CERT hit by service denial attack

CERT hit by service denial attack

By William Jackson

GCN Staff

MAY 24'The CERT Coordination Center at Carnegie Mellon University's Software Engineering Institute is under fire from a distributed denial-of-service attack that has taken its Web site offline for several days.

The attack, apparently from numerous computers working together, began Tuesday. The site, www.cert.org, remained unavailable this morning.

The center, originally called the Computer Emergency Response Team, is the national clearinghouse for information about cyberthreats, vulnerabilities and fixes. Ironically, its victimization says more about the difficulty of protecting against a service denial attack than about the site's security.

Such an attack does not require penetration of security systems. It merely overwhelms the public areas by sheer traffic volume or confuses the server with malformed packets. A distributed attack is difficult to defend against, both because of the volume of malicious traffic and because multiple sources are difficult to stop upstream.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.