DoS attacks cripple Microsoft for second day

Adding insult to injury, attackers launched a denial-of-service attack against Microsoft on Friday that crippled access to the company's Web sites for a second day.

          Adding insult to injury, attackers launched a denial-of-service attack against Microsoft on Friday that crippled access to the company's Web sites for a second day.

          Microsoft said in a statement that it was "the target of a denial-of-service attack against the routers that direct traffic to the company's Web sites." The attacks again knocked Microsoft.com, MSN.com and other Microsoft sites off the Internet.

          On Thursday, a failed router configuration change kept Microsoft's Web sites offline for most of the day.

          The attack lasted for some four hours, according to a source close to Microsoft, who said the company was back online around noon PST.

          A portion of the four hours was spent troubleshooting and making sure the problem wasn't connected to yesterday's issue, said the source. Once the problem was identified as a denial-of-service attack, Microsoft acted to stop it. The company also contacted the U.S. Federal Bureau of Investigation.

          A denial-of-service attack is designed to overwhelm a router or Web site with requests, choking off the ability for normal communication and shutting down the router or Web site.

          The router that was attacked was inside Microsoft, but the source could not confirm if it was the same router that went down yesterday after a configuration change that made Microsoft's Domain Name System servers inaccessible and knocked its Web sites offline.

          The source said Microsoft is taking a good, hard look at its infrastructure and will evaluate if anything needs to change.

          "They have opened themselves up to these sorts of attacks by letting the world know they have a single point of failure," said one network administrator who asked not to be identified.

          Thrusday's nearly 24-hour blackout was blamed on a technician's error. Microsoft said the error occurred during a configuration change made to a router on Microsoft's Domain Name Service (DNS) network.

          DNS servers translate domain names, such as Microsoft.com, into IP addresses. The IP addresses are used to locate servers on a network. Without DNS, therefore, Web surfers can't find Web sites. DNS is an Internet standard and the default routing systems in Windows 2000.

          The error caused Microsoft's Web sites, including Microsoft.com, MSN.com, Expedia.com, CarPoint.com and Encarta.com, to be unavailable or sporadically available from 6:30 p.m. Tuesday to Wednesday evening at 5 p.m.

          Enterprise customers who rely on the sites for technical help, software updates and security patches could not access any content.

          Critics assailed Microsoft for two big mistakes - changing a router configuration without having a backup, and running all DNS servers on the same network.

          The attacks came nearly a year after a hacker calling himself MafiaBoy crippled eight major Web sites, including CNN.com, eBay.com and Yahoo.com.

Join the newsletter!

Error: Please check your email address.

More about CNNeBayExpediaFederal Bureau of InvestigationMicrosoftMSNYahoo

Show Comments

Market Place

[]