- Related Stories
-
Security adviser: Cyberthreats keep growing
November 22, 2006 -
Neither safe nor secure on the Internet
October 4, 2006 -
Vista Views: Stalling the Net by default?
September 8, 2006 -
Will Vista stall Net traffic?
September 6, 2006 -
DNS could slow broadband service
August 17, 2006 -
DNS service promises safer, faster browsing
July 11, 2006 -
DNS servers do hackers' dirty work
March 24, 2006 -
VeriSign to put more backbone into the Net
May 19, 2005 -
Internet's 'white pages' allow data attacks
July 31, 2004 -
Assault on Net servers fails
October 22, 2002
The attack appears to have focused on the Domain Name System, which maps text-based domain names, such as "News.com," to the actual numeric IP addresses of servers connected to the Internet, and vice versa. Several key DNS servers saw traffic spike in the early morning on Tuesday, several experts said--a sign of an attack.
"It is an unusual large amount of traffic that is hitting DNS servers," said John Crain, chief technical officer at the Internet Corporation for Assigned Names and Numbers, which operates one of the main so-called root DNS servers. "We see large attacks on a regular basis, but this hit quite a few servers, so it was fairly large."
Yet the DNS servers were able to withstand the onslaught, Crain added. "It was irritating. It ruined my night's sleep. It was extraordinary in the fact that it happened to multiple systems at once, but this is not affecting Internet users," he said.
DNS serves as the address books for the Internet. There are 13 official root DNS servers, which sit at the top of the DNS hierarchy. These root servers get queried only if other DNS servers, like those at an internet service provider, don't have the right IP address for a specific Web site.
If part of the DNS system goes down, Web sites could become unreachable and e-mail could become undeliverable. But DNS is built to be resilient, and attacks on the system are rare. In 2002, a similar denial-of-service attack also failed.
"The main thing is that there was very little impact on the general public, the servers were able to hold up against the attacks," said Zully Ramzan, a researcher at Symantec Security Response. "The Internet in general was designed to even withstand a nuclear attack."
The barrage of data being apparently targeted at the DNS system started around 2.30 a.m. Pacific Time on Tuesday. Multiple root servers saw a traffic spike, but the "G" server, run by the U.S. Department of Defense, and "L," run by ICANN, seem to have gotten the brunt of it, Ramzan said. ICANN's Crain confirmed that impression.
While ICANN and Symantec didn't see any effect on the Internet at large, Internet service provider Neustar did see slow downs on the Net. "We would call it a brownout instead of a blackout. It was significant, but it did not take anything down," a representative for the company said.
The true cause of the traffic surge still needs to be determined, both Ramzan and Crain said.
- More from News.com on this story's topics
Internet
Security threats
Domain names
Hardware servers
See more CNET content tagged:
DNS server,
DNS,
Internet-backbone,
attack,
domain name
- DNS != backbone
- DNS != backbone
- Reply to this comment View all 2 replies
- It doesn't take much...
- The DNS servers may not be the literal backbone of the internet (for those of you who don't speak programming, != means "not equal to"), but they're still an integral part of the global internet. Without the DNS servers, we'd be having to remember IP addresses instead of websites. An attack on the DNS servers may not be the end of the world, but it could have a severe impact on the global network if such an attack were sucessful. After all, it only takes one link in the chain to bring down the whole thing. Believe me, I know. Here in Vermont, we had an internet blackout across most of the state on Monday because someone tripped over a simple fiber optic cable. One tiny little cable took out half of the state's communications network. Does that sound acceptable to you?
- Reply to this comment
- Why would anyone...
- ...want to take down the network that allows them so much joy?
- Reply to this comment View reply
- II'm sure Leo knows
- Leo Laporte will have plenty to say about this I'm sure
- Reply to this comment
- Let us have a Alternative to domain and dns
- It is high time the Internet shifts from a Server based system to a Peer based system. The technology exists in the form of IPv6 which offers unique peer to peer address and communication and P2P technology has also taken leap ahead. In the coming months and years, we at NetAlter visualize a secured domain-less and dns-less solutions. For example, if I need to send an email to a friend, I can simply send it across from my computer to my friends computer without routing through mail servers. NetAlter is under development and is supposed to offer an alternative network to internet users.
- Reply to this comment
- internet
- there is no evil that wouldn't come to internet ... --- http://iphone.emigrantas.com - iPhone blog
- Reply to this comment
- MMMM
- Ouch Gonna hurt!
- Reply to this comment
- Testing testing 123
- So when the actual attack happening guys?
- Reply to this comment View reply
- Joris Evers
- copy n pastes from network and security mailing lists and takes the basics about dns is the address book of the internet from wikipedia.
bring back credibility to cnet! wait! they never had any to begin with!
- Reply to this comment
- Root Server Time Map at DNSstuff
- There's a cool page graphing root server response times at DNSstuff. http://www.dnsstuff.com/info/roottimes.htm
- Reply to this comment
Get more done with Windows Mobile