Download - enterpriseinnovation.net

technewsDNS attack downs Internet in parts of ChinaAn attack on the servers of a domain registrarin China caused an online video applicationto cripple Internet access in partsof the country in late May.Internet access was affected in five northernand coastal provinces after the DNS attack,which targeted just one company butcaused unanswered information requests toflood China’s telecommunications networks,China’s IT ministry said in a statement on itsWeb site. The DNS is what computers use tofind each other on the Internet.The incident revealed holes in China’sDNS that are “very strange” for such a bigcountry, said Konstantin Sapronov, head ofKaspersky’s Virus Lab in China.The problems started when registrar DNS-Pod’s DNS servers were targeted with aDDOS (distributed denial of service) attack,described by the company in an online statement.In such an attack, the attacker ordersa legion of compromised computers to try tocommunicate with a server all at once, whichoverwhelms the server and crushes its abilityto return requests for information.Telecom network operators blocked accessto the IP address of the registrar, concernedthat its beleaguered servers were drainingresources from the machine rooms they oc-IIS 6 attack could let hackers snoop on serversSecurity vendors are warning users of Microsoft’sInternet Information Services 6Web-server software that a new online attackcould put their data at risk.The flaw was made public in late May, whensecurity researcher Nikolaos Rangos posted detailsof the vulnerability to the Full Disclosuresecurity mailing list. By sending a speciallycrafted HTTP request to the server he was ableto view and upload files on the machine. The attacktakes advantage of a bug in the way thatMicrosoft’s software processes Unicode tokens,he said.The vulnerability is being used in online attacks,the US Computer Emergency ResponseTeam said recently.In a statement, Microsoft said it hadn’t heardof any such attacks, but that it was investigatingRangos’ claims. “We are working on a securityadvisory to provide customers with guidance,”the company said.The bug affects IIS 6 users who have enabledthe WebDAV (Web-based Distributed Authoringand Versioning) protocols, used to share documentsvia the Web.cupied, the registrar said.Web sites served by the registrar’s servers,including one that offers an extremely popularonline video playing application, becameinaccessible.The story might have ended there. But assome massive number of users tried to bootup the video application, called Baofeng,their unanswered DNS requests were apparentlypassed on to higher-level servers thatdidn’t know how to process them.The requests piled up, and the resultingtraffic jam slowed or halted Internet accessacross affected provincial networks. DNSPodwas told that even Baidu, China’s top searchengine, became inaccessible in one province,it said in a message on Twitter.Internet access returned to normal in thelate night several hours later, according tothe government statement.China had almost 300 million Internet usersat the end of last year, according to the country’sdomain registry agency, and streamingonline video is as popular among young peopleas it is in Western countries.The event, the first of its kind in China, suggeststhe country needs to improve its rulesmanaging the DNS, said Zhao Wei, CEO ofKnownsec, a Beijing security firm. It gives attackers a way to view protected fileson the server without authorization and it couldbe used to upload files as well, according to ThierryZoller, an independent security researcherwho confirmed Rangos’ findings. However, Zollersaid he had found no way to use this flaw to rununauthorized software on an IIS server.Zoller said that IIS 5 and IIS 7 do not appear tobe vulnerable to the attack, but that it could affectother Microsoft products that use the WebDAVtechnology. “Better safe than sorry,” he said viainstant message, “Disable WebDAV temporarilyand wait for Microsoft to patch.”In an e-mail interview, Rangos said that evenwith WebDAV enabled, Exchange Server runningon IIS 6 and SharePoint Server were not affectedby the flaw.Cisco sounded a similar warning. “Administratorsof sites that are hosting sensitive informationon IIS servers that use WebDAV are advised toput effective mitigations into place immediatelybecause exploit code is publicly available,” thecompany said in a security alert posted to its Website.— Compiled by CWHK staffnewsbytesNortel’s big gunNortel has broken into the already crowded core datacenter switch arena with the release of the VirtualService Platform 9000. The VSP 9000 supports itsSplit Multi-Link Trunking technology, a link aggregationtechnique in which multiple physical links betweentwo switches and another device are treated asa single high-speed pipe. Traffic loads are balancedacross all available links.3Com: Data center switching platform3Com has unveiled a new data center switchingplatform and a next-generation managementplatform. The H3C S12500 data center aggregationand high-end enterprise core switch is built on anarchitecture that delivers 2.2 billion packets persecond of forwarding through a 6.6 Terabits persecond non-blocking fabric. The new switchingplatform is managed with the new H3C end-toendenterprise-class management tool, IntelligentManagement Center, which provides single-panemanagement of the entire heterogeneous enterprisenetwork infrastructure and integrates with existingsystems.Cisco: Unified service deliveryCisco’s Unified Service Delivery product promisesto transform the delivery of consumer and businessapplications to any place and device. The productcombines Cisco’s data center portfolio and unifiedcomputing architecture with the capabilities of theInternet protocol next-generation networks. Thisallows a service provider to deliver video, data andvideo services from the data center.Juniper: Cloud switchJuniper Networks’ EX8216 Ethernet switch, a 16-slotplatform with a switch fabric capacity of 12.4 terabits,is optimized for high-density 10 Gigabit Ethernet datacenter and cloud computing environments. Accordingto Juniper, the switch has a per-slot capacity of320Gbps and delivers up to 2 billion packets persecond performance. The EX8216 joins the eight-slotEX8208 as Juniper’s modular, chassis-based LANswitch offerings.New, improved OpenOffice.orgOpenOffice.org 3.1 has an improved user interfaceand better usability, starting with anti-aliasingthat makes graphics look “smoother” on screen.When dragging objects, users can now see a“shadow” of the object instead of a dotted outline.General text formatting improvements include“overlining,” in addition to regular underlining,subtle highlighting of background text and bettergrammar checker integration. The OpenOffice.orgspreadsheet, Calc, can now rename sheets with adouble-click.76 Computerworld Hong Kong June 2009 www.cw.com.hk