The Internet Software Consortium (ISC) has launched an internet crisis co-ordination centre to help protect the...
system from hackers.
The Operations, Analysis and Research Center (OARC) will be used to study and monitor internet traffic so that technicians will be able to differentiate high-demand traffic spikes from high-intensity attacks on root servers.
So far, members of the OARC include the Internet Society, Cisco Systems, MCI, XO Communications, UltraDNS, TLD operator Afilias and Verio, as well as many of the operators of the global root DNS name servers.
"In our application, it's very difficult to determine what 'normal' internet traffic conditions are. So we're going to have to define 'normal' and go from there," said Paul Vixie, chairman of the ISC, which provides services for the internet's Domain Name System (DNS).
Before the root server attacks in October last year, when all 13 of the internet's root DNS servers were hit by intruders in a massive distributed denial-of-service attack, there was no group set up to protect the DNS system globally.
In the attack, DNS servers - which provide the vital translation services needed for converting a web name into a corresponding numerical IP address - were clogged with useless traffic. .
The OARC is now seeking members to work on the problem by bringing together the resources of the IT community.
It will set up a virtual research centre that will link together top-level domain operators, corporate network data centres, large commercial name servers, DNS technology companies, researchers and government and law enforcement officials to study and monitor web traffic.
By connecting some of their servers and equipment together in a global grid computing system, the group hopes to collect information that can be used to stop future attacks.
"Any entity that depends on DNS on a minute-by-minute basis is a potential member of the group," Vixie said.
ISC hopes to draw together between 100 and 500 members by the beginning of next year, when the group hopes to begin research for its mission. For now, an incident reporting system has been set up on the group's website for members and major network operators to co-ordinate responses to threats and attacks on the DNS.
Todd R Weiss writes for Computerworld