From: John Klassa (klassa@cisco.com)
Date: Thu Feb 24 2000 - 08:16:04 PST
[ Did M$ set up this attack on itself, to garner some PR? Sheesh. ]
http://dailynews.yahoo.com/h/nm/20000223/wr/hackers_microsoft_1.html
Microsoft Says It Foiled Hacker Assault on Web Site
SEATTLE (Reuters) - Microsoft Corp. (NasdaqNM:MSFT - news) said on
Wednesday that hackers had tried to topple its corporate Web site,
but the software giant said the assault, the latest in a string of
crippling attacks on major Internet operations, had done little damage.
The Tuesday morning ambush of http://www.microsoft.com did not crash
the Web site as in other cases, but caused a brief slowdown in initial
page viewing of about 3 to 7 percent, Microsoft spokesman Adam Sohn
said.
That meant some people who clicked on a Web page on the site failed to
see it the first time they tried.
``It was very minor, to be honest, so some people saw some slowdowns,''
Sohn said.
The assault on the Redmond, Wash.-based company followed similar
disruptions recently at several large Web operations such as
Yahoo! Inc. (NasdaqNM:YHOO - news), Amazon.com Inc. (NasdaqNM:AMZN -
news), eBay Inc. (NasdaqNM:EBAY - news), CNN.com (NYSE:TWX - news) and
Buy.com Inc. (NasdaqNM:BUYX - news).
Those were ``denial of service'' strikes, in which hackers set up
automatic programs to hijack many other computers that then pounded the
Web sites with so many requests for information that legitimate users
could not gain access.
Instead, Microsoft suffered what Sohn called a ``syn-flood'' attack
that disrupts communication between a PC and the Web site server so
that the server continually sends requests asking for the visiting
computer's identification, devouring its processing capacity.
Microsoft immediately reported the trouble to authorities, Sohn said,
but declined to elaborate. The perpetrators of the earlier attacks
have not been caught despite being the subject of an intense federal
investigation.
The Microsoft site was relatively unaffected because it had enormous
capacity to deal with legions of visitors who often swarm the network
to download the latest software upgrades or test products, Sohn said.
``We have a ton of overhead on this site. We can support terabytes and
terabytes of downloads,'' Sohn said.
Microsoft technicians, in a heightened state of alert after the other
recent assaults, had quickly pinpointed which Internet addresses the
attacks were coming from and shut off their access to the company's Web
site, Sohn said.
Sohn said Microsoft's new flagship product, the Windows 2000 operating
system that it launched last week to run corporate networks, acted as a
sturdy barrier against the unwanted attention.
``The guys running the network swear to me that a year ago we would
have been in big trouble, but with Windows 2000, nobody could knock
our servers over,'' Sohn said. ``Between the robustness of the OS
(operating system) and the security features built in, it really helped
withstand the attack.''
Shares in Microsoft rose 7/16 to 94 1/4 in trading on the Nasdaq on
Wednesday.
-- John Klassa / Cisco Systems, Inc. / RTP, NC / USA / klassa@cisco.com / <><
This archive was generated by hypermail 2b29 : Thu Feb 24 2000 - 08:19:14 PST