The University experienced a campus-wide Internet outage on Tuesday, Dec. 8 from 10:50 p.m. until 2:34 a.m. Another outage occurred the next day at approximately 11:30 p.m. According to Karen Warren, Director of User and Technical Services, both of the outages were caused by a Denial of Service (DOS) attack, where excess information and false connections flood Internet service. Students using the network available to woodframe houses, however, were not affected by either outage, Warren said.
“Basically, our DNS [Domain Name System] servers were overwhelmed, and couldn’t process requests,” she said. “It’s a very difficult thing to prevent, and certainly not an unusual form, although we haven’t had an attack like this in a couple years.”
When this type of attack occurs, Information Technology Services (ITS) usually consults its service provider, the Connecticut Education Network. Both attacks stopped before this response was necessary.
Warren said it is unlikely that ITS will be able to locate the source of the attack.
“It’s conceivable that the attack was intentional, although it’s just as likely that it was also random or accidental,” she said. “At this point, we have no reason to believe it was intentional.”
The Wesleyan Anonymous Confession Board (ACB) and the student blog Wesleying appeared to be some of the only external websites students could access during the outage. Consequently, some students were able to reach the Internet through student-shared advice on the ACB.
“What they have posted on the ACB was a way to work around the attack, which was legitimate,” Warren said.
Many students were preparing for final projects and exams when the outage occurred. Matthew Schaff ’11, who was online researching for a final paper at the time, was frustrated by the situation.
“I didn’t know what to do with myself and decided that the best thing to do was to go to sleep before three a.m. for the first time in several weeks,” he said.
In response to the inconvenience, ITS is now looking at possible ways to overcome similar attacks more efficiently in the future.
“I do think the timing was horrible, and we felt really bad about that,” Warren said. “Communication definitely could have been better. We are investigating and working with our provider to find ways to, if not prevent, then at least shorten or solve it faster.”
When the second attack occurred on Wednesday, ITS already had a successful backup plan in place which restored service in less than an hour. ITS was able to maintain communication with students through the ITS Help Desk.
With more data available, staff confirmed that the DOS on Wednesday came from outside mail servers sending spam through Wesleyan DNS servers, which suggests that the attack was random.
Consequently, ITS has made changes to the DNS system to prevent further attacks and instituted a higher level of live monitoring during late night hours. In case of future outages, Warren said that students may be able to use internal servers, such as their E-Portfolios or Blackboard, to receive updates during an outage. Students can also call Public Safety or the ITS 24-hour helpline to access information.
“All in all, the time for resolution and communication was much better the second night,” Warren said. “It is rare that we get to implement our ‘what if this happens again’ scenario so quickly, but we were on it and relieved to be able to reduce the impact.”