Lessons learned from 'Net root server attack

Most corporate Web sites and IP networks couldn't withstand the ferocity of the latest attacks

There's some good news and some bad news for corporate network managers about the latest Internet root server attack.

The good news is that the Internet demonstrated once again that it is the most resilient network infrastructure ever built. Companies shouldn't be afraid to put mission-critical applications such as voice and streaming video on the `Net because of these attacks, security experts say.

The bad news is that that the Internet continues to be a target for vandals and criminals, particularly those looking to make money through extortion, fraud or theft. Experts say that most corporate Web sites and IP networks couldn't withstand the ferocity of the latest attacks.

"These attacks weren't that substantial," says Danny McPherson, chief research officer for Arbor Networks, which provides detection services for these types of attacks. "They've gotten a lot of attention, but they're not as significant as the attacks we see every day against our customers, which are much more targeted and more damaging."

Steve Bellovin, an Internet security expert and professor of computer science at Columbia University, agrees.

"I'd be more worried about somebody trying to target my corporation than somebody trying to target the infrastructure because no one corporation has the kind of replication and bandwidth that the infrastructure has at this point," Bellovin says.

Last Tuesday, an attack was launched against three of the Internet's 13 root servers, which oversee the Internet's Domain Name System. The DNS is a global distributed database system that matches domain names with corresponding IP addresses.

Three root servers -- operated by the Defense Department, the Internet Corporation for Assigned Names and Numbers (ICANN) and the Widely Integrated Distributed Environment (WIDE) Project -- were inundated with phony requests from a group of compromised PCs, called a botnet.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about Arbor NetworksCERT AustraliaICANNInternet Corporation for Assigned Names and NumbersResilienceRSAVeriSign Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Carolyn Duffy Marsan

Latest Videos

More videos

Blog Posts