[ISN] Sun Grid hit by network attack

InfoSec News isn at c4i.org
Thu Mar 23 04:49:02 EST 2006


By Stephen Shankland 
Staff Writer, CNET News.com
March 22, 2006

Sun Microsystems' Grid, a publicly available computing service, was
hit by a denial-of-service network attack on its inaugural day, the
company said Wednesday.

To let people try out the Sun Grid, the company made a text-to-speech
translation service publicly accessible for, for example, turning blog
entries into podcasts. "It became the focus of a denial-of-service
attack," Aisling MacRunnels, Sun's senior director of utility
computing, said in an interview Wednesday.

In denial-of-service attacks, numerous computers--often groups of
compromised PCs called botnets--simultaneously attack a target on the
network. In this case, the attack took down the text-to-speech

Dealing with the issue was relatively easy: Sun moved the service to
be within the regular Sun Grid, which requires authorization to use.  
"We had to defend against a bunch. There were too many coming against
us, so we moved it inside," MacRunnels said.

The attacks didn't disturb the regular grid, Sun said. "There was no
degradation to performance for users inside the Sun Grid," spokesman
Brett Smith said.

The Sun Grid is one of several visionary ideas that the Santa Clara,
Calif.-based company hopes will restore status and revenue that
tapered away after the dot-com bubble burst and its own hardware and
software lost much of its cachet.

The Sun Grid authorization process requires a person to agree to legal
terms and export control terms, and users must share their addresses.  
Payment requires PayPal or another Sun-approved mechanism, and PayPal
users must be verified, MacRunnels added.

"That gives us a level of knowledge about the user. They have to have
a bank account on file with PayPal and a home address. Those make us
feel more comfortable," MacRunnels said.

That position dovetails with one long held by Sun Chief Executive
Scott McNealy. "Absolute anonymity breeds irresponsibility," he said
in a 2003 interview. "Audit trails and authentication provide a much
more civil society."

More information about the ISN mailing list