[28356] in North American Network Operators' Group
wow, Internet fiction must really sell. (abovenet)
daemon@ATHENA.MIT.EDU (k claffy)
Thu Apr 27 22:36:06 2000
Date: Thu, 27 Apr 2000 19:34:09 -0700
From: k claffy <kc@caida.org>
To: nanog@merit.edu
Message-ID: <20000427193409.D23917@caida.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
iDEFENSE should sell the hallucinogens they're
in clear possession/consumption of
rather than the keystrokes they type while peaking.
reckon the profit margin would be much higher
f%^&ng ridiculous.
the `i' must stand for imaginary
>From: Jerry Irvine <JIrvine@iDefense.com>
>To:
>Subject: iDEFENSE iALERT: AboveNet Update, Evolved DDoS Tool Used
>Date: Wed, 26 Apr 2000 17:18:43 -0400
>Importance: high
>X-Priority: 1
>
>Evolved Version of DDoS Tool Poses Significant New Threat to Business
>Operations
>
>iDEFENSE Intelligence Services
>April 26, 2000
>5:10 pm (EST)
>
>iDEFENSE believes that the behavior of the attack against AboveNet is an
>example of the logical progression of distributed denial of service tools.
>The devastating potential of this evolved tool was demonstrated during
>Tuesday's attack against AboveNet which took down one of the world's leading
>ISPs, for five hours, affecting companies such as eBay and Everyone.net.
>AboveNet also hosts sites for AOL and numerous other high profile companies.
>The extent of the disruption against these sites is not clear at this point.
>
>The evolved tool can attack with a speed and viciousness not even seen
>during the attacks in early Feb. It appears to have a significantly enhanced
>ability to communicate with an army of drones which can then in turn talk to
>other drones at a significantly greater speed than what could be done by
>other DDoS tools earlier in the year. These older tools operated by sending
>one command from a master out to numerous zombies, the evolved version
>allows the attack to reach critical mass instantaneously and may prove
>significantly more difficult for investigators to identify the suspect.
>
>In light of this new development, companies need to immediately review their
>incident response procedures in order to make sure they are adequate to
>manage this threat. Having redundancies and multi-homing built into their
>systems are key to minimizing the impact of an attack such as this.
>
>While the motive for the attack is unclear at this point, the potential for
>future strikes in the coming weeks against AboveNet and/or other major ISPs
>and Web sites cannot be ruled out.
>
>------------+------------------------+---------
>
>iALERT delivers daily monitoring and analysis of cyberthreats,
>vulnerabilities, and incidents to iDEFENSE's clients.
>
>This e-mail is delivered to journalists covering the information security
>field.
>
>For more information or comment please contact Jerry Irvine at 703.898.8283
><mailto:jirvine@idefense.com>
>
>------------+------------------------+---------
>
>iDEFENSE - The Power of Intelligence
>
>Visit the iDEFENSE Web site for additional information:
><http://www.idefense.com>
>
>Copyright 2000 Infrastructure Defense Inc. (iDEFENSE)
