Many students across campus were frustrated in their attempts to use the Internet on Wednesday, as Penn computers were attacked by a "Denial of Service" worm. This type of attack occurs when computers flood a server or network with so much information that the network is slowed or disabled completely. The problems, which began at around 4 p.m., were compounded when one of Penn's Internet service providers experienced hardware failures later that evening. It is unclear whether the hardware failure was caused by the attack or merely an unfortunate coincidence. "I'm not positive... but it's possible for the attack to have accelerated the lifespan of a piece of hardware. In a sense, that could kill it," said Acting Associate Director for College House Computing Mike LaMonaca. In response to this shutdown, the service provider replaced some pieces of hardware last night. LaMonaca added that the hardware swap should help keep this from happening again. The attack disabled Internet connectivity in most of the Quad, as well as in many other residence halls. However, at this point there is no way of knowing where the attack came from or who initiated it. "At least one rogue [Dynamic Host Configuration Protocol] server in Woodland was issuing bad [Internet Protocol] addresses to students' computers," which could have contributed to the connectivity problems, LaMonaca said. "ISC Networking traced the rogue DHCP server and shut off the port," he explained. "We are in the process of contacting the students in that room so we can correct their computer and get them back online. But as of now, we believe that network connectivity has been restored." The Internet shutdown, which lasted most of the night, caused some significant problems for students trying to do homework. "It was 'iffy,'" College freshman Lilian Haney said. "I know no one on my hall could download stuff on Blackboard." Wharton freshman James Han was not trying to do work, but the lack of Internet connectivity still disrupted him. "I was just trying to play games," he said, but was unable to connect all night. This attack marks the second time in two weeks that Penn's computer systems have been severely disabled by an online attack. The University's computer security technicians are "working to identify the machines with the most sensitive data or the ones that are running the most important programs," Information Security Officer David Millar said. They are scanning those machines "looking for vulnerabilities... and applying patches" to shore up those problem areas. Other security measures include applying security patches, such as those issued by Microsoft from time to time for Windows, and removing any unneeded services from machines that might be subject to attack. In the long term, ISC Networking is seeking to put a system in place that will quickly identify the source of the attack and the type of information that is flooding the system, so that the attack can be stopped more rapidly, according to Operations Manager Jeff Edwards. Millar noted that almost all security measures against this type of attack are reactive and very difficult to prevent. The best they can do, Millar said, is to "monitor networks and as soon as they begin to see problems of this nature... work to block the attack and minimize the damage." But while technicians are taking steps to prevent future incidents, there is no foolproof way to protect Penn computing. "You can't really stop anyone on the Internet" from doing something like this, Millar said. "It's just sort of a risk of being on the Internet if you want to be on the Internet."
The Daily Pennsylvanian is an independent, student-run newspaper. Please consider making a donation to support the coverage that shapes the University. Your generosity ensures a future of strong journalism at Penn.
Donate
