04:06 PM
Connect Directly
Repost This

ICANN: Anycast And Communication Foiled February's Root Server Attack

ICANN's evaluation analyzes what happened during the attack on the root servers, which ones were hit the hardest, and what kept them running.

Analysis of the February denial-of-service attack on the root servers that help manage worldwide Internet traffic shows that a combination of efforts, including using Anycast and communicating nonstop during the attack, kept the servers up and running.

ICANN released a report that analyzes what happened during the attack, which servers were hit the hardest, and what kept them running. The report notes that it's still early to know the exact method used during the attack but more information about it should come out at a meeting of root server operators later this month.

ICANN is the group responsible for the global coordination of the Internet's system of identifiers, including domain names, the addresses used in a variety of Internet Protocols.

While it was widely reported that the attack originated in South Korea, the report says it's only been narrowed down to the Asia-Pacific region. Since a large botnet was used to try to flood the root servers, the report notes that they could have been scattered around the world and the trigger could have come from anywhere.

"Because of the way the attack worked, it arrived like a brick wall, which immediately set off all the alarms built into the network," the report states. "In this case, it was clear almost immediately that it was a distributed denial-of-service attack."

Early in February, the 13 root servers were hit by a DoS attack that nearly took down three of them. Analysts say the hackers' used possibly millions of zombie computers to wage the attack -- and they expect that army is populated with the desktops and laptops of unknowing users around the world.

The roots are central machines on the Domain Name System. They're akin to directory assistance for the Internet. The system converts the URLs into numeric addresses, which are then used to route traffic from one computer to another. If the root servers had been taken down for a significant amount of time, it could have crippled Internet traffic. That wasn't close to happening during the February attack.

While they're referred to as the 13 root servers, there are many more computers involved. Each so-called server actually refers to an IP address, which can front many computers. Alan Paller, director of research at the SANS Institute, says they don't generally discuss how many computers are involved as a security precaution.

Analysts say the three root servers that were so greatly affected in the recent attack most likely were standalone servers. The other 10 had multiple machines and that most likely helped them fare better during the attack.

1 of 2
Comment  | 
Print  | 
More Insights
The Agile Archive
The Agile Archive
When it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Elite 100 - 2014
Our InformationWeek Elite 100 issue -- our 26th ranking of technology innovators -- shines a spotlight on businesses that are succeeding because of their digital strategies. We take a close at look at the top five companies in this year's ranking and the eight winners of our Business Innovation awards, and offer 20 great ideas that you can use in your company. We also provide a ranked list of our Elite 100 innovators.
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.