Slashdot Mirror

← Back to Stories (view on slashdot.org)

How to Own the Internet In Your Spare Time

Posted by CmdrTaco on from the stuff-to-read dept.

xenofile writes "A chilling paper has recently been posted analyzing the various threats worms pose to the Internet, and the relative ease of exploiting say the 30,000,000 Kazaa hosts to completely cripple large portions of the net." Lots of good stuff in this paper. It sorta combines many things you've probably read, and demonstrates how the net could be seriously taken by someone who wants it.

3 of 204 comments (clear)

  1. Masters of the obvious by wackybrit · · Score: 3, Interesting

    Wow, this paper really breaks new ground. Let's see:

    If you can control a million hosts on the Internet, you can do enormous damage.

    [..] you can access any sensitive information present on any of those million machines [..]

    But for those who are truly thick and can't get the point:

    In short, if you could control a million Internet hosts, the potential damage is truly immense [..]

    It's good to see they're really targeting the 'brains' of the nation with these statements.

    Luckily, things get a little more scientific as we move into the next section, but they actually say they're 'ignoring' certain important variables. Almost any mathetmatical theory works if you 'ignore' certain variables.

    Perhaps papers like these should actually focus on the real reason that DOS attacks are so easy. Crappy code. Since when did Eudora or Pegasus start spreading viruses? It's all Outlook Express.

    But what about system level DOS attacks, you say? Firewalls were invented to solve these problems. Of course, firewalls were only invented because the original net code in Linux/Windows/etc hadn't anticipated DOS attacks, and couldn't fend them off themselves. I mean.. in 1994, who was flooding servers with 64kB ping packets?

    It's time to rewrite the netcode. DOS attacks aren't really any different to memory leaks in programs. They can be controlled and confined and cleaned up, if the code is good. How often do you get a 'Protection Error' in Linux these days? Hardly ever. It's time to apply all of the safeguards we use in regular programming to net code too!

    And if you're scared of reinventing the wheel and writing new net code from scratch, then you have only yourself to blame.

    --
    mogorific carpentry experiments
  2. Re:Wow by SCHecklerX · · Score: 4, Interesting

    You miss the point. If the Internet gets congested with traffic, you will suffer too. Take, for example, the latency spike that occurred last monday around 2:00pm EST as the worm that attacked M$ SQL servers started doing its thing.

  3. On why we aren't more scared. by mindstrm · · Score: 3, Interesting

    Yes, it's possible to cause massive disruption. It has been for a long, long time.

    I recall the FBI stating that it was not some ddos attack that scared them, but hte fact that so many young kids controlled so many computers and DIDN'T do anything with it.

    So we ask ourselves, what if this were in the hands of someone who actively wanted to exploit it?

    Who are we kidding? Most of the kids that control tons of computers for their ddos attacks for taking over irc servers are not geniuses. If someone had a reason to take over many, many cmoputers and use them for financial gain, they would do it. Plain and simple.

    The fact is, owning tons of bandwidth and cycles for a brief amount of time (because that's all you are going to get) is not all that useful long term. How are you going to cash in on it?