Distributed denial of service attacks on root nameservers

From Wikipedia, the free encyclopedia

The DNS Backbone DDoS Attacks have been several significant Internet events in which distributed denial of service attacks (DDoS) have targeted one or more of the thirteen DNS root servers. These attacks are extremely significant, as the root nameservers function as the Internet backbone, translating text-based Internet hostnames into IP addresses. As the nameservers provide this service for DNS lookups worldwide, attacks against the root nameservers are attempts to disable the Internet itself, rather than specific websites.

Contents

[edit] Attacks

[edit] October 21, 2002

The first attack occurred on October 21, 2002, and lasted for approximately one hour. Of the thirteen servers, nine were disabled but the remaining four were able to cope.[1]

This event was the first significant attack directed at trying to disable the Internet itself, instead of specific websites.[citation needed] This was the second near-major failure of the root nameservers; the first large malfunction of them caused the failure of seven machines in July 1997, due to a technical problem.

[edit] February 6, 2007

A second attack occurred on February 6, 2007. The attack began at 10:30 UTC, and lasted about five hours. Although none of the servers crashed, two of the root servers reportedly "suffered badly", while others saw "heavy traffic". The botnet responsible for the attack has reportedly been traced to the Asia-Pacific region. [2] There was some speculation in the press that the attack originated from South Korea. [3]

On February 8, 2007 it was announced by Network World that "If the United States found itself under a major cyberattack aimed at undermining the nation’s critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source."[4]

[edit] See also

[edit] External links