Reader's advisory: Wired News has been unable to confirm some sources for a number of stories written by this author. If you have any information about sources cited in this article, please send an e-mail to sourceinfo[AT]wired.com.
Denial-of-service attacks only just came into the limelight, but they're far from new. At Rutgers University in New Jersey, they've been fending them off for a while.
The good news is that low-grade DoS assaults have given the university's information technology staff a head start in planning and implementing protection programs. But they're increasingly concerned that university networks could be exploited by hackers carrying out a DoS attack on someone else.
During the past year, a university official's own informal network status-tracking has turned up frequent instances of low-key but suspicious activity on Rutgers' servers. Some of these attacks had little effect on the network, but others slowed access to the Internet gateway and caused internal systems to turn sluggish.
"I have no doubt that people have been trying to do this to all our servers ... just taking a list of IP numbers and finding out whether there is a vulnerable computer on the network. They can then flood that computer with queries so that it will completely gum up the network, or try to hijack it to use it in their attacks on other systems," said Wise Young, director of Rutgers' Center for Collaborative Neuroscience in Piscataway, New Jersey.
Trouble was first brought to Young's attention last year, when Rutgers computer monitors told him to shut down an open SMTP node on one of the Mac servers. That led to new protections on the server and monitoring activity within the network.
To prevent attacks, Rutgers' entire network is routinely scanned for unusual or suspicious network activity. A Web-based monitoring system checks its major routers. A slowdown in server activity means Rutgers should look for evidence of DoS, Young said.
He said it's difficult to tell exactly how many times his lab has been subject to DoS attacks because until recently Rutgers seldom paid attention to the issue.
But lately officials there have been watching, and suspicious signs of what appeared to be small-scale DoS attacks have become a more frequent occurrence at the center. In response, Young and his staff have increased their vigilance substantially -- no small feat in a system that's supposed to be kept as open as possible.
Rutger's Neuroscience Center was designed from the ground up for collaboration between university labs and over 60 others around the world. Every part of the laboratory is specialized for open communication and sharing of visual, audio, and numerical data, as well as real-time remote personal interactions.
Even the laboratory instruments are designed to allow multiple users to use devices such as a $375,000 confocal microscope from a distance via networked connections.
Young realized that the openness of his lab was an invitation to hackers and even just-plain-bored computer science students. He has now set the servers in the laboratory to notify him by email if there is any unauthorized use of the systems in the center, and regularly runs programs to evaluate activity on the servers and network.
Rutgers' computer services group also is focused on preventing its computers from being used as a vehicle for transmitting DoS attacks. Young believes that university networks are the perfect targets because of their large numbers of powerful networked computers and a commitment to open access.
IT staff has identified and monitors all computers at the university that can be accessed by an outsider and used to send out signals to other computers. All SMTP nodes, for example, are carefully protected and screened.
The university refused to comment further on specifics of their DoS protection plan, citing security issues. "People are running scared," said a faculty member who requested anonymity. "They don't want to draw attention to themselves. They don't want to become a target."
