http://www.theregister.co.uk/content/6/24773.html By John Leyden Posted: 09/04/2002 at 15:22 GMT Most of the customers of Edinburg business ISP edNET were left without Internet services yesterday after it experienced a serious denial of service (DDoS) attack. edNET began to experience what it described in an email to users as a "catastrophic network failure" at around 8am yesterday. This resulted in most of edNET's users experiencing difficulties sending email or browsing the Internet throughout yesterday. Engineers confirmed that the problem was a result of a DDoS attack on its network, and were able to restore services after applying filters to its network nodes, and asking upstream service providers to do the same thing. Emails from Register readers report that an attack on edNET's ADSL subnets resulted in around 12 hours downtime for some customers (edNET said services were up and running yesterday afternoon). At the height of the attack two of edNET's 45Mbps links were saturated with attack traffic. Mussy Kurt-Elli, a business development manager at edNET, said the attacks against the ISP were part of a wider assault, which he told us also affected other service providers. The assault, whose source remains unclear, focused on Telnet ports and was blocked by setting up "draconian" filtering rules, he told us. We understand from edNET that BT's backbone ADSL routers had to be reset because of the attack, but the telco is yet to get back to us for comment on this. edNET, which has a redundant network, will review its procedures to see what changes it can make to defend against any future attacks. DDoS attacks are notoriously difficult to prevent, but some tools are available which mitigate their effects. Earlier this year Basingstoke ISP Cloud Nine and Tiscali UK both became subject to DDoS attacks. Both the motive and source of all these attacks remains unclear but their increasing prevalence this year is becoming a source of concern. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Apr 10 2002 - 04:41:38 PDT