The 12 hour attack was reported as a reasonably straightforward denial of service attack, but was remarkable mostly in scope and volume of data slamming down the pipes into 3 key servers. More on ZD News, the BBC or more interestingly on LittleGreenFootballs where the back and forth comments are much more fun to read.
Here’s the story:
WASHINGTON – Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002.
Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet. Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet’s most vital pipelines.
The motive for the attacks was unclear, said Duane Wessels, a researcher at the Cooperative Association for Internet Data Analysis at the San Diego Supercomputing Center. “Maybe to show off or just be disruptive; it doesn’t seem to be extortion or anything like that,†Wessels said.
Other experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea.
The attacks appeared to target UltraDNS, the company that operates servers managing traffic for Web sites ending in “org†and some other suffixes, experts said. Officials with NeuStar Inc., which owns UltraDNS, confirmed only that it had observed an unusual increase in traffic.
Among the targeted “root†servers that manage global Internet traffic were ones operated by the Defense Department and the Internet’s primary oversight body.
Check it out, with comments from the forces of truth, goodness and the American way at LittleGreenFootballs.com.
Wikipedia news points to an article DDoSers bombard Military root server (and more) on The Register.