By Robert McMillan
IDG News Service
A scrap between two pornographic Web sites turned nasty when one figured
out how to take down the other by exploiting a previously unknown quirk
in the Internet's Domain Name System (DNS).
The attack is known as DNS Amplification. It has been used sporadically
since December, but it started getting talked about last month when
ISPrime, a small New York Internet service provider, started getting hit
hard with what's known as a distributed denial of service (DDOS) attack.
The attack was launched by the operator of a pornographic Web site who
was trying to shut down a competitor, hosted on ISPrime's network,
according to Phil Rosenthal, the company's chief technology officer.
The attack on ISPrime started on the morning of Sunday, Jan. 18. It
lasted about a day, but what was remarkable was that a relatively small
number of PCs were able to generate a very large amount of traffic on
One day later, a similar attack followed, lasting three days. Before
ISPrime was able to filter the unwanted traffic, attackers were able to
use up about 5GB/second of the company's bandwidth,
With a bit of work, Rosenthal's staff was able to filter out the hostile
traffic, but in an e-mail interview he said that the attack "represents
a disturbing trend in the sophistication of denial of service attacks."
Best Selling Security Books & More!