Why Last Month's DDOS Attack on the Internet Failed

Carl Weinschenk

It's nice when people do their jobs and things work out the way they are supposed to.


According to this well-written CNET story, a distributed denial of service (DDOS) attack on root servers last month failed because of a system put in place after a similar attack in 2002.


The attack, thought to have originated in the Asia-Pacific region, targeted the servers in the Domain Name System (DNS) that toggle between Web site names and their actual numeric addresses. There are 13 of these servers physically divided among hundreds of locales. DDoS attacks, which are carried out by zombie armies of hacked machines, attempt to smother the targeted servers with more requests than they can handle.


The earlier attack succeeded in taking down nine of 13 servers. This led the Internet Corporation for Assigned Names and Numbers (ICANN) and others to deploy the Anycast load balancing system. Anycast allows incoming requests to be shared as a way to lessen the load on any particular machine. It withstood the attack on the four servers in which it was operational. The two that did slow down were still testing Anycast. Ironically, the five that were not attacked don't yet have Anycast.


Sometimes, it's good to take a step back and see an event in its larger historical context. In this case, kudos are due to ICANN and other individuals and organizations that took part in developing and deploying the system. They shook off any institutional inertia that was present and proactively addressed what they perceived to be a significant vulnerability. The system was fixed before another attempt was made.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.