Did u read this article? ( from internetnews.com )
Simon at wretched.demon.co.uk
Fri Oct 25 01:50:06 UTC 2002
> The cause of the collapse? A flaw in the company's DNS infrastructure,
> where there was only one router standing between Microsoft's internal
> network and its Internet connection. Shutting down the site was the
> relatively easy matter of finding a weakness in that one router.
I thought the Microsoft fiasco was down to incorrect maintenance
on the router, not malicious action, but either way the lack of
redundancy was inexcusable.
The Washington Post covered the DDoS story as well, but it was a
non-event from the end user perspective, just as it was designed
to be, although I agree more sophisticated attacks could cause
Using ICMP echo and going for the root servers was a triple
whammy, easy to sort from genuine traffic, using a type of
traffic often bandwidth limited in routers, and attacking
probably the best protected, connected and diverse set of name
servers. I'm guessing someone found these tools lying around
somewhere, and tried them out without thinking about what they
were trying to do.
More information about the bind-users