Post New Topic  Post A Reply
my profile | register | search | faq | forum home
  next oldest topic   next newest topic
»  VoivodFan   » Cosmic Drama   » Attack Overwhelms Internet Systems!

UBBFriend: Email this page to someone!    
Author Topic: Attack Overwhelms Internet Systems!
El Indio
VoivodFan
Member # 18

posted January 25, 2003 16:34     Profile for El Indio   Email El Indio     Send New Private Message   Edit/Delete Post   Reply With Quote
I first started noticing this last night around 12 a.m. Pacific Standard Time. I tried to gain access to the Scratch website and as I type, still am unable to! I hear that Blacky should have it fixed soon. Go Blacky, go!

WASHINGTON (AP) - Traffic on the Internet slowed dramatically for hours early Saturday, the effects of a fast-spreading, virus-like infection that overwhelmed the world's digital pipelines and broadly interfered with Web browsing and delivery of e-mail.

Sites monitoring the health of the Internet reported significant slowdowns globally, although recovery efforts appeared to be succeeding.

Millions of Internet users in South Korea were stranded when computers at Korea Telecom Freetel and SK Telecom failed. Service was restored but remained slow, officials said. In Japan, NHK television reported heavy data traffic swamped some of the country's Internet connections, and Finnish phone operator TeliaSonera reported some problems.

``It's not debilitating,'' said Howard Schmidt, President Bush's No. 2 cybersecurity adviser. ``Everybody seems to be getting it under control.'' Schmidt said the FBI's National Infrastructure Protection Center and experts at the CERT Coordination Center were monitoring the attack and offering technical advice to computer administrators on how to protect against it.

The FBI was searching for the possible origin of the latest attack, which experts variously dubbed ``sapphire,'' ``slammer'' or ``SQ hell.'' Some security researchers noted that the software unleashed in Saturday's attack bore striking resemblance to blueprints for computer code published weeks ago on a Chinese hacking Web site by a person who calls himself ``Lion.'' An FBI spokesman said he couldn't confirm that.

Most home users did not need to take any protective measures. Experts said the attack bore remarkable similarities to the ``Code Red'' virus that struck the Internet during the summer of 2001.

The virus-like attack, which began about 12:30 a.m. EST, sought out vulnerable computers on the Internet to infect using a known flaw in popular database software from Microsoft Corp., called ``SQL Server 2000.'' But the attacking software was scanning for victim computers so randomly and so aggressively - sending out thousands of probes a second - that it saturated many Internet data pipelines.

Schmidt said disruption within the U.S. government was minimal, partly because the attack occurred early on a weekend. The departments of State, Agriculture, Commerce and some units within the Defense Department appeared hardest hit within the government, according to Matrix NetSystems Inc., a monitoring firm in Austin, Texas.

``This is like Code Red all over again,'' said Marc Maiffret, an executive with eEye Digital Security, whose engineers were among the earliest to study samples of the attack software. ``The sheer number of attacks is eating up so much bandwidth that normal operations can't take place.''

``The impact of this worm was huge,'' agreed Ben Koshy of W3 International Media Ltd., which operates thousands of Web sites from its computers in Vancouver. ``It's a very significant attack.''

Koshy added that, about six hours after the attack started, commercial Web sites that had been overwhelmed were starting to come back online as engineers began effectively blocking the malicious data traffic. At the height of the attack, another company reported that computers were flooded with more than 125 megabytes of data every second.

``People are recovering from it,'' Koshy said.

Symantec Corp., an antivirus vendor, estimated that at least 22,000 systems were affected worldwide.

``Traffic itself seems to have leveled off a little bit, so likely only so many systems are exposed out there,'' said Oliver Friedrichs, senior manager with Symantec Security Response. The attacking software, technically known as a worm, was overwhelming Internet traffic-directing devices known as routers.

``The Internet is still usable, but we're definitely receiving reports from some of our customers who have had it affect their routers specifically,'' Friedrichs said.

The attack sought to exploit a software flaw discovered by researchers in July 2002 that permits hackers to seize control of corporate database servers. Microsoft deemed the flaw to be ``critical'' and offered a free repairing patch, but it was impossible to know how many computer administrators applied the fix.

The latest attack could revive debate within the technology industry about the need for an Internet-wide monitoring center, which the Bush administration has proposed.

During the Code Red attack in July 2001, about 300,000 mostly corporate server computers were infected and programmed to launch a simultaneous attack against the Web site for the White House, which U.S. officials were able to defend successfully.

Unlike that episode, the malicious software used in this latest attack did not appear to do anything other than try to spread its own infection, experts said.

AP technology writers Anick Jesdanun and Frank Bajak contributed to this story from New York.

On the Net: Technical details: http://www.eeye.com/html/Research/Flash/AL20030125.html

More details: http://www.iss.net/security-center/static/10031.php

Microsoft fix: http://www.microsoft.com/technet/security/bulletin/MS02-039.asp

So this is actually kind of an interesting subject: viruses/worms and how people try to at least protect themselves as much as possible. Myself, I run Norton Internet Security 2002 ad also subscribe to Symantec's Liveupdate service. As of about six months ago, approximetly one third(!!!) of all internet users do not have adequate protection and we are not just talking about viruses here. Alot of people do not realize about other security threats such as adware which monitors where you surf to, web sites which attempt to get your e-mail address so that you can be the unhappy recipient of S.P.A.M. and them other sniveling scoundrels (This has happened to me at least once - luckily Internet Security caught it!) who attempt to gain access to other personal information of yours - especially your credit card information! As some of you are undoubtedly already aware, it would be wise to gain some sort of protection before you attempt to access smut sites and we're talking about them tgp's in particular because for some crazy reason the adult sites represent the internet's version of the wild west where normal laws do not seem to apply. Beware of cookies and sites which have thumbnails/pictures which can only be viewed when your security screen is lowered. If you get burned, as the reasoning appears to be, who are you going to complain to because if you do, you will present yourself to society at large as some sort of sicko pervert! But let us not get too off track here. What I am interested in is what types of steps youse peoples take in order to protect yourselves... Perhaps some of you do not do anything at all! Your reasoning is, "Bring it on, sucka! You play with me, I'm going to play with you! Big time, dammit!" All I can say to this is good luck; you are going to need it!


 |  IP: Logged
Juan87
VoivodFan
Member # 87

posted January 26, 2003 01:58     Profile for Juan87   Email Juan87     Send New Private Message   Edit/Delete Post   Reply With Quote
I fend off attack by having MSN-WEB TV. I have no hard drive and therefor nothing to infect! When I finally DO get a new computer it will be well protected.
 |  IP: Logged
Tangento
VoivodFan
Member # 117

posted January 26, 2003 02:23     Profile for Tangento   Email Tangento     Send New Private Message   Edit/Delete Post   Reply With Quote
That's an interesting set of articles, and good advice there, Indio.
Thanks

Keep in mind that these buttfucks are reading this stuff,
and are "grinning like an undertaker".
Their next move will certainly be to create something
even more devastatingly effective.

May they all rot from the inside out, and may they all develop
excruciatingly painful, pus-oozing, festering carbuncles
on their assholes and lips.


 |  IP: Logged
guidon
VoivodFan
Member # 137

posted January 26, 2003 07:03     Profile for guidon   Email guidon     Send New Private Message   Edit/Delete Post   Reply With Quote
Yeah, I often wonder why people would want to bring down the internet...

I use AntiVirus-protection, and recently installed a firewall. It's impressive how many times the prog blocks Trojans and spyware trying to get in or out. Not to mention the times someone tries to hack into my comp when chatting...


 |  IP: Logged
nia
VoivodFan
Member # 9

posted January 26, 2003 15:39     Profile for nia   Email nia     Edit/Delete Post   Reply With Quote
The worm only attacked SQL servers, not personal computers so no worries there Voivodfans.
 |  IP: Logged
El Indio
VoivodFan
Member # 18

posted January 30, 2003 20:26     Profile for El Indio   Email El Indio     Send New Private Message   Edit/Delete Post   Reply With Quote
Thanks, shortly after I posted the original message, I seriously regretted (again) some of what I said. I seem to have a real knack for offending the very same people whom I'm trying to impress! I guess I should be more careful about what I post... At least until I drink too much again... So warcorpse, please forgive me for once again sounding kind of retarded but could this recent change you made with your server have anything to do with the very noticable slowness of this site? Then again, I first noticed this slowness on sunday morning and attributed it - for a lack of a better reason - to the effects of the worm on the various servers. Yes, I have already checked out the other thread and saw that interesting graph. Perhaps you can post one of these graphs more often? Sure it may come off as being kind of pretentious to some but for me, I find it to be quite interesting! And now let Indio go off topic again and muse about the dark side or perhaps one of the prices of popularity and that is it (popularity) makes whatever is popular a kind of target for better or worse. Half the world loves you and the other half wants to kill you it seems. I sure hope that no-one would want to deliberatly sabotage this site! And this brings up an interesting article which appeared in Rolling Stone magazine a few months ago about fame or american fame in particular and that if you become well known in the United States then you have a 100 percent chance of being stalked! Pretty twisted, huh?
 |  IP: Logged

All times are ET  

Post New Topic  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
Hop To:

Contact Us | VoivodFan

Powered by Infopop Corporation
Ultimate Bulletin Board 6.04