January 10, 2000 Web posted at: 12:12 p.m. EST (1712 GMT) by Brian Fonseca

From...

(IDG) -- Sun Microsystems admits that many of its servers have been victimized by Denial of Service (DoS) attacks during the past few months, but in the same breath says the problem has been fixed. It's just that users aren't taking advantage of the patches that are readily available.

"The solution for the problem has been issued already. This is a problem that's come and gone," said Russell Castronoval, public relations manager for Sun Solaris. "They [the attacks] can happen if a person hasn't kept things up to date."

In some cases, Sun released operating system patches as much as six months ago as a deterrent to DoS attacks, Castronoval said.

Patches are available for Solaris 2.5.1 (Sparc and Intel), Solaris 2.6 (Sparc and Intel), and Solaris 7 (Sparc and Intel), at sunsolve.sun.com.

MORE COMPUTING INTELLIGENCE

IDG.net home page

InfoWorld home page

What Sun needs to do to improve Solaris

Unlocking Solaris

Getting to know the Solaris filesystem

The DoS attacks capable of crippling Sun servers have come in the form of Trojan-horse software attacks implementing stacheldratht -- the German for "barbed wire" -- trin00, the Tribal Flood Network, and TFN 2000, according to alerts by the Computer Emergency Response Team (CERT), the National Infrastructure Protection Center (NPIC), and the SANS Institute.

The trojans are deployed by master computers to assemble and control the infected machines with commands to continuously bombard sites with bogus flood packets, ultimately clogging up the traffic stream and shutting down sites both large and small, including Solaris-run sites.

Researchers from the SANS Institute said the most common paths used to compromise systems to insert trojans have been weaknesses in remote procedure call (RPC) implementation.