March 29, 2013
In the aftermath this week of one of the most powerful attacks on the Internet, finger-pointing quickly ensued.
The organization most suspected, victims said, was Stophaus, an elusive group of disgruntled European Internet users, although Sven Olaf Kamphuis, its spokesman, denied he was responsible for the attacks. At the same time, he shifted blame to Russian Internet service providers, which he said were retaliating against Spamhaus, a European anti-spam group, for blacklisting them.
But the real enablers of the attack were the operators of more than 27 million computers around the globe who left their equipment wide open to a motivated attacker. Those enablers are not just companies, but regular people with home cable boxes.
“There is a big possibility that you are part of the problem without even knowing it,” said Paul Vixie, chairman of the Internet Software Consortium, a nonprofit company responsible for the software used by many of the servers that power the Internet.
The servers the attackers used — what the Internet community calls open recursive servers or, more commonly, open resolvers — are simply home Internet devices, corporate servers, or virtual machines in the cloud that have been sloppily configured to accept messages from any device around the globe.
Read the full story: