Four down, one to go?
Published: 8 April 2004 16:35 BST
Four out of the five websites targeted by a Netsky worm DDoS attack have either been knocked over, or had to change their web address to remain accessible.
File-sharing network eDonkey's main website has been knocked offline following an attack from Netsky, but Kazaa has survived - so far.
Earlier this week, file-sharing websites Kazaa and eDonkey and three other websites were bracing themselves for a distributed denial of service (DDoS) attack launched by variants of the Netsky worm. Netsky.Q, which first appeared on 29 March, is designed to attack certain websites that distribute either file-sharing clients or hacking and cracking tools. Kazaa and eDonkey are its best-known targets and the attack is scheduled to last for at least six days.
However, because the worm only attacks the main www.edonkey2000.com address, it is still accessible by visiting http://edonkey2000.com. Another target, www.emule-project.net, has also experienced severe disruption and in preparation has mirrored its site to www.emule-project.org. At the time of writing, both www.cracks.st and www.cracks.am were unavailable. Kazaa's website seems to be the only one of Netsky's targets to have survived the first day of the attack unscathed.
Mikko Hyppönen, director of antivirus research at F-Secure, said that even though the eDonkey and emule-project sites are online, because they are not accessible through their main web address, most people will not be able to find them: "Most people that have bookmarked eDonkey and emule-project, or if they search for them on Google, will be directed to the "www" site, which fails. If you surf to a website and it fails, how many times do you try it again without the www?" he said.
Hyppönen said Netsky's authors seemed to have learnt a lesson from the mistakes made by the author of the Blaster worm, which last summer launched a massive DDoS attack on Microsoft's Windows Update website. However, unlike Netsky, Blaster attacked the lesser-used web address: "Blaster was stupid - it attacked the website that most people would not use. It only attacked http://windowsupdate.com, not www.windowsupdate.com. Netsky is attacking the address that most people would surf to," he said.
Munir Kotadia writes for ZDNet UK
Since 2001 in the UK, and since 1998 in the USA,Rackspace has beenhosting and supporting mission critical websites,internet applications, data ...
We are seeking a Systems Architect to join our London technicalteam fora leading provider of professional sports websites and online applications. ...
This is a key role within the organisation and the selected candidate will possess strong online gaming experience in a relative SEO field preferably ...
Agenda Setters 2008
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Mark McDonald CIOs: Go large for services The bigger the better
Stuart Packham Looking for a job? Look no further Five top recruitment trends