Microsoft crippled by S'Kiddies
Company's own techies didn't do enough damage
DoS'ing Script Kiddies easily disabled most of Microsoft's major Web sites Thursday, just as the company was recovering from the humiliation of being accidentally taken off line by its own (MCSE?) technicians Tuesday and Wednesday.
"During the morning of 25 January, Microsoft was the target of a denial-of-service attack against the routers that direct traffic to the company's Web sites," the company said in a statement late Thursday.
The little darlings attacked a router (or "routers" as the flacks insist) which MS had been using to manage DNS (domain name service) traffic, and in so doing rendered the company virtually invisible on the Web from early Thursday morning until the afternoon hours.
If the company had in fact been using "routers" (as opposed to "a router") as it claims, and ones properly distributed as is ought, it's unlikely that the attack could have been as effective as it was. According to the Associated Press, only two per cent of traffic was getting through during the attack.
The kiddies were no doubt inspired by the amusing DNS cock up earlier this week which also left the company's sites unavailable. In that case, MS had failed to distribute its DNS servers adequately, so that when its (MCSE?) retard(s) misconfigured the relevant "routers", it all flew to bits in a hurry, and stayed that way for quite a while.
The router(s) appear to be located on a single subnet, so even if there were more than one in use, the net effect would be to present a unified target to the world.
Idiotic behaviour which we might expect from some Mom and Pop on-line outfit, and regard with some sympathy in that case. But the company that would rule the Web needs a lesson in basic network architecture before transcending the low comedy in which it's just now cast itself. ®
MS blames lowly techie for Web blackout
Microsoft brings web sites back into play
Microsoft confirms Web site blackout
DNS trouble made Microsoft, Yahoo! unavailable
How you hack into Microsoft: a step by step guide
Sponsored: Global DDoS threat landscape report