-
January 25th, 2003, 11:41 AM
#1
MASSIVE internet DDOS attacks....
Sorry if this is a repost.
This was taking from the military forums, looks like a all out cyberattack has just started taking place. heres some info
/quoted from forums.military.com/
AmericanIntel
Basic Training
Registered: Friday, 03 January 2003
Posts: 10
MASSIVE DDOS ATTACKS ALL OVER U.S.
------------------------------------------------------------------------ --------
We are monitoring massive Distributed Denial of Service attacks all over the U.S. tonight starting at around 11:30 PM CST. As many as 5 of the 13 root nameserver have been down, up to 10 with massive packet loss (xx%):
Internet Status to Root Name Servers
Date: Fri Jan 24 21:37:00 PST 2003
Place Address Packet Loss Time: Min/Avg/Max
Root b.root-servers.net 53% 25/40/48
Root c.root-servers.net 0% 82/82/82
Root e.root-servers.net 20% 16/29/33
Root f.root-servers.net 26% 17/27/32
Root h.root-servers.net 20% 91/101/108
Root i.root-servers.net 26% 190/199/205
Root j.root-servers.net 26% 81/91/96
Root k.root-servers.net 64% 172/188/201
Root l.root-servers.net 0% 5/5/6
Root m.root-servers.net 33% 160/171/205
GTLD b.gtld-servers.net 26% 52/63/67
GTLD c.gtld-servers.net 31% 85/93/95
GTLD d.gtld-servers.net 13% 88/100/103
GTLD f.gtld-servers.net 22% 38/50/57
GTLD i.gtld-servers.net 0% 198/200/203
GTLD k.gtld-servers.net 24% 90/100/105
GTLD l.gtld-servers.net 33% 128/138/171
All backbone providers are suffering major packet loss (XX%):
Place Address Packet Loss Time: Min/Avg/Max
AboveNet ns.above.net 28% 53/64/66
AGIS ns1.agis.net 26% 62/74/78
AlohaNet nuhou.aloha.net 35% 84/94/98
ANS ns.ans.net 26% 83/97/100
BBN-NearNet nic.near.net 28% 91/114/572
BBN-BARRnet ns1.barrnet.net 26% 16/26/32
Best ns.best.com 35% 79/89/95
Concentric nameserver.concentric.net 35% 18/31/56
CW ns.cw.net 28% 88/98/105
DIGEX ns.digex.net 31% 78/86/91
ENTER.NET dns.enter.net 28% 91/104/108
Epoch Internet ns1.hlc.net 33% 37/48/52
Flash net ns1.flash.net 17% 80/92/94
GetNet ns1.getnet.com 20% 40/52/56
GlobalCrossing name.roc.gblx.net 24% 85/97/104
GoodNet ns1.good.net 31% 83/92/97
GridNet grid.net 20% 80/92/101
IDT Net ns.idt.net 20% 91/104/121
Internex nic1.internex.net 26% 18/31/35
MCI ns.mci.net 22% 91/103/107
MindSpring itchy.mindspring.net 15% 75/88/106
NAP.NET ns2.nap.net 20% 73/85/94
PacBell ns1.pbi.net 0% 89/89/90
Primenet dns1.primenet.net 20% 31/41/45
PSI ns.psi.net 0% 82/84/160
RAINet ns.rain.net 31% 40/49/53
SAVVIS ns1.savvis.net 31% 88/99/102
SprintLink ns1.sprintlink.net 11% 15/27/35
UUNet,AlterNet auth00.ns.uu.net 26% 89/98/103
Verio-West ns0.verio.net 22% 31/42/47
Verio-East ns1.verio.net 22% 86/96/101
VISInet ceylon.visinet.ca 20% 102/116/188
MoonGlobal-ClubNET ns.clubnet.net 0% 0/1/2
MoonGlobal-Netway dns.nwc.net 4% 6/6/7
MoonGlobal-Netxactics verdi.netxactics.com 4% 6/6/7
InterWorld ns.interworld.net 0% 4/4/5
It's massive, no word on source yet. We are watching it closely.
Brad G
American Intelligence
www.americanintelligence.us
-
January 25th, 2003, 12:15 PM
#2
aggg
its annoying I can't access many sites
According to driverheaven.net
There appears to be a Microsoft SQL Monitor worm spreading. Massive UDP traffic on port 1434 is affecting major internet backbones, including UUNET. Of course, servers and home users are being flooded as well. Many websites are currently inaccessible or slow, depending on your location and ISP
Also on http://netweb.us.keynote.com/1/ you can see the health of the net, UUNET is under the worse of the attacks, it as almost flatlined....
-
January 25th, 2003, 02:41 PM
#3
Junior Member
aww.........its really massive.i agree with cheesegoduk.
-
January 25th, 2003, 02:46 PM
#4
Well hell.......I just came off of one of the worst weeks ever (server crashes, frame relay died.....etc.) and now instead of a Saturday, I get to head in and see what got hit.
-
January 25th, 2003, 06:28 PM
#5
This is the second time that the root nameservers have been attacked in recent months. Would adding more root name servers help out or would that just spread the denial of service attacks to those name servers as well????
-
January 25th, 2003, 06:36 PM
#6
im getting packet loss from london gateway to washinton, then 100% loss at At+t, i done some scouring and found a cnn report, its been put across as another code red
http://www.cnn.com/2003/TECH/interne....ap/index.html
Preep
http://www.attrition.org/gallery/computing/forum/tn/youarenot.gif.html
-
January 25th, 2003, 06:39 PM
#7
This doesn't attack the root servers directly, it's the traffic that the worm generates while trying to propagate itselft that DOSes routers and hosts...
Right now I'm seeing about a worm packet (well actually "datagram" since it's udp) hit our firewall about every 5 to 30 seconds. It was about one every 2 to 15 seconds...
Actually I'm surprised it's not more discussed here on AO...
Ammo
Credit travels up, blame travels down -- The Boss
-
January 25th, 2003, 06:42 PM
#8
Banned
Well, i'm having problems getting through Antionline.com also, leave alone others.
-
January 25th, 2003, 06:46 PM
#9
Credit travels up, blame travels down -- The Boss
-
January 25th, 2003, 07:11 PM
#10
Member
Massive traffic on UDP 1434 is coming across my front door, this is a bad one guys heads up
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|