Web watchdog sniffs out sneak attacks

[William Knowles <wk () C4I ORG>]

http://seattletimes.nwsource.com/cgi-bin/WebObjects/SeattleTimes.woa/wa/gotoArticle?zsection_id=268448455&text_only=0&slug=asta18&document_id=134248052

by Sharon Pian Chan
Seattle Times technology reporter
Saturday, November 18, 2000, 12:53 a.m. Pacific

Remember the so-called denial-of-service computer network attacks that
shut down Internet giants Amazon.com, Yahoo! and eBay back in
February? They do. So do the Internet service providers that the
attackers used to travel across the Net.  And that's what Asta
Networks is counting on.

The Seattle company, named for the terrier in Dashiell Hammett's "The
Thin Man," is expected to announce next week that it has begun
deploying its software on Internet2 to stop such attacks from
happening again. Internet2 is the separate, high-speed network linking
170 universities across the country and capable of handling data at
gigabits-per-second speed.

Exodus Communications, the giant Internet data center that hosts
servers of some of the best-known Web sites, including MSNBC and
Yahoo!, is testing the company's software.

The denial-of-service incidents in February were successful because
the attackers programmed a large number of computers to simultaneously
flood sites with overwhelming traffic, effectively shutting them down.
It's as if someone had programmed all the cars in Seattle to drive
into Nordstrom's front door at the same time and real shoppers were
blocked out.

The February attacks cost the companies $1.2 billion, according to the
Yankee Group. Companies such as Exodus are hit with denial-of-service
attacks several times a week.

"Right now there's a vacuum in this area," said co-founder David
Wetherall. "Our focus is on reliability, on keeping a Web site up
during a denial-of-service attack."

Asta provides a way for Internet service providers and others to watch
for these attacks and combat them without blocking legitimate
customers from getting to a site. Asta's software comes in a bright
green box, the Asta Network Sensor, which can be hooked up to devices
called routers that direct data traffic at Internet service companies.
The box watches for attacks, sensing the traffic patterns that herald
their arrival, and block them as soon as they hit a router.

Asta's founders are University of Washington faculty members and one
graduate student. One of the projects that Chief Executive Tom
Anderson worked on was spun off into Internet infrastructure company
Inktomi.

Co-founder and board member Daniel Weld also co-founded Netbot, an
Internet shopping technology now part of Excite@Home, and AdRelevance,
which has since been acquired by Media Metrix.

Wetherall, chief technology officer, has researched computer systems
for the past 10 years and worked for an Australian company that led
the development of standards for high-speed metropolitan-area
networks.

Stefan Savage, the student who holds the title of chief scientist, has
pending faculty offers from University of California-Berkeley, the
Massachusetts Institute of Technology and Stanford University.

The four raised $3 million for their first round of funding from
Madrona Venture Group and Arch Venture Partners.

Asta set up shop in Eastlake in April this year, after the founders
published a well-received paper on denial-of-service attacks. Seven
routers sit in a refrigerated kitchen-size room in back to simulate an
Internet service provider. In the tradition of levity that
characterizes technology companies, each is named for an X-Men
character.


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".