Scottish ISP floored as DDoS attacks escalate
edNET attack part of wider assault
Most of the customers of Edinburgh business ISP edNET were left without Internet services yesterday after it experienced a serious distributed denial of service (DDoS) attack.
edNET began to experience what it described in an email to users as a "catastrophic network failure" at around 8am yesterday. This resulted in most of edNET's users experiencing difficulties sending email or browsing the Internet throughout yesterday.
Engineers confirmed that the problem was a result of a DDoS attack on its network, and were able to restore services after applying filters to its network nodes, and asking upstream service providers to do the same thing.
Emails from Register readers report that an attack on edNET's ADSL subnets resulted in around 12 hours downtime for some customers (edNET said services were up and running yesterday afternoon). At the height of the attack two of edNET's 45Mbps links were saturated with attack traffic.
Mussy Kurt-Elli, a business development manager at edNET, said the attacks against the ISP were part of a wider assault, which he told us also affected other service providers.
The assault, whose source remains unclear, focused on Telnet ports and was blocked by setting up "draconian" filtering rules, he told us.
We understand from edNET that BT's backbone ADSL routers had to be reset because of the attack, but the telco is yet to get back to us for comment on this.
edNET, which has a redundant network, will review its procedures to see what changes it can make to defend against any future attacks. DDoS attacks are notoriously difficult to prevent, but some tools are available which mitigate their effects.
Earlier this year Basingstoke ISP Cloud Nine and Tiscali UK both became subject to DDoS attacks. Both the motive and source of all these attacks remains unclear but their increasing prevalence this year is becoming a source of concern. ®
Cloud Nine blown away, blames hack attack
Zetnet rescues Cloud Nine
Tiscali attacked by DDoSers
UK web host downed by DDoS attack
Crackers exploit Cisco LAN switch flaw
ISS ranks Net vulnerabilities
Vendors sharpen tools to thwart DoS attacks