CERT DoS'd

Thu Dec 6 09:33:31 PST 2001

http://dailynews.yahoo.com/h/cn/20011205/tc/national_computer-security_site_attacked_1.html

National computer-security site attacked

        By Robert Lemos CNET News.com

        The Computer Emergency Response Team's Coordination Center, an
important
        national clearinghouse for computer-security information, came
under attack
        Wednesday, leaving its main Web site only intermittently
reachable.

                             The so-called denial-of-service attack
didn't affect the group's
                             ability to push security incident
information to its members,
                             but made public access to its sites a
crapshoot.

                             "We are working with our service providers
to resolve this
                             problem," Bill Pollak, public relations
coordinator for the
                             CERT Coordination Center, said in a
statement.

                             A denial-of-service attack can take one of
two forms: a flood
                             of data that overwhelms the Web server or
the bandwidth
                             leading to the server, or a specific
command crafted to disable
                             critical servers or Internet routers. The
CERT Coordination
                             Center (news - web sites) would not
identify which type
                             matched the attack it was suffering from.

                             The group, based at Carnegie Mellon
University in Pittsburgh,
                             Penn., coordinates the communications among
the myriad
                             response teams scattered among U.S.
universities, companies
                             and government agencies.

                             It has public Web sites to inform both
members and
                             non-members of threats but also has private
networks capable
                             of alerting members to high-priority
computer-security
                             incidents.

                             Officials at the CERT Coordination Center
would not give
                             details of the attack but earlier
acknowledged that such attacks
        are not uncommon. In May, the group suffered a similar attack.

        "We get attacked every day," Richard D. Pethia, director of the
Networked Systems
        Survivability Program at Carnegie Mellon's Software Engineering
Institute, said in a
        May interview. "The lesson to be learned here is that no one is
immune to these kinds
        of attacks. They cause operational problems, and it takes time
to deal with them."

        The CERT Coordination Center is part of Carnegie Mellon's
Software Engineering
        Institute.