A design flaw in a router product has seen the University of Wisconsin’s network bombarded with network time protocol synchronisation requests, in an accidental denial of service (DoS) attack. The university’s administrators noticed a dramatic increase in in-bound traffic to its time server, and eventually traced the cause to a Netgear router product. A full analysis was posted on the university’s Web site. The router was hard-coded to synchronise its clock to the university’s time server, meaning that every unit sold and deployed began bombarding the machine with requests as often as once a second. “I have counted more than 500,000 unique Netgear sources that queried our time server in one day. This measurement likely underestimates the actual count,” the analysis read. “As of June 30, 2003, Netgear reported a total of 707,147 affected products manufactured.” Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.