News
News
3/13/2007
04:06 PM
Connect Directly
RSS
E-Mail
50%
50%

ICANN: Anycast And Communication Foiled February's Root Server Attack

ICANN's evaluation analyzes what happened during the attack on the root servers, which ones were hit the hardest, and what kept them running.

Analysis of the February denial-of-service attack on the root servers that help manage worldwide Internet traffic shows that a combination of efforts, including using Anycast and communicating nonstop during the attack, kept the servers up and running.

ICANN released a report that analyzes what happened during the attack, which servers were hit the hardest, and what kept them running. The report notes that it's still early to know the exact method used during the attack but more information about it should come out at a meeting of root server operators later this month.

ICANN is the group responsible for the global coordination of the Internet's system of identifiers, including domain names, the addresses used in a variety of Internet Protocols.

While it was widely reported that the attack originated in South Korea, the report says it's only been narrowed down to the Asia-Pacific region. Since a large botnet was used to try to flood the root servers, the report notes that they could have been scattered around the world and the trigger could have come from anywhere.

"Because of the way the attack worked, it arrived like a brick wall, which immediately set off all the alarms built into the network," the report states. "In this case, it was clear almost immediately that it was a distributed denial-of-service attack."

Early in February, the 13 root servers were hit by a DoS attack that nearly took down three of them. Analysts say the hackers' used possibly millions of zombie computers to wage the attack -- and they expect that army is populated with the desktops and laptops of unknowing users around the world.

The roots are central machines on the Domain Name System. They're akin to directory assistance for the Internet. The system converts the URLs into numeric addresses, which are then used to route traffic from one computer to another. If the root servers had been taken down for a significant amount of time, it could have crippled Internet traffic. That wasn't close to happening during the February attack.

While they're referred to as the 13 root servers, there are many more computers involved. Each so-called server actually refers to an IP address, which can front many computers. Alan Paller, director of research at the SANS Institute, says they don't generally discuss how many computers are involved as a security precaution.

Analysts say the three root servers that were so greatly affected in the recent attack most likely were standalone servers. The other 10 had multiple machines and that most likely helped them fare better during the attack.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 10, 2014
A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? When it comes to big data, one size doesn't fit all. Here's how to decide.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A look at the top stories from InformationWeek.com for the week of September 7, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.