RE: Did Windows Update take out the Skype network?

["Wayne J. Hauber" <wjhauber () iastate edu>]

At 09:59 AM 8/20/2007, Larry Seltzer wrote:
> I hope they don't have the gall actually to blame Microsoft for it.
> Obviously it's a flaw in their network, and shows a hole in their own
> testing.

They seem to have a big hole in their supernode setup. I had three 
separate systems at my univerity become supernodes during the Skype 
debacle. During a one hour sample, over 1.4 million individual IP 
numbers connected to a postdoc's desktop computer. The rate was over 
600,000 separate IP's in a 15 minute period. I expect that if I 
sampled enough time, I would have seen a large part of the Skype 
network contacting this researcher's desktop for index information.

I also expect that I introduced a big hiccup in their recovery when I 
blocked network access to these computers. We made three big 
supernodes go away because we thought we were under a DDOS at the time.

I did not appreciate all of the network alarms that this problem generated.

Wayne Hauber


> Perhaps it's also an indication that more Windows users are updating
> more quickly.
>
> Larry Seltzer
> eWEEK.com Security Center Editor
> http://security.eweek.com/
> http://blogs.eweek.com/cheap_hack/
> Contributing Editor, PC Magazine
> larry.seltzer () ziffdavisenterprise com
>
> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of rms () computerbytesman com
> Sent: Monday, August 20, 2007 10:26 AM
> To: funsec () linuxbox org
> Subject: [funsec] Did Windows Update take out the Skype network?
>
> http://blog.wired.com/monkeybites/2007/08/windows-update-.html
>
> Skype is finally back online after a massive two-day outage which began
> on Thursday, August 16th and rendered the VoIP service useless for an
> estimated 220 million users. As we reported on Friday, Skype has denied
> charges that the outage was the result of an attack, but the company
> delayed an official explanation until today.
>
> According to Skype the outage was caused by a massive number of users
> restarting their machines, which flooded the Skype network with login
> requests. Skype blames the restarts on Windows Update, presumably large
> numbers of users rebooting after installing this month's "Patch Tuesday"
> Windows patches.
>
> ...
>
>
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.


Wayne Hauber (515) 294-9890
GCWN GCFA
Information Technology Services
IT Security and Policies
297 Durham Center, ISU, Ames, Iowa 50011
wjhauber () iastate edu  

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.