|
|
|
|
|
|
|
|
|
||
|
|
||
|
Be a Commerce Partner |
Second Attack Hits Microsoft
If luck is the residue of a good design then misfortune is the is the consequence of a faulty blueprint—let's call it what it is—Microsoft's foundation is flawed.
of seattle.internet.com [January 27, 2001] |
 |
On Friday evening Rick Devenuti, Microsoft chief Internet officer, revealed that its network was hit by a second Denial of Service attack earlier that day.
"This attack was similar to Thursday's attack, in which someone attempted to block legitimate access to our Web properties by flooding our network routers with large volumes of bogus requests," says Devenuti.
According to Devenuti at around 10:15 a.m. PST on Friday, Microsoft began to experience another denial of service attack. As a result of this attack, some customers experienced intermittent delays in accessing its Web properties for two, 15-minute periods late in the morning.
Devenuti also mentioned that Microsoft had already taken steps to change the architecture of its network infrastructure to improve reliability and availability for customers while the software-maker continues to work with the FBI to identify those responsible for the attacks.
1-25-00: First DoS Surge Hits
After yesterday's Microsoft outages were blamed on what company officials
are saying was a "mistaken configuration," a statement just issued by
Microsoft acknowledges that today's outages were the result of a denial
of service attack against the routers that direct traffic to the company's
Web sites.
As a result of today's attack, access to some of the Microsoft Internet properties was intermittent for many customers throughout the morning.
A DoS attack paralyzes network and Web site operations by flooding them with useless traffic, blocking customer access, and can even cause entire networks to crash. Today's attack was an attempt to interfere with the routers in one of Microsoft's Internet data centers. While Microsoft's servers were running normally throughout the event, the attack prevented access to some of the company's Web sites.
Separate and irregular
While officials at Microsoft still assert that today's issue was completely
separate from yesterday's outage, there are some who question whether
the separate incidences are related.
"I don't find it plausible that (the two outages) were completely separate, given that the symptoms appear to be the same," says Ric Steinberger, technical director of Seattle-based SecurityPortal.
"It's hard to believe that one thing went bad on Tuesday and Wednesday, and a completely different thing, a denial-of-service attack, happens today," he added.
According to Steinberger, there were steps that Microsoft could have taken to improve their chances against this kind of attack.
"It's fair to say that they should have been a bit more robust then they were in fighting this off," says Steinberger. "Microsoft made themselves particularly vulnerable in this case, by apparently placing all their domain name servers very close together, either topologically, physically, or both."
Of Web cops and clients
In a statement released by Microsoft late Friday afternoon, the company
said it updated the FBI on the situation and took immediate steps to ensure
customers could access to its Web sites.
The company also assured customers that it would take additional steps in the days and weeks ahead to further protect Microsoft sites from disturbances.
— End
| Related articles: | |||
| [Nov. 10, 2000] | Three-legged Race for Microsoft | ||
| [Jan. 22, 2000] | To Catch a Hacker | ||
ISP-Planet's
RSS feed
