Tech Time Warp: Why the Panix attack was a wake-up call
In this week’s Tech Time Warp, we take a look at how a work emergency is never good news—and when notice of it comes late on a Friday afternoon, it’s even worse. Especially when the news is that your internet service provider is the target of the first known distributed denial-of-service (DDoS) attack.
But that’s what happened to Alexis Rosen, president and co-owner of Public Access Networks Corp., on Sept. 6, 1996. Rosen’s company, popularly known as Panix, was one of the first ISPs in New York City. Rosen was alerted the Panix mail servers were down. This is something that happened periodically, so he returned to his desk and got to work. Unfortunately, it wasn’t a simple fix. Panix was under attack. A hacker was sending Syn packets to Panix servers at the rate of 150 to 210 a second, according to contemporaneous news reports. For the next several weeks, the Panix team had to work day and night to keep the ISP’s servers online—until the DDoS attack stopped.
Defining a DDoS attack
The Panix press release on the incident offered what remains a solid definition for DDoS attack: “Attacks consist of flooding the machines with so much data that they cannot respond to legitimate requests and faking the origin of the hostile data.”
Speculation on the motive for the Panix attacked ranged from a simple desire to try out a DDoS attack. This is a method that had been described just weeks earlier in the hacking journals 2600 and Phrack. It was retaliation for Panix’s recent installation of a junk email blocker (America Online was in court in fall 1996 for installing a similar system). Regardless of motive, Panix was a wake-up call. DDoS attacks were an inexpensive, hard-to-trace cybercrime—and that remains true 27 years later.
Did you enjoy this installation of SmarterMSP’s Tech Time Warp? Check out others here.
Photo: Brenda Rocha – Blossom / Shutterstock