[27052] in North American Network Operators' Group
Re: Yahoo offline because of attack (was: Yahoo network outage)
daemon@ATHENA.MIT.EDU (Paul Ferguson)
Tue Feb 8 12:23:14 2000
Message-Id: <4.2.2.20000208121811.00a5b130@localhost>
Date: Tue, 08 Feb 2000 12:19:25 -0500
To: Declan McCullagh <declan@wired.com>
From: Paul Ferguson <ferguson@cisco.com>
Cc: <nanog@merit.edu>
In-Reply-To: <4.3.0.33.0.20000207202625.00b42cb0@pop.webcom.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
Declan,
This is a very complex issue, and made the DDoS BoF last
night even more lively. ;-)
Read RFC2267. More people should be doing it, and most of
these silly problems will go away.
- paul
At 08:31 PM 02/07/2000 -0500, Declan McCullagh wrote:
>Yahoo told me on the phone that it's a malicious attack, and Global Center
>says the same thing. In Yahoo's words: "a coordinated distributed denial of
>service attack."
>
>We've got a brief story up at:
> http://www.wired.com/news/business/0,1367,34178,00.html
>
>The problem apparently originated with a router. But what kind of attack
>could have taken the network offline for that period of time and not
>affected other Global Center customers? I mean, there had to have been a
>gaping security hole somewhere: It looks like the routes got lost for
>(nearly) all of the Yahoo network, but no other non-Yahoo sites...
>
>-Declan
>
>
>
