Service Restored at 10:40 a.m.: Off-campus connectivity to CU-Boulder web services is restored.
Service Issue Reported at 10:11 a.m.: Off-campus connectivity to CU-Boulder web services such as websites and webmail is currently unavailable due to technical issues. OIT is investigating the situation.
Incident Report Summary
On Sunday, Sept. 23, 2012, OIT received notifications from monitoring systems and clients that some on-campus web pages, VPN access, SSH access and OIT Private Cloud services were unavailable. OIT determined this was due to a denial-of-service attack that originated from a compromised content switch, which at 7:00 a.m. on Sunday, Sept. 23, started sending large numbers of packets to a few targeted sites on the Internet. To address the situation, OIT blocked most of the unwanted traffic, re-booted the border router, and worked with the vendor to apply a patch to the compromised content switch. The patch was later applied to all OIT content switches supplied by the vendor.
OIT continues to work with the vendor manufacturer to install an upgraded software package. In addition, OIT is updating vulnerability management processes to more thoroughly test technical measures used to mitigate vulnerabilities. You may view the full Incident Report (PDF).