Date: Wed, 9 Feb 2000 09:48:04 -0200 From: "Rafael" <rafael@stf.gov.br> To: <submeter@securenet.com.br> Cc: <hackers@FreeBSD.ORG> Subject: Hackers Message-ID: <C04B00F50E8ED3118D62002048403DA7029993@TAURUS>
next in thread | raw e-mail | index | archive | help
Matéria retirada do New York Times Several Web Sites Are Attacked on Day After Assault Shut Yahoo By MATT RICHTEL with SARA ROBINSON February 9, 2000 AN FRANCISCO -- Hackers mounted what appeared to be coordinated attacks on the world's largest electronic commerce sites Tuesday. The attacks, which opened a window on the widespread vulnerability of the Internet, began Monday with a three-hour assault on Yahoo.com, one of the world's most popular Web sites, and continued Tuesday, temporarily crippling at least four other major sites, including Amazon.com, eBay.com and Buy.com. By Tuesday night it had spread to a leading media site, CNN.com. Officials from Buy.com, an online retailer, and the popular auction site eBay.com said they could not determine for certain whether all the attacks were related or were by the same person or persons. George Grotz, a spokesman for the San Francisco office of the FBI, said: "We are still in dialogue with Yahoo. We are aware of the others." As for whether the attacks had been by the same people, Grotz said, "I think it would be premature at this point to say anything along those lines." But security experts and the companies themselves said the nature of the attacks seemed too similar to be coincidental. Elias Levy, chief technology officer for SecurityFocus.com, which researches computer security issues, said the scope of the attacks was rare, if not unprecedented. He said the attackers had managed to assault and take down some of the world's most heavily enforced sites. Levy said the evidence suggested the attacks were related. Significantly, he said given how many resources were required to take down these sites, it would have been difficult for a copycat who witnessed Monday's attack on Yahoo to have instantly have followed suit in such similar fashion. "I have no doubt these are coming from the same individual or group," echoed John Vranesevich, the founder of antionline.com, a Web site focusing on computer security and hacking issues. It "is unthinkable" that several groups of hackers would have access to this many computers used to direct the attack, he added. Levy said he expected to see a substantial response from the FBI in the coming days. "We're going to see some very busy law enforcement tomorrow," he said. "I picture planes full of FBI agents heading to San Jose right now." In each case, the attackers used what is known as distributed denial of service, a technique that basically hijacks dozens or even hundreds or computers around the Internet and instructs each of the hijacked computers to bombard the target site with meaningless data. As the site's server tries to accommodate all the phony data, it soon runs out of memory and other resources. As a result, its responses to real customers slows to a crawl or ceases altogether. However, while it cripples the servers ability to deliver Web pages to customers, it does not violate the integrity of the system, nor does it allow access to data stored on the server. So while such attacks are an expensive form of vandalism, they do not threaten sensitive data like credit card numbers or other consumer information. While such attacks are not unusual, the intensity of the recent attacks, as measured by the sheer number of computers thought to have been hijacked for the effort, was virulent enough to bring down e-commerce sites that are typically fortified enough to fend off these kinds of assaults. Opening a window on the vulnerability of the Internet An eBay spokesman, Kevin Pursglove, said the auction site became inaccessible to some customers around 3:20 p.m. Pacific Standard Time, and it was still struggling to thwart the attack two hours later. He said the company had contacted Yahoo and Buy.com to seek advice and assistance in defending its servers. Bloomberg News reported Amazon.com was slowed for an hour by a deluge of junk traffic that started at about 5 p.m. Pacific time. The three-hour assault on Buy.com started at 10:50 a.m. Pacific time and, unfortunately for the company, the timing coincided with the company's initial public offering of stock. In the first day of trading, its shares closed at $25.125 each. Yahoo said it was getting hit with data from "more than 50" computers on the Internet. The company said it was contacted this morning by the FBI in connection with the attack. Greg Hawkins, chief executive of Buy.com, said the timing of the attack on the day of the IPO was "completely out of control, needless to say." "We had some people get in, " he said, "but in most cases, people couldn't get into the site." He said the site "clearly lost revenue" though he did not know how much. "We were hoping to see an increase in traffic because of the IPO." The stock opened at $27 and traded as high as $35. Vranesevich said the preliminary evidence suggested that the same hackers were responsible for each attack. In a denial of service attack, hackers hijack computers not their own and use them to direct random streams of data at the target, essentially causing the target machine to become paralyzed. _______________________________________________________ Rafael de Lara Resende Analista de Suporte - Supremo Tribunal Federal - Fone: (0xx61) 316-5263 mailto:rafael@stf.gov.br http://www.stf.gov.br ________________________________ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?C04B00F50E8ED3118D62002048403DA7029993>