Front Page
 Hack News
 Irish iNews
 Legal Action
 Telecoms
 Business
 Digital TV
 Cryptography
 BookReviews
 Linux News
 Security
 Microsoft
 Software
 Internet
 Black Book
 BookShop

 Major Sites Hit By DoS Attacks  

Websites Hit
DoS Attacks Cripple Yahoo, CNN, Amazon and Buy.com
0730 Hrs 09 February 2000

A series of Denial of Service (DoS) attacks that commenced on Monday with the crippling of portal site www.yahoo.com has extended to www.amazon.com , www.cnn.com and www.buy.com - these sites were performing poorly with the amazon.com site completely timing out at various stages through the night.

Monday´s attack on Yahoo led to traffic levels of 1GB a second through the routers serving the portal site. The attack on Yahoo is believed to have been a distributed one involving a number of compromised computers.

In the last few weeks, there was a significant rise in the number of scans that internet hosts were receiving and many of these scans appeared to originate from hosts in the Pacific region, IPs that traced back to Korea, Indonesia, Taiwan and Australia were seen stepping methodically through hosts in the Irish (.ie) domains requesting domain record zone transfers (axfrs). Once the zone file for the Irish sites were received, these hosts would sequentially scan through each domain looking for computers with potential weaknesses. The program used for this was Sscan, a common cracker tool. This program would be used to generate a log of scanned boxes which the cracker would later return to collect.

The DoS has two phases; the acquisition and the attack itself. In the acquisition phase, the crackers set about acquiring the control over the computers to be used in the attack. This normally involves scanning large numbers of computers attached to the internet. Once a vulnerable computer is identified, the crackers will attack it and try to compromise it. Once compromised the computer will be used to scan others.

After a sufficient number of computers have been compromised, the programs to be used in the denial of service attacks will be loaded on to them. Four  popular programs for this have been identified: Tribal Flood Network, Trinoo, TFN2K, and Stacheldraht. These programs can be set to activate at a specified time with the results seen on the Yahoo, Amazon, Buy and CNN sites.

The FBI is currently investigating the outages. However it is expected that other sites will be hit in the coming days.

 

Section: Irish I-News

Web Ireland Internet Awards Get Real?   07 June 2000
Eircom Hi-Speed - Just ISDN   24 May 2000
Online.ie - The Future Of The Irish Internet?   20 March 2000
Local Ireland - Still Clueless   20 March 2000
Could Technology Journalists Kill Online.ie's Technology Section?   20 March 2000
Unison - The Sound Of One Hand Clapping   27 February 2000
The Rise Of The E-jits   25 February 2000
Denial Of Service Attack Cripples Major Websites   09 February 2000
Eircom To Float Internet Division?   28 January 2000
New IEDR Rules To Permit Generics?   28 January 2000
More Irish Sites Cracked   16 January 2000
Sunday Business Post Discovers Cyber Promo Two Years Too Late!   16 January 2000
The Irish Cracks Of 1999   16 January 2000
Adornais Beats Adornis/Nua   02 November 1999
Ashford Beats Adornis/Nua   21 October 1999
Web Ireland Internet Business Awards   15 October 1999
Eircom Launches Free ISP   14 October 1999
Security Flaw Hits Ireland.com   01 September 1999
Esat Flat Rate Access Nukes TE   11 August 1999
Will Flat Rate Access Destroy Free ISPs?   11 August 1999
Domain Name Typo Causes Red Faces   30 July 1999
WebIreland's Strange Content Problem  28 July 1999
GP -Offline Marketing Fails Online  09 July 1999
Golden Pages Directory - Spammer Fodder?  04 July 1999
Oceanfree - Ireland's First Free ISP  10 June 1999
Is ireland.com Really A Portal? [27 May 1999]
local.ie - Not Local Or A Portal [26 May 1999]
Pro-Spam Article On ireland.com [20 Mar 1999]
Problems For ireland.com [15 Mar 1999]
IT Launches ireland.com [10 Mar 1999]
Irish ISP Attacked [17 Feb 1999]


© 2000 Hack Watch News
McCormac's Hack Watch News, Hack Watch News and Syndicated HackWatch are trademarks of Hack Watch News