Welcome to WebmasterWorld Guest from 220.127.116.11
"This was the largest and most complex DDOS attack ever against the root server system", happening 5:00 p.m. EDT on Monday
Too much speculation on the who and how, possible consequences etc. at this point.
Investigations have started.
What can you do?
Turn off your Inet workstation when you're not using it. If you leave an unprotected workstation up and running and connected, your machine can be used in one of these attacks. Shut it off when it's not in use. This is primarily an issue with Windows based machines though Linux and MAC aren't totally invulnerable either.
Windows is an easy target, but dont be fooled as all operating systems are targets if they are connected to the net!
The attack is believed to have been an ICMP (Internet Control Message Protocol) ping flood,
Uhhh... Are the admins complete #@!$%@#$% @#$%! What the !@#$@#$ they !@#$@# thought when they set the @#$@#$ firewalls up?! For G-d's sake, the default setting of most decent firewalls is just to drop pings.
You know what?! They DESERVED it. I cannot STAND listening to "security experts" moaning and groaning about how these bad, bad, nasty hackers attack them. That they don't play nice and hurt their feelings... GET A LIFE! FIX YOUR FIREWALL RULES! Dorks.
Ok, off my soap box. I am having a bad day - client calls "network is completely down" - turns out his monitor was off.
Tapolyai, did you actually read the article referenced at the top of this thread?
...Despite the scale of the attack, which lasted about an hour, Internet users worldwide were largely unaffected,...
Just because a DDOS attack happened and was reported to the press doesn't necessarily mean that the administrators of the attacked systems messed anything up.
They went bust cause of it, as the cost of upgrading and repairing their network came to more than they were worth.
Have a look around the CERT web site for some good tips as well.
Here is an even better quote from Internetnews.com, (an other article I did not read :o :)):
Attacks orchestrated with this kind of complexity and power generally can't be executed by your run-of-the-mill "Script kid." It would take a lot of firepower, to amass the servers capable of that kind of bandwidth," said a freelance security consultant, who declined to be named.
Let me see... Write ICQ script, trigger ICQ client, or Hack KaZaa, Gator, etc. to ping instead of sending private info... Or, load VBX from web site , that does the same, or send e-mail with nice attachement, etc. ad infinitum....
This is the type of "experts" I am nuts about. It's like me trying to tell the rest of you how to do SEO! :) Just because they call themselves experts that does not make them one...
(Ehh, forget it. It's a loosing battle to actually value people's real abilities, it is much more important now what "appears to be" the value...