Windows IT Pro is the leading independent community for IT professionals deploying Microsoft Windows server and client applications and technologies.
  
  
  Advanced Search 


Return to article

Microsoft Suffers Another DoS Attack
A Web Exclusive from WinInfo
January 29, 2001
Paul Thurrott
WinInfo
InstantDoc #19770
WinInfo
 

Late Friday, Microsoft confirmed that the company had suffered its second Denial of Service (DoS) attack in as many days, resulting in more downtime for its Web presence. The company reported that customers experienced delays accessing Microsoft's Web properties for two 15-minute periods earlier that day, but users I've spoken with say the downtime was worse than that. (Microsoft notes that the attacks--the first one, which occurred Thursday, was responsible for many hours of downtime--were similar.) 
  
"Microsoft accepts full responsibility for the inconvenience our customers have experienced during the past couple of days," the company said in a statement. "We regret the inconvenience this attack has caused. Microsoft took immediate action to deal with the attack and restore normal operations. All sites were up and running normally by 12:30 P.M. Pacific time [Friday]."
  
Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks, the company admitted that it had learned some painful lessons. "We've already taken steps to change the architecture of our network infrastructure to improve its reliability and availability," Microsoft noted. "We will continue to examine our infrastructure architecture and processes to further safeguard our network resources and provide a great experience for our customers." Microsoft enlisted the Federal Bureau of Investigation (FBI) to help ascertain who was responsible for the attacks and hired Internet content-delivery company Akamai Technology to ensure that such attacks won't succeed in the future. Akamai maintains a wide range of geographically separated DNS servers, which let Internet machines resolve host names, such as www.microsoft.com, into numeric IP addresses. All of Microsoft's DNS servers are in the same location and thus can be easily attacked.
 
A permanent solution to the DoS problem and related attacks, however, is still years away. Speaking at the annual World Economic Forum in Switzerland last week, Microsoft executive Craig Mundie said that it might be a decade before the Internet can be rearchitected to protect sites from outages. "I personally believe it's going to take 5 to 10 years before changes in the Internet infrastructure [that will protect Web sites] permeate the Internet," Mundie said. Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection," said that his company "is an obvious target" for hackers.



Reader Comments

A little cognitive dissonance for breakfast:

"Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks...All of Microsoft's DNS servers are in the same location and thus can be easily attacked."

[Microsoft executive Craig] Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection,"

Dave Howard -January 31, 2001

ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Collaborate with Confidence
Accelerate deployment and simplify Microsoft SharePoint management with EMC solutions and services.

Calculate your savings now
See how SAN is 57% cheaper than DAS over three years

Announcing Symantec Backup Exec 2010
With integrated deduplication and unified archiving technology.
Feb 25 - Are your IT Systems distributed? Or Convoluted?
Find out why integrated management solutions are more important than ever in today's IT environments and what criteria to consider when evaluating those solutions.

Virtualization Faceoff – Join the Discussion
Blogs, free poster, videos, community commentary – IT experts and peers face off on VMware & Microsoft virtualization solutions.

Should Your Email Live in the Cloud?
This Forrester report shows how-to calculate your on-premise email costs and compare with cloud-based alternatives and offers best practices for reducing email costs.

Exchange Server 2010: Deploying Unified Communications
register for this free virtual event and build your Unified Communications future on a strong Exchange Server 2010 foundation

New from Left-Brain.com - Manage VMware with PowerShell
Learn how to perform everything from simple ad-hoc reporting at the command-line to complex scripts that automate a massive deployment of hundreds of virtual machines.  Solve your old problems using less code than you thought possible!
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro DevProConnections IT Job Hound
Left-Brain.com Technology Resource Directory asp.netPRO ITTV Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 © 2010 Penton Media, Inc. Terms of Use | Privacy Statement