WIRE:02/23/2000 20:03:00 ET Microsoft says it foiled hacker assault on Web site

SEATTLE (Reuters) - Microsoft Corp. said Wednesday that hackers had tried to topple its corporate Web site, but the software giant said the assault, the latest in a string of crippling attacks on major Internet operations, had done little damage. The Tuesday morning ambush of http://www.microsoft.com did not crash the Web site as in other cases, but caused a brief slowdown in initial page viewing of about 3 to 7 percent, Microsoft spokesman Adam Sohn said.

That meant some people who clicked on a Web page on the site failed to see it the first time they tried.

"It was very minor, to be honest, so some people saw some slowdowns," Sohn said.

The assault on the Redmond, Wash.-based company followed similar disruptions recently at several large Web operations such as Yahoo! Inc., Amazon.com Inc., eBay Inc. , CNN.com and Buy.com Inc..

Those were "denial of service" strikes, in which hackers set up automatic programs to hijack many other computers that then pounded the Web sites with so many requests for information that legitimate users could not gain access.

Instead, Microsoft suffered what Sohn called a "syn-flood" attack that disrupts communication between a PC and the Web site server so that the server continually sends requests asking for the visiting computer's identification, devouring its processing capacity.

Microsoft immediately reported the trouble to authorities, Sohn said, but declined to elaborate. The perpetrators of the earlier attacks have not been caught despite being the subject of an intense federal investigation.

The Microsoft site was relatively unaffected because it had enormous capacity to deal with legions of visitors who often swarm the network to download the latest software upgrades or test products, Sohn said.

"We have a ton of overhead on this site. We can support terabytes and terabytes of downloads," Sohn said.

Microsoft technicians, in a heightened state of alert after the other recent assaults, had quickly pinpointed which Internet addresses the attacks were coming from and shut off their access to the company's Web site, Sohn said.

Sohn said Microsoft's new flagship product, the Windows 2000 operating system that it launched last week to run corporate networks, acted as a sturdy barrier against the unwanted attention.

"The guys running the network swear to me that a year ago we would have been in big trouble, but with Windows 2000, nobody could knock our servers over," Sohn said. "Between the robustness of the OS (operating system) and the security features built in, it really helped withstand the attack."

http://abcnews.go.com/wire/World/reuters20000223_4365.html

-- Martin Thompson (mthom1927@aol.com), February 23, 2000