http://asia.cnet.com/newstech/personaltech/0,39001147,39183542,00.htm By Jim Hu CNET News.com June 16 2004 update: A domain name outage Tuesday morning that left many popular Web sites, including those of Yahoo, Google, Microsoft and Apple, temporarily inaccessible was the result of an Internet attack, according to Web infrastructure company Akamai. The attack caused problems for more than two hours--from 5:30 a.m. to 7:45 a.m. PDT. Many of the world's most popular sites suffered from widespread outages, according to Keynote Systems, which compiles statistics related to Web surfing. On a typical day, the top 40 sites measured by Keynote rarely dip below 99 percent availability. On Tuesday, however, Keynote saw availability drop to 81 percent. Where the attack struck first has yet to be determined, and the affected companies are pointing to others, not themselves. An attack on Akamai could have rippled out to Google and the other sites, or those sites might have been individually targeted, which in turn could have put pressure on a key Internet service that Akamai runs. An Akamai spokesman said it noticed an attack against four unnamed "customers" that rendered their sites inaccessible. Akamai said the strike against those customers in turn caused a failure of its own domain name server (DNS) system, which translates word-based URLs into numeric Web addresses to link surfers to company sites. "We do know that attack was against four sites that happened to be Akamai customers," company spokesman Jeff Young said. "But I don't know if the intent was to go after Akamai or go after Web properties that happened to be customers of ours." Tuesday's outage comes nearly a month after Akamai reported glitches in its content management tools, causing some slowdowns. Other parties may not agree with that assessment. Keynote earlier Tuesday reported the Akamai DNS system outage and speculated that Cambridge, Mass.-based Akamai was the target of a denial-of-service attack, which then caused the Yahoo, Google, Microsoft and Apple sites to fail. Dug Song, security architect for network security company Arbor Networks, said the outage appeared to be an Akamai problem. During the outage, Song noticed that sites such as Google were still functional, but someone typing www.google.com couldn't get to that site, because the address would not translate into its numeric Internet Protocol code. "It was definitely some sort of Akamai issue," Song said in an interview. "Their name service for all these major sites stopped working. You couldn't reach these sites, even though the sites were up. You just couldn't get to them because the name resolution wasn't working." Furthermore, Song noticed that Web-wide traffic during the outage actually declined, making it unlikely that Google and the other sites were the victims of a distributed denial-of-service attack, in which thousands of unknowing PC "slaves" would have flooded their servers with useless data or requests for data. In a recent incident, the Netsky virus used such a technique to target Kazaa and other file-sharing networks, disrupting service at some. Earlier in the year, the main Web site of the SCO Group was crippled after attacks from computers infected by the MyDoom virus. On Tuesday, David Krane, a spokesman for Google, confirmed that the search site was "affected for a short period of time earlier today" and that all systems have been restored. Krane said Google was not the target of a denial-of-service attack. Microsoft also confirmed that its sites were affected but added that it was "deferring to Akamai for additional information on the reported outage." With the sites back up, it appears that the DNS issue has been resolved. But Yahoo's new Web-based e-mail service, launched Tuesday, continues to have problems. Since early Tuesday morning, users have been reporting glitches with Yahoo Mail such as site inaccessibility, slow page loads and inoperable buttons on the site. A Yahoo spokeswoman said the company is "investigating the potential impact of a widespread DNS issue on our services." But launch-related bugs are also a possibility. "As we upgrade tens of millions of Yahoo Mail accounts for consumers worldwide, some users may experience temporary fluctuations in the service, as we update our systems," Yahoo spokeswoman Mary Osako said. "We expect Yahoo Mail accounts to resume to normal after the upgrades are completed." Representatives of Apple were not immediately available for comment. _________________________________________ ISN mailing list Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie! (Broke? Spend 15 minutes a day on the project!)
This archive was generated by hypermail 2b30 : Wed Jun 16 2004 - 06:37:06 PDT