Top 20 Viewed Articles 1 Windows XP SP2 to Ship in Early August, Microsoft Says 2 How can I uninstall the Microsoft Java Virtual Machine (JVM) from Windows XP? 3 The Memory-Optimization Hoax 4 What You Need to Know About Windows Update Services 5 6 Network Protocol Analyzers More Top Viewed Articles  Related Topics • Security  Events Central • Securing Your Exchange Environment Workshop • Microsoft Tech Ed 2004 Worldwide • Microsoft Tech Ed 2004 Worldwide • Microsoft Tech Ed 2004 Worldwide

Paul Thurrott InstantDoc # 19770 Paul Thurrott's WinInfo

Late Friday, Microsoft confirmed that the company had suffered its second Denial of Service (DoS) attack in as many days, resulting in more downtime for its Web presence. The company reported that customers experienced delays accessing Microsoft's Web properties for two 15-minute periods earlier that day, but users I've spoken with say the downtime was worse than that. (Microsoft notes that the attacks--the first one, which occurred Thursday, was responsible for many hours of downtime--were similar.) 
  
"Microsoft accepts full responsibility for the inconvenience our customers have experienced during the past couple of days," the company said in a statement. "We regret the inconvenience this attack has caused. Microsoft took immediate action to deal with the attack and restore normal operations. All sites were up and running normally by 12:30 P.M. Pacific time [Friday]."
  
Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks, the company admitted that it had learned some painful lessons. "We've already taken steps to change the architecture of our network infrastructure to improve its reliability and availability," Microsoft noted. "We will continue to examine our infrastructure architecture and processes to further safeguard our network resources and provide a great experience for our customers." Microsoft enlisted the Federal Bureau of Investigation (FBI) to help ascertain who was responsible for the attacks and hired Internet content-delivery company Akamai Technology to ensure that such attacks won't succeed in the future. Akamai maintains a wide range of geographically separated DNS servers, which let Internet machines resolve host names, such as http://www.microsoft.com/, into numeric IP addresses. All of Microsoft's DNS servers are in the same location and thus can be easily attacked.
 
A permanent solution to the DoS problem and related attacks, however, is still years away. Speaking at the annual World Economic Forum in Switzerland last week, Microsoft executive Craig Mundie said that it might be a decade before the Internet can be rearchitected to protect sites from outages. "I personally believe it's going to take 5 to 10 years before changes in the Internet infrastructure [that will protect Web sites] permeate the Internet," Mundie said. Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection," said that his company "is an obvious target" for hackers.

Reader Comments

A little cognitive dissonance for breakfast:

"Concurring with security analysts who've complained that Microsoft's unsophisticated network design made it particularly vulnerable to such attacks...All of Microsoft's DNS servers are in the same location and thus can be easily attacked."

[Microsoft executive Craig] Mundie, whom Microsoft describes as an "expert in Internet-scale platform architectures and infrastructure protection,"

1	Username: (required):	4	Your Comments: (required):
2	Password: (required):
3	Rate this article (required):  less useful more useful  1 2 3 4 5