The .Net advertising campaign may be short-lived after a technical glitch and ensuing DoS attack make Microsoft officials blush. Anti-trust issue seems like a walk in the park as teams are dispatched to redesign its network.

by Jim Wagner of internetnews.com [January 27, 2001]

Executives at Microsoft Corp. are likely having a long weekend as they try to figure out what went wrong with its .Net initiative.

It's been a bad week for the software giant. Repeated Domain Name Server problems caused system-wide shutdowns—one lasting as long as 23 hours—making all Microsoft domains inaccessible worldwide.

It's such an ominous problem that the company might need to scrap the $200 million ad campaign promoting its .Net services, introduced just last week. But first, technicians might need to revamp Microsoft's entire network infrastructure.

Aptly undone
The Microsoft .Net service is a bundled offering that included Office, Visual Studio, and bCentral crafted to be the foundation for moving its software empire from the PC to the Internet.

In the future, officials planned to offer applications over the Web, rather than through a computer hard drive or network. The application offering would have ensured its dominance of the business software market well into the first decade of the 21st century.

Rob Enderle, Giga Information Group analyst, said this week's setbacks effectively destroyed Microsoft's .Net campaign and any software dynasty hopes on the Web.

"It's destroyed," Enderle said. "They're running a big campaign talking about the reliability of MS products, it's not the time to have major outages at the site, particularly for sites as visible as Microsoft."

Enderle added that the outages all but destroyed Microsoft's advertising campaign and that any interest they might have produced from the ad blitz is essentially gone.

"In fact, there's even a risk that the campaign will become an industry joke," Enderle said

Unavailable, uninvited
Microsoft officials maintain that a technician incorrectly configured its network of DNS servers which resulted in Web blackouts Tuesday night and most of the day Wednesday. Unavailable were popular Web destinations like MSN, MSNBC, Encarta and Hotmail.

Even after Microsoft reconfigured its DNS servers, many customers still reported spotty access to its Web sites while routers slowly began to transport traffic to Web properties.

The reconfiguring process opened the door to malicious intruders which officials said weakened Microsoft's network response time further.

On Thursday crackers launched a Denial of Service blitz against the network that brought Microsoft's Web properties to its knees for the second time in three days. Microsoft reported that its entire network was down for about five hours before the sites were completely restored.

Asleep at the wheel
Microsoft placed a call to Federal Bureau of Investigation after the DoS attack, although it's uncertain what can be done to trace and charge uninvited network guests.

According to a member of the FBI's press office, there is not much that can be done after the attack has ended, although agents will complete a report on the incident and complete a a preliminary investigation.

Security analysts stood shaking their heads, struck speechless after learning that Microsoft kept all its DNS servers operating in one IP subnet over the same network.

The setup guaranteed failure should a DoS or DNS issue arise. Enderle said it's no surprise Microsoft's entire collection of Web sites were rendered inaccessible.

"This showed an exposure that should not have existed at Microsoft," Enderle said. "It indicates that there is a critical problem that needs to be repaired in the way they laid out their entire network and it will take them a while to come up with a plan to not only address this exposure but to address other exposures that are likely to occur.

"What basically happened," Enderle continued, "is that somebody was sleeping on the watch. The end result is they undoubtedly have to change a large part of their infrastructure. And the first part of doing that is to come up with a plan so that they're not creating more problems in the process."

Microsoft officials were unavailable for comment.

—End