Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Yahoo! Lessons Learned

  • From: Roeland M.J. Meyer
  • Date: Tue Feb 08 12:45:06 2000

> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
> Sean Donelan
> Sent: Tuesday, February 08, 2000 3:26 AM
>
> As much as I enjoy finding out about Yahoo & GlobalCenter issues by
> reading the newswires, I wonder if there are any lessons we can learn
> from these events.  Or was this not big enough to get attention of
> upper management?

I doubt if upper management could have done anything about it. AFAICT, Yahoo
was not compromised directly. Reports that I have seen, and some of them are
hearsay, indicated that this is one of the very first of a distributed DOS
attack. One that CERT recent;ly warned us about.

http://www.cert.org/advisories/CA-2000-01.html

> Was there something Yahoo!, GlobalCeneter or other providers could
> have done, either individually or in cooperation, to prevent the problem?
>
> Likewise, could they, individually or in cooperation with other providers,
> have shortened the duration or severity by doing something different?

highly unlikely.

> And finally, would they be more successfull in tracking the source the
> the problem by doing something different?

The only defense I can think of is to prevent other systems from being
"owned". This takes a tightly cooperative environment. We don't have this.
At best, we have a loosely co-operative anarchy, with none of the big
entities playing together consistently. Evenso, this may not be possible.







Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.