According to what the FBI said in the announcement they made tonight with CERT and the US Justice Department, it's a packet based attack that's directed at hosts and filling up pipes in the process. They didn't come out and say this, but from the details they did divulge that's what I was able to gather. However, as was evidinced by the C-SPAN coverage of this press conference, it's an on-going investigation, so official details are going to be sketchy for the time being, though I do get the impression from the FBI and CERT representatives that they haven't even started sifting through the logs yet. The mouthpieces who were used at the conference certainly didn't sound too terribly clued on the specifics. -- Joseph W. Shaw - jshaw@insync.net Computer Security Consultant and Programmer Free UNIX advocate - "I hack, therefore I am." On Wed, 9 Feb 2000, Larry Snyder wrote:
From what I've read so far, it's still not clear whether it was an attack on a host(s) or a pipe(s). It probably wouldn't be a bad idea to release at least that much info.... -ls-
Declan McCullagh <declan@wired.com> wrote:
From my perspective, corporations are filtering information through clueless PR flacks to a (relatively clueless) media. I can't buy that sites hit by an attack 48 hours ago "have no idea what is going on." If that's the case, some people need to be fired real quick.