CERT hit by service denial attack

CERT hit by service denial attack

By William Jackson

GCN Staff

MAY 24'The CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute is under fire from a distributed denial-of-service attack that has taken its Web site offline for several days.

The attack, apparently from numerous computers working together, began Tuesday. The site, www.cert.org, remained unavailable this morning.

The center, originally called the Computer Emergency Response Team, is the national clearinghouse for information about cyberthreats, vulnerabilities and fixes. Ironically, its victimization says more about the difficulty of protecting against a service denial attack than about the site's security.

Such an attack does not require penetration of security systems. It merely overwhelms the public areas by sheer traffic volume or confuses the server with malformed packets. A distributed attack is difficult to defend against, both because of the volume of malicious traffic and because multiple sources are difficult to stop upstream.

inside gcn

  • Congressman sees broader role for DHS in state and local cyber efforts

    Automating the ATO

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above