| About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store |
 |
||||
|
||||
 | ||||
 |
|
|||
 | ||||
|
|
|
||
|
||||||||||||||||||||||||||||||||||||||
 NEWSMicrosoft admits defense against attacks was inadequate By Todd R. Weiss January 29, 2001 4:22 pm PT MICROSOFT CONFIRMED LATE Friday that its Web sites had been struck by a second round of DoS (denial of service) attacks and acknowledged that it "did not apply sufficient self-defense techniques" to key parts of its computer networks before last week's assaults began.
"In the past, Microsoft has focused on understanding and protecting against attacks on Microsoft products," Devenuti said. "Unfortunately, as we have learned over the last few days, we did not apply sufficient self-defense techniques to our use of some third-party products at the front end of parts of our core network infrastructure." Security analysts had said earlier Friday, before the second round of DoS attacks came to light, that Microsoft should take a closer look at its security practices. In particular, the company faced questions about having all four of its DNS servers on a single network -- a setup that observers said was an inviting target for attackers. Microsoft spokesman Adam Sohn today said the company has now arranged backup DNS servers for its Web sites through a "short-term deal" with Akamai Technologies, in Cambridge, Mass. One of the fastest lessons learned from last week's problems "was to go ahead and distribute our DNS [systems]" over several locations, he added. The cost and length of the backup deal were not immediately available. Most of Microsoft's Web sites were inaccessible on three separate occasions last week. Friday's DoS attack followed a similar assault that disrupted the company's sites for much of Thursday. That, in turn, was preceded by a 22-hour outage that began late Tuesday and was blamed by Microsoft on a faulty configuration change made to the routers on its DNS network. The Akamai-run backup servers were added last week in response to the initial outage, not the later attacks, Sohn said. Other changes could follow as Microsoft reviews its defensive strategies, he added, but nothing has been finalized yet. "I think we're a little too close to last week to know what final architectural decisions to make," Sohn said. Devenuti said Friday's attack was less disruptive than the one the day before. Late Friday morning, users trying to access Microsoft's Web sites experienced "intermittent delays" during two 15-minute periods, he said, adding that all of the company's sites were back up and running in normal fashion by 3:30 p.m. EST. The Microsoft CIO pledged that the company will continue to examine its systems, network architecture, and internal processes in an attempt to devise additional safeguards. Microsoft "regrets any inconvenience to our customers" as a result of last week's outages, Devenuti said. But he added that no customer data was compromised as part of the attacks. DoS attacks flood networks with huge numbers of bogus information requests, which eventually can overload the servers and cause them to stop responding to legitimate queries. Security analysts have said that there currently are no adequate mechanisms for stopping the attacks once they're launched. Last week's outages followed an incident last fall in which Microsoft disclosed that its internal computer network was hacked by intruders who were able to view the source code for an unspecified future product. And two months ago, a Dutch hacker penetrated one of Microsoft's Web servers on two separate occasions after the company failed to plug a known security hole in its Web server software.  RELATED ARTICLES  Microsoft Web site outages highlight DNS as single point of failureMicrosoft is victim of 'denial of service' hack attackMicrosoft hires Akamai to guard against hackers - WSJRELATED SUBJECTS SecuritySPONSORED WHITE PAPERS 
SPONSORED LINKS
|
||||||||||||||||||||||||||||||||||||||
|
||||||||||
|
||||||||||
