Skip to comments.
Microsoft's Web Site Brought Down By Attack
Information Week ^
| August 1, 2003
| John Foley
Posted on 08/01/2003 5:14:31 PM PDT by Nick Danger
Microsoft's Web site was made inaccessible for an hour and 40 minutes Friday afternoon when a denial-of-service attack overwhelmed the site with traffic, making it impossible for legitimate page requests to get through.
The outage, which began about 1:21 p.m. Pacific time, was the result of a conventional denial-of-service attack and not a software vulnerability being exploited, a Microsoft spokesman says.
That distinction is important because the software company issued a bulletin July 14 warning customers of a critical vulnerability in its Windows NT, Windows 2000, Windows XP, and Windows Server 2003 operating systems. Following that notice, the Department of Homeland Security issued its own advisory warning consumers and businesses to patch their computer systems.
The denial-of-service attack affected Microsoft's home page, www.microsoft.com, and the many other URLs associated with it, including Microsoft's tech-support page, www.support.microsoft.com, and its developer portal, www.msdn.microsoft.com.
Microsoft personnel are working in conjunction with law-enforcement officials to trace the attack. The spokesman points out that a hacker's conference opened Friday in Las Vegas. But he said Microsoft had no evidence to link the denial-of-service attack to the conference or to warnings three weeks ago of a broad, coordinated attack against Internet sites.
TOPICS: News/Current Events
KEYWORDS: ddos; dhs; hackers; microsoft
To: Nick Danger
That must have cost Microsoft some money.
What's Bill down to these days...a mere 60 billion?
2
posted on
08/01/2003 5:16:36 PM PDT
by
South40
(Get Right Or Get Left)
To: Nick Danger
Wouldn't it be wise to monitor the people who go to these hacker conferences? Aside from the computer nerds, you might have some terrorists going there to learn how to disrupt key government systems.
3
posted on
08/01/2003 5:17:10 PM PDT
by
Ex-Dem
(Sic Semper Tyrannis)
To: Ex-Dem
Wouldn't it be wise to monitor the people who go to these hacker conferences? They probably do.
My guess is that this was done by whoever has been doing the port scanning and probing that the Dep't of Homeland Security is warning about. The attack they are planning is probably this weekend, and hosing up the Microsoft site was a way to prevent people from getting the patch needed to stop the attack. If they are as good as Homeland Security fears they might be, they will be back with another attack like this one.
4
posted on
08/01/2003 5:21:42 PM PDT
by
Nick Danger
(The views expressed may not actually be views)
To: Nick Danger
So, it turns out it was just another bunch of script kiddies with parlor tricks.
Throw a few of these 15-yr-old Nickelodeon junkies in the Joint, and scare 'em straight.
5
posted on
08/01/2003 5:25:07 PM PDT
by
Old Sarge
(Serving You - on Operation Noble Eagle!)
To: Old Sarge
Throw a few of these 15-yr-old Nickelodeon junkies in the Joint, and scare 'em straight.
Actually they will probably be hired as consultants. LOL
To: Nick Danger
It's true. I almost took a sledge to my puter!
To: Nick Danger
Still clipping along here like normal on my cable modem. Course the fact that I have Norton Antivirus 2003 and Zone Alarm Pro running side by side just might have something to do with it. Funny thing is I only got the firewall last week...
8
posted on
08/01/2003 6:02:20 PM PDT
by
Severa
(Wife of Freeper Hostel, USN Active Duty Submariner)
To: Old Sarge
I saw this article yesterday and they mentioed something about the Srcript Kiddies:
Latest Web Attack Fears A Hoax?
According to the front-page news story on CNN's Web Site, there seems to be a looming Web Attack. Apparently some "security experts" are urging Windows users to install a new patch to prevent such attacks. This sounded serious, so we decided to look into it a little deeper.
Is has been reported that there has been increased "chatter" in chat rooms and news group postings of a large-scale attack. Our independent investigation into this "chatter" falls short of finding any. Also, according our independent sources there is no evidence of any discussion of attacks, save the banter of Script Kiddies with nothing better to do but talk of grandiose hacking conquests.
"We checked as many as 50 news groups, multiple Web Sites dedicated to hacking, and checked with many of our White Hat colleagues and found no buzz or evidence of an organized attack in the works", said Todd Byars, CEO The Computer Dudes. "This can only bring us to believe that this is some kind of hoax or ruse.” Sources state that Microsoft was “notified” by the hacking group Last Stage of Delirium Research Group. Other major hacking groups are also saying they know nothing of an impending attack.
A reason for the hype may be the fact that several large companies are rolling out new products. AOL is releasing their version 9.0 system in hopes of recreating some of the fire of the late 90’s. It seems a little suspicious that there could be an impending attack when a lot of hackers are meeting in Vegas this weekend to discuss Internet security. Why is it that not one other major news network or technology news driven Sites have had this story posted on their front page? We had trouble finding mention of it at all on almost all of our available news sources.
“As security professionals, we're concerned whenever the mainstream media confuses the public over unsubstantiated claims of 'hacking'. This only spreads fear and doubt, which is exacly what this economy does NOT need," said VP Ernest Fretwell. "This type of insecurity is what leads to bloated legislation and poor policy making. Hyping vandals and giving them undeserved credibility only encourages these twerps. There are serious security concerns that need to be addressed by a lot of system administrators, and worrying about punks is the last thing they need."
The Computer Dudes are researching this further, but our take on the Microsoft patch is that at the moment it may not be necessary. We are evaluating the downloaded patch and will provide further details on it’s viability soon. So far we can’t see any benefit. So far only CNN has a headline story about this attack, but neither cite specifics except to state “an upsurge of hacker activity on the Internet”. We at the Computer Dudes find this claim to be unsubstantiated through our sources and research. But, just in case we always provide you with the necessary tools and information as a first line defense. Download our Distributed Defenses documents here, check for virus updates with your Anti Virus software provider, and download a good anti-spyware program like Lavasoft’s Adaware for free.
Again, we at The Computer Dudes urge you not to live in fear. The vandals that want to wreak havoc on a few Web Sites are no more a cause for concern than the vandal with a can of spray paint. Your safety and security are not in question here. Leave your concerns to more important things like your self-protection and the protection of your family and friends. If we all watch out for each other, it makes the bad guys lives a lot harder. Stay Safe. Stay Aware. Good Playing.
To: numberonepal
The vandals that want to wreak havoc on a few Web Sites are no more a cause for concern than the vandal with a can of spray paint. Your safety and security are not in question here. Leave your concerns to more important things like your self-protection and the protection of your family and friends. If we all watch out for each other, it makes the bad guys lives a lot harder. Stay Safe. Stay Aware. Good Playing.Sage advice.
10
posted on
08/01/2003 6:14:22 PM PDT
by
Old Sarge
(Serving You - on Operation Noble Eagle!)
To: Ex-Dem
Wouldn't it be wise to monitor the people who go to these hacker conferences? I think it'd be a far more prudent idea to monitor who attends services in a mosque.
C'mon...hacker conferences have ALWAYS been monitored. Hell, most of the busts on hackers that have occurred since 2001 have occurred at those conferences.
Aside from the computer nerds, you might have some terrorists going there to learn how to disrupt key government systems.
Cyber-Terrorism is a Myth.
-Jay
11
posted on
08/01/2003 6:21:04 PM PDT
by
Jay D. Dyson
(But I can't get nothin' that can be bought, so I'll just live with what I got... Lord, forgive me.)
To: Jay D. Dyson
Hell, most of the busts on hackers that have occurred since 2001 have occurred at those conferences. Hell, not in my area.Seems I know or hear of someone getting busted everyday in my area.
12
posted on
08/01/2003 8:11:51 PM PDT
by
timestax
To: timestax
Above post by timestax was posted by muggs.
13
posted on
08/01/2003 8:12:43 PM PDT
by
timestax
To: Nick Danger
To: Nick Danger
Switch to Macs. One virus in 19 years! That was in 1987.
15
posted on
08/01/2003 11:45:12 PM PDT
by
Wacka
To: Ex-Dem
Wouldn't it be wise to monitor the people who go to these hacker conferences?The hottest "unsponsored" event at the hacker conventions is a game called "Spot The Fed." <:0)
16
posted on
08/01/2003 11:53:57 PM PDT
by
alexandria
( T.A.K.E. {{"The All Knowing Entity."}})
To: Wacka
That's one more than I've had. I've been on Macs since 93.:; )
17
posted on
08/02/2003 12:06:17 AM PDT
by
Musket
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson
