Home Users Now Targeted By Metricom’s ‘Ricochet’
Overwhelmed.
That is a layman’s description of a computer at the center of a denial of service attack , the kind of thing that can bring big-name e-commerce sites to their knees.
A recent UCSD study, now available for review on the Web, has been able to gauge a largely unmeasured phenomenon.
During a three-week period, study authors were able to document 12,805 attacks against 5,000 targets worldwide. If anything, say the authors, their statistics are conservative.
Fewer than half the attacks topped 500 data packets per second, but authors counted as many as 600,000 packets per second hitting target sites.
The paper is available online at (www.caida.org/outreach/papers/backscatter).
The study found that:
– Business targets were diverse. Small- and medium-sized businesses were hit along with the biggest names in e-commerce and Web services.
– Attacks can range from minutes to several days. Some 2 percent lasted longer than five hours.
– The majority of attacks monitored were fast enough to overwhelm existing measures to counter such attacks.
– One to 3 percent of attacks studied hit infrastructure components like name servers.
– Computers in people’s homes , even those with dial-up connections , are at risk, too. The authors speculate such denial of service attacks “are frequently used to settle personal vendettas.”
The authors say they gathered evidence of the hacker attacks by detecting a phenomenon known as “backscatter,” which is explained in the paper.
The study was completed with help from the National Science Foundation and the Defense Advanced Research Projects Agency. Study authors are David Moore, senior researcher at the San Diego Supercomputer Center, and Geoffrey Voelker and Stefan Savage, assistant professors at the Jacobs School of Engineering.
Savage is founder of Seattle-based Asta Networks, which will roll out its first product in June. Not surprisingly, it’s a tool to detect and respond to denial of service attacks.
The final version of the study will appear in a paper at the Usenix Security Symposium Aug. 13-17 in Washington, D.C.
Savage is scheduled to talk about denial of service attacks and defense methods June 6 at the Internet Security Conference at the Century Plaza Hotel in Los Angeles.
– – –
Redefining Its Market:
Metricom, Inc. of San Jose, which has wireless telecom infrastructure in San Diego and 14 other U.S. cities, is now marketing its Ricochet wireless Internet service as something for people who stay put.
The company, which previously emphasized service to people on the go (like laptop users), is now emphasizing a $44.95 monthly fee for home users.
It’s also emphasizing instant gratification.
Instead of waiting for the DSL technicians, the company’s marketers tell customers they can be hooked up tonight after a trip to Fry’s Electronics to get a modem.
The good news is the service delivers data at up to 128 kilobits per second.
The bad news is that it’s available only in urban areas (the company Web site shows the territory).
Metricom is trying to get over a rocky period. In February, the company presented shareholders with bad financial news: It issued a statement saying it was short on money after showing a fourth-quarter loss to common stockholders of $114.3 million, compared to $56.3 million in the year-ago period. Metricom’s CEO and board chairman stepped down that same month.
First quarter results, reported in April, showed a corresponding loss of $186.4 million, compared with $32.3 million in the year-ago period.
A company decision to scale back expansion was felt at San Diego-based Wireless Facilities Inc. The local infrastructure builder said in a May 15 Securities and Exchange Commission filing that the “sudden and unexpected loss” of a Metricom contract would affect its own revenues in the first half of this year.
Today as it touts Ricochet’s use in the home, Metricom continues to run ads emphasizing Ricochet as a way to hook up mobile devices.
Send items for this column via e-mail to bgraves@sdbj.com.