Hack attacks - Excite, possibly America Online hit

greenspun.com : LUSENET : Grassroots Information Coordination Center (GICC) : One Thread
Excite, Possibly America Online Hit With Hack Attacks

February 10, 2000

By Kevin Featherly, Newsbytes.com

There was another confirmed denial of service attack on a major Internet e-commerce site Wednesday night, involving the portal Excite.

Meanwhile, a second incident suggests another, as-yet unconfirmed denial of service outage may have stunted service from the largest Internet service provider, America Online.

The portal Excite has confirmed for Newsbytes that it was significantly slowed by another denial-of-service attack for about an hour, beginning at about 6 p.m. PST. "It's basically the same attack as the ones that hit all the other Web sites," said Kelly Distefano, a spokesperson at ExciteAtHome, the portal's corporate parent. "It was about a 50 percent drop in traffic in that time."

"We have been monitoring (Excite), and what we've noticed is that there were some problems with that site," said Matthew Parks, product-marketing manager at Keynote Systems. "The outage was only for one hour, and interestingly enough it was only a partial outage."

He said that, much like the attack on Web brokerage E-Trade Wednesday, last night's attack on Excite allowed between 40 and 60 percent of the incoming traffic to get through to the site. In most other cases, sites have been almost entirely shut down to traffic for several hours at a stretch.

America Online also experienced problems with incoming traffic between 7 p.m. and 8 p.m. PST, Parks said. "We can't confirm that it was denial of service, and AOL hasn't come out and said it," Parks said. "But the site was reporting a high number of errors and low availability last night."

He said the activity does appear similar to denial of service, but that there was no immediate way to confirm an attack is what slowed America Online down.

A spokesman at AOL told Newsbytes he was unaware of the outage, and would research the issue. Other AOL officials were not immediately available for comment.

The Excite attack is the eighth confirmed denial-of-service attack on a major commercial Web site since Monday. Yahoo, CNN.com, eBay, Amazon, Buy.com, ZDNet and E-Trade all have been hit by similar attacks between Monday and Wednesday.

The most likely cause of the attacks, sources have said, is so-called "denial of service" assaults. They involve a number of computers - perhaps as many as 10,000 of them by some estimates - which are infected with a program that sends out malformed Internet Control Message Protocol (ICMP) requests. Acting in unison, the infected computers launch massive data requests at a targeted Web site, overwhelming the routers that ship requests for pages and data to the many site servers that then answer Web audiences' requests. When it receives the malformed information "packets," a targeted router computer is stalled, while it tries to figure out what to do with the strange, unrecognizable data. Meanwhile, more junk requests come in. Very soon the system is overwhelmed, drowned in bad data.

US Attorney General Janet Reno Wednesday announced a federal investigation into the attacks.

Excite is on the Web at / .

America Online is available on the Web at .

Reported by Newsbytes.com,

~~~~~~~~~~~~~~~

Posted at: The Washington Post, Washington D.C.

http://www.washtech.com/news/regulation/300-1.html

-- Lee Maloney (leemaloney@hotmail.com), February 11, 2000

Moderation questions? read the FAQ