At approximately 1:40 PM today, we experienced a network outage. As is customary, our network staff began diagnosing the problem and made an initial call to our internet connection provider, the Connecticut Education Network (CEN). The CEN Helpdesk informed us that they were not aware of any network issues.
Diagnosing the problem was extremely difficult because our network devices where so overwhelmed with incoming network traffic that our network staff were unable to get access to them. They restarted the devices, only to see them immediately become overwhelmed and unresponsive again. This pointed to a Denial of Service (DOS) attack on our network.
At approximately 2:30 PM, we logged another problem call with CEN, who acknowledged that there may be a network issue specific to our network. Soon thereafter, their engineers determined that one of our servers was being targeted for Denial of Service attack by external hosts. We immediately disconnected that host from the network, though this really does not help stop this type of attack. The attackers were still sending the network traffic targeted at this host, and our internet connection continued to be saturated with network packets that died ONLY after they came into our network.
The prescription for deflecting the attack calls for certain steps (which, for security reasons, we do not wish to elaborate on here) that were followed collaboratively by our staff and CEN staff.
Due to the complex nature of internet traffic routing, it took until 4:45 PM or so to completely deflect the attack.
During this time, several internal services were available and certain others were interrupted a few times. Internet connectivity both from and to Wesleyan was practically nonexistent during this period. Woodframe houses, whose connections to the internet go through Comcast, were not affected aside from being unable to access Wesleyan services during the outage.
We apologize for the inconvenience caused by this outage. We plan to investigate this incident further, work to understand the cause of the problem, and correct it to prevent future attacks like this.