CNN hacker tech?

Not sure where Narus.com gets their info, but they seem to have the scoop on the details of the CNN DDOS attack last week.

Multiple sites of CNN (www.cnn.com, www4.cnn.com, edition.cnn.com) were the target of these attacks. NarusInsight Secure Suite (NSS) reported 2 different kinds of attacks going towards CNN - ICMP flood attacks and TCP SYN flood attacks. Interestingly the attacks had very similar signatures, e.g. an instance of a SYN flood involved the attacker distributing his packets across multiple source ports while sending exactly the same number of packets per source port). This can be expected given that the hacker group had made it easy for the novice who could download a script to launch the attack. The highest bandwidth attack seen by NSS was an 80 Mbps SYN flood attack, while the others were much less than that.

They seem to think that the DDOS attack was not successful, saying, “Fortunately, there were no large scale attacks and CNN.com was very much up and running.”

However there was widespread news of flakiness for a whole day, with China and US users finding timeouts and unreachable servers.

Related posts:

This entry was posted on Monday, April 21st, 2008 at 11:38 pm and is filed under Asia, China, GFW, Olympics, Politics, Technology, United States. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.