• United States



by Dave Gradijan

Sun Microsystems’ Grid Hit by DoS Attack

Mar 23, 20062 mins
CSO and CISOData and Information Security

On Wednesday, Sun Microsystems acknowledged that its Grid, a computing service available to the public, was the victim of a denial-of-service (DoS) attack on its opening day, CNET reports.

Sun decided to open up a text-to-speech translation service to the public to let users test out the Sun Grid, according to CNET. The service could be used to turn a written article into a podcast, for instance, CNET reports.

Aisling MacRunnels, senior director of utility computing for Sun, told CNET that the service quickly became the target of a DoS attack and was shut down.

A DoS attack is executed when a perpetrator sends numerous requests for information to a targeted computer system using an invalid IP return address. When that system’s server attempts to confirm the request, it gets no response because of the false return address. The system then continues to generate confirmation requests until it is overloaded and shuts down.

Sun had little trouble handling the issue once its text-to-speech service was taken down, according to CNET. The company simply shifted the service into the regular Sun Grid, which requires authorization, CNET reports.

“There was no degradation to performance for users inside the Sun Grid,” Brett Smith, a Sun spokesman, told CNET.

Users must agree to Sun’s legal policies and export controls regulations, as well as provide e-mail addresses to be authorized to access the Sun Grid, CNET reports. Payment for the service requires a Sun-approved mechanism—PayPal, for instance—and users of those services must be verified, according to CNET.

“That gives us a level of knowledge about the user,” MacRunnels told CNET. “They have to have a bank account on file with PayPal and a home address. Those make us feel more comfortable.”

For related CSO content, check out How a Bookmaker and a Whiz Kid Took on an Extortionist—and Won.

For related news coverage, read Security Experts Warn of ‘Distributed Reflected DoS’ Attacks.

Keep checking in at our CSO Security Feed page for updated news coverage.