Results 1 to 6 of 6
  1. #1
    Join Date
    Nov 2000

    DDoS on root servers

    I'm not sure if someone else has posted this in another forum... I didn't see it when I searched DDoS... but ...


    October 22, 2002

    Distributed Denial of Service Attack

    On October 21, 2002 a Distributed Denial of Service (DDoS) attack was detected by Matrix NetSystems monitoring locations in North America. This attack targeted the 13 root DNS servers that provide worldwide address translation for the entire DNS network.

    This attack began in earnest beginning at approximately 4:00 pm EDT and is on-going. Several Internet Service Providers (ISPs) have seen an increase in latency coincident with this attack. Matrix NetSystems has advised its clients to temporarily switch traffic from those ISPs most affected by the event.

    The DNS root servers are given the designations A through M. The most effected include:

    A VeriSign Global Registry Services Herndon VA, US
    G U.S. DOD Network Information Center Vienna VA, US
    H U.S. Army Research Lab Aberdeen MD, US
    I Autonomica Stockholm, SE
    J VeriSign Global Registry Services Herndon VA, US
    K Reseaux IP Europeens - Network Coordination Centre London, UK
    M WIDE Project Tokyo, JP

    These attacks resulted in periods of zero reachabilty for many of the root servers and an increase in packet loss approaching 10% from normal packet loss levels of less than 1%.

    Currently packet loss remains at approximately 4%.

    At the peak of the attack, average reachability for the entire DNS network dropped below 94% from normal levels near 100%.

    Currently, reachability remains near 97%.

    This attack is clearly targeted at a crucial piece of the Internet infrastructure.

    We will continue to monitor this event.

  2. #2
    Join Date
    Aug 2002
    Thanks, for the article.

  3. #3
    Join Date
    Aug 2002
    Chicago, IL, United States
    That is.... intresting i was reading about it a bit ago
    i am wondering how these "attacks" were deployed if that was an attack who was behind it. maybe it is juse somone covering with a mishap
    Anthony LaMantia

  4. #4
    Join Date
    Sep 2002
    grrrr! i hate ppl who dos/ddos

    Thanks for the story
    Europhase UK Limited - XEN/OpenVZ UK/US Virtual Private Servers | R1Soft Backups for Web Hosts
    Custom R1Soft Backups | UK/US Web Hosting | UK/US Virtual Private Servers
    99.9% Uptime SLA | Non Overloaded Service | Guaranteed Ram / Resources
    Company: SC345142 VAT: GB-947754180 Tel: 0870 4710 895

  5. #5

  6. #6
    Join Date
    Jan 2002

    This was just some kid playing around.

    The media plays on fear, so they came across this... made it into something big, you will probably see relations to "terrorists".

    I've looked at all the MRTG graphs of the root dns servers, and honestly, i'm not impressed. I think I caught a person who worked at one of the places that handles a root dns server claming the attacker tried running various exploits against them, but none worked... then X days later they found a hole.
    Just the fact that the person didn't get in on the first try shows this was some small stunt, obviously ill planned.

    For me to be impressed, i'd like to find someone with enough gall to find a new hole, exploit it in all root servers, and redirect or to a porn site or something of that nature, sure it wouldn't effect everyone due to local dns caches, but it would catch some people.... and would show a much more fragile reality of the internet, not the brute-force of large amount of bandwidth coming your way.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts