Hacker bombardment keeps site in check

Using the same kind of attack that shut down a New York-based Internet service last week, computer hackers are bombarding at least two online chess sites.

CNET News staff
2 min read
Using the same kind of attack that shut down the New York-based Panix Internet service last week, computer hackers are bombarding at least two online chess sites, CNET learned today.

The hackers began their assault Thursday, using an attack known as a "SYN flood," which is basically a series of connection requests. They stopped over the weekend, but launched it again today, said Daniel Sleator, a computer science professor at Carnegie Mellon University and president of the Internet Chess Club, a subscription-based chess service.

This kind of attack is becoming more commonplace, worrying Internet providers and users alike. Hacker publications even have published "how-to" guides on the technique, which exploits a basic weakness in the Internet's architecture.

"This is not a tough thing to do," one online chess club subscriber said today. "That's part of the problem."

With a SYN flood attack, hackers don't actually get into the system. Instead, they send out a flood of bogus connection requests that clog the system and prevent real users from getting on. To use an analogy, the hackers basically block the front door, Sleator said.

Hackers shut down the Internet Chess Club for 20 hours Thursday and Friday and had shut it down again for six to seven hours today before Sleator temporarily foiled the hack, he said.

Sleator said the service has received "thousands of complaints, continuous complaints. Thousands of people want to use the service and they can't."

Hackers also attacked the Free Internet Chess Server on Friday, Sleator said.

Stopping the attack can be difficult. Sleator had tried the same methods as Panix to stop the attacks, but they didn't work for the chess club. Instead, he temporarily outfoxed the hackers tonight by essentially creating 100 doors for Internet Chess Club members to use instead of two.

Now he has to inform all the users to change the way they get into the club, which is "quite inconvenient."

Why, anyone would attack online chess services is anyone's guess. "I can only speculate," Sleator said. "There are a number of possible reasons." It could be in retaliation for charging a membership fee, he said. "We're one of the first sites on the Internet to charge fees," Sleator said. "We started charging $49 a year back in March 1995 and that created a lot of animosity.

It could be someone who has a vendetta against the site, such as an angry member booted off for using offensive language.