Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 9 Feb 2000 09:48:04 -0200
From:      "Rafael" <rafael@stf.gov.br>
To:        <submeter@securenet.com.br>
Cc:        <hackers@FreeBSD.ORG>
Subject:    Hackers
Message-ID:  <C04B00F50E8ED3118D62002048403DA7029993@TAURUS>

next in thread | raw e-mail | index | archive | help



	Matéria retirada do New York Times

Several Web Sites Are Attacked on Day After Assault Shut Yahoo
By MATT RICHTEL with SARA ROBINSON
February 9, 2000
AN FRANCISCO -- Hackers mounted what appeared to be coordinated attacks on
the world's largest electronic commerce sites Tuesday.
The attacks, which opened a window on the widespread vulnerability of the
Internet, began Monday with a three-hour assault on Yahoo.com, one of the
world's most popular Web sites, and continued Tuesday, temporarily crippling
at least four other major sites, including Amazon.com, eBay.com and Buy.com.
By Tuesday night it had spread to a leading media site, CNN.com.
Officials from Buy.com, an online retailer, and the popular auction site
eBay.com said they could not determine for certain whether all the attacks
were related or were by the same person or persons.
George Grotz, a spokesman for the San Francisco office of the FBI, said: "We
are still in dialogue with Yahoo. We are aware of the others."
As for whether the attacks had been by the same people, Grotz said, "I think
it would be premature at this point to say anything along those lines."
But security experts and the companies themselves said the nature of the
attacks seemed too similar to be coincidental.
Elias Levy, chief technology officer for SecurityFocus.com, which researches
computer security issues, said the scope of the attacks was rare, if not
unprecedented. He said the attackers had managed to assault and take down
some of the world's most heavily enforced sites.
Levy said the evidence suggested the attacks were related. Significantly, he
said given how many resources were required to take down these sites, it
would have been difficult for a copycat who witnessed Monday's attack on
Yahoo to have instantly have followed suit in such similar fashion.
"I have no doubt these are coming from the same individual or group," echoed
John Vranesevich, the founder of antionline.com, a Web site focusing on
computer security and hacking issues.
It "is unthinkable" that several groups of hackers would have access to this
many computers used to direct the attack, he added.
Levy said he expected to see a substantial response from the FBI in the
coming days. "We're going to see some very busy law enforcement tomorrow,"
he said. "I picture planes full of FBI agents heading to San Jose right
now."
In each case, the attackers used what is known as distributed denial of
service, a technique that basically hijacks dozens or even hundreds or
computers around the Internet and instructs each of the hijacked computers
to bombard the target site with meaningless data.
As the site's server tries to accommodate all the phony data, it soon runs
out of memory and other resources. As a result, its responses to real
customers slows to a crawl or ceases altogether.
However, while it cripples the servers ability to deliver Web pages to
customers, it does not violate the integrity of the system, nor does it
allow access to data stored on the server. So while such attacks are an
expensive form of vandalism, they do not threaten sensitive data like credit
card numbers or other consumer information.
While such attacks are not unusual, the intensity of the recent attacks, as
measured by the sheer number of computers thought to have been hijacked for
the effort, was virulent enough to bring down e-commerce sites that are
typically fortified enough to fend off these kinds of assaults.
Opening a window on the vulnerability of the Internet
An eBay spokesman, Kevin Pursglove, said the auction site became
inaccessible to some customers around 3:20 p.m. Pacific Standard Time, and
it was still struggling to thwart the attack two hours later. He said the
company had contacted Yahoo and Buy.com to seek advice and assistance in
defending its servers.
Bloomberg News reported Amazon.com was slowed for an hour by a deluge of
junk traffic that started at about 5 p.m. Pacific time.
The three-hour assault on Buy.com started at 10:50 a.m. Pacific time and,
unfortunately for the company, the timing coincided with the company's
initial public offering of stock. In the first day of trading, its shares
closed at $25.125 each.
Yahoo said it was getting hit with data from "more than 50" computers on the
Internet. The company said it was contacted this morning by the FBI in
connection with the attack.
Greg Hawkins, chief executive of Buy.com, said the timing of the attack on
the day of the IPO was "completely out of control, needless to say."
"We had some people get in, " he said, "but in most cases, people couldn't
get into the site."
He said the site "clearly lost revenue" though he did not know how much. "We
were hoping to see an increase in traffic because of the IPO." The stock
opened at $27 and traded as high as $35.
Vranesevich said the preliminary evidence suggested that the same hackers
were responsible for each attack.
In a denial of service attack, hackers hijack computers not their own and
use them to direct random streams of data at the target, essentially causing
the target machine to become paralyzed.



 _______________________________________________________
Rafael de Lara Resende
  Analista de Suporte - Supremo Tribunal Federal - Fone: (0xx61) 316-5263
mailto:rafael@stf.gov.br  http://www.stf.gov.br
________________________________




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C04B00F50E8ED3118D62002048403DA7029993>