http://www.techweb.com/wire/story/TWB20010524S0010 05/24/01 By Rutrell Yasin InternetWeek A denial-of-service attack Wednesday disrupted the operations of Weather.com, the official site of the Weather Channel. The attack, which caused the first outage in the site's six-year history, started at 11:00 am (EST), limiting access to the site and slowing performance for nearly seven hours. Although access to the site was blocked, important weather information was not compromised, Weather.com officials said. The site was back up by 6 Pm (EST). Hackers overloaded the company's routers and those of its Web hosting company, Exodus Communications Inc. (stock: EXDS), with bogus traffic, said Dan Agronow, Weather.com's director of site operations. To counter the attack, weather.com moved to another dedicated router in Exodus's facility and installed filtering software to protect switches and servers, as well as intrusion detection software to record all ongoing activity, Agronow said. Plus, the company is working with Exodus to deploy additional sniffer technology to monitor network traffic. "There's a possibility the attack was a diversionary tactic to break into [the company's] servers," Agronow noted. As a result system administrator are checking the logs of the company's 140 servers for suspicious activity, he added. Fortunately, Wednesday was a relatively mild weather day across the nationwith only 33 incidents of severe weather reported. However, on Tuesday severe weather reports totaled more than 100, with several possible tornadoes. "Site traffic is highly variable, depending on the weather. Traffic can quadruple in the course of an hour," said Debora Wilson, president and CEO of Weather.com. The site can sustain that spike, she added. The disruption of service is being taken very seriously since so many people depend on the site for information that affects their activities, families and properties, she added. The company is working with the necessary laws enforcement agencies to investigate the attack, she said. The attack comes on the heels of a DoS attack on Tuesday that disrupted the operations of the Computer Emergency and Responses Team (CERT) Coordination Center, the organization responsible for warning Internet users about security threats. The FBI's National Infrastructure Protection Center recently issued an advisory warning corporations and government agencies about an upswing in denial of service activity. *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ================================================================ C4I.org - Computer Security, & Intelligence - http://www.c4i.org *==============================================================* ISN is hosted by SecurityFocus.com --- To unsubscribe email isn-unsubscribeat_private
This archive was generated by hypermail 2b30 : Tue May 29 2001 - 01:41:13 PDT