Slashdot Mirror
Internet Backbone DDOS "Largest Ever"
wontonenigma writes "It seems that yesterday the root servers of the internet were attacked in a massive Distributed DoS manner. I mean jeeze, only 4 or 5 out of 13 survived according to the WashPost. Check out the orignal Washington Post Article here."
I mean jeeze, only 4 or 5 out of 13 survived according to the WashPost.
I'd say this just goes to show how reliable the root name servers are. I didn't notice any dns problems yesterday. In fact, I don't remember any root name server problems since the infamous alternic takeover.
A nuclear war isn't an attack on the networks themselves. This, however, is an attack on the networks.
A subterranean bunker is designed to withstand nuclear wars, but what do you think would happen if the nuke was inside the bunker?
-kidlinux.
I thought the purpose of the NIPC was supposed to be in place to prevent these sort of attacks. Not only were they unable to prevent this attack they were unaware of it as well.
The US FBI at its best...
Why on earth are "about 10" of the root servers in a single country?
Well we can laugh about it now (What DOS? my instinct when I read about this was to flip the unsuccessful hax0rs the bird) but my concern is that this could be a test run for something more unpleasant.
Maybe to cause a false sense of security, maybe to analyse how those crucial networks cope with DOS attacks so as to be more successful next time.
Whether these people were Bin Laden's boys or garden variety hax0rs don't get too comfortable. The worst is yet to come.
-- INTX Grouch. http://www.midnightblue.net
The heart of the Internet sustained its largest and most sophisticated attack ever
I've never considered DDOS all that sophisticated myself. It's seems to me that "wow a script kiddie got more systems under his control than usual" more than "a great cracker is on the loose". Though I suppose if it were a great cracker then they could have been proving themselves by predicting the attack.
Despite the scale of the attack, which lasted about an hour, Internet users worldwide were largely unaffected, experts said.
Indeed, no traffic slowdown, no more than usual support calls. The system works as expected, even under attack.
Worth a read: Caida DNS analysis, and more specifically those graphs. It would be interesting to know which DNS sustained the attack, in regard to the graphs.
have you been defaced today?
Maybe they were attacking root servers but those server failing couldn't cause all the DNS records to get lost. Some people might have had temporary problems, some might have not.
If you really want to, build your own root server
So how often do YOU utilize the internet without using DNS? Not often, I bet.
"Can of worms? The can is open... the worms are everywhere."
The point is it didn't take anything down... nope not even close. The Washington Post could have well said "Grandma Smith sends 10 icmp packets to cable modem" and it would have been just as "damaging".
kashani
- Why is the ninja... so deadly?
How do you plan on enforcing this, sir?
Seriously. How do you plan on enforcing this? Not only is it a huge expenditure of resources to track down the number of computers used in the attacks, to track down their IP addies, to obtain the needed court orders to obtain their ISP's logs, the resources to parse those logs to find out who was logged on, and *then* go about prosecuting the offenders, what would it accomplish?
If Code Red taught us anything, it's that the dumb won't change a thing about the way they work, regardless of how much the internet community ridicules them. It's also completely nuts to punish the ISPs for this... where does it stop? I'm pretty sure that some AOL clients were responsible (and while I wouldn't complain about no AOL'ers for a while, I bet they would). How about people who buy their access directly from UUNet? Gonna block out UUNet for a month?
Even if you could implement that punishment of the ISPs, it wouldn't accomplish much. It wouldn't hurt me at all if I was blocked from direct access to the TLD servers, because inside my network I'm running a mirror. My ISP is running a mirror. I know of a dozen open DNS servers on the internet. I'm betting I could find at least one that wouldn't block me.
Seriously, though. It's great to say we should punish these people for not securing their systems, but you have to understand just how many computers would be needed for this attack. The TLD servers aren't running on 64k ISDN: they're on OC48 at least. There's 13 of them. The kind of bandwidth needed to adequately DoS them is obscene. You either do it the dumb way and use 50 computers running on the fastest connection available, or you use *hundreds* of computers, possibly thousands or tens of thousands.
Looks great on paper, but realistically there's not much point in ranting like this. Besides... if it wasn't for the article, I'm betting that most of the world wouldn't have noticed.
If you believe everything you read, you'd better not read. - Japanese proverb
I only noticed it because I use my own DNS server to resolve requests; and pay close attention whenever I see any problems resolving host names (there is the possibility of it being a bug with my software).
The person who orchastrated this attack is not very familiar with DNS. Attacking the root name servers is not very effective; all the root servers do is refer people to the .com, .org, or other TLD (top-level-domain) name servers. Most DNS servers remember the list of the name servers for a given TLD for a period of two days, and do not need to contact the root servers to resolve those names. While some lesser-used country codes may have had slower resolution times, an attack on the root servers which only lasts an hour can not even be felt by the average end user.
In the case of MaraDNS, if a DOS (denial of service) is happening against the root servers, MaraDNS will be able to resolve names (albeit more slowly for lesser-used TLDs) until every single root server is sucessfully DOS'd.
- Sam
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
Genocide?
McCarthyism?
No race is being systematically killed that I can see.
McCarthy, though a power mad drunk and witless individual did point out the broadening influence of Communism and help to root out some very corrupt individuals. Wouldn't call him a hero. But his name has taken on a connotation that moves away from reality.
Al Qaeda is not a random group. If people, especially Americans are paranoid right now, it might have something to do with Muslims killing innocent civilians for their religious salvation.
Couple that with a sniper on the loose around the Nation's capital, and yeah, a DDOS attack on the backbone of the worldwide information structure the U.S. built, I'm thinking Terrorism is a fairly good guess.
Why? Are you from France?
The opposite of progress is congress
..memorising the slashdot servers IP address in case of total DNS meltdown? Seriously, if the DNS system was totally destroyed, would you be able to think of any IP addresses by memory to get you in contact with other net people?
That's too general of a statement. Its like saying "Our roadways would function just fine, even if all the cars were gone." - they're intimately bound together. The "whole" of the internet does NOT function fine when DNS goes away. Im pretty sure about 95% of the worlds email and web browsing not being able to work does not constitute "the internet working fine". To your standards, as long as 2 people with registered legitamate IPs' computers are still up and connected in some closet somewhere "the internet is working fine". And again, "well no...".
I'm Rick James with mod points biatch!
This would indicate why many of you may not have noticed any slowdowns in response time.
Idiot.
Where do you think the machines for the DDOS attack came from.
So, yes, for most of the WWW, DNS is just as important, or maybe even more important, than IP.
<grub> Reading
iirc, for ip addresses in email, foo@123.123.123.123 is not a valid email address, it should be foo@[123.123.123.123]
Did you mount a military-grade, variable-focus MASER on an unlicensed artificial intelligence?
It's not actualy like "Our roadways would function just fine, even if all the cars were gone." It's more like saying the roadway would still work if maps and signs were gone. Just because about 95% of people can't find their way around doesn't mean their is something wrong with the roadways. You'll just have to learn where to go... the hard way, or aska friend.
>I dont notice medical doctors getting bored with their patients and for a joke amputating a leg instead of an ingrowing toenail because the patient was too stupid to cut their nails correctly and wear the right footware.
But you do notice that if you constantly harm yourself after being told something is bad for you that you end up in a psychiatric ward.
Let's put it this way: If you owned a car and didn't put oil in it, blew up the engine, and were told you need to put oil in the next car, but didn't and blew that one up too, the entire world would laugh at you. Especially the mechanic. And if it were a company mechanic, and not Midas mufflers, so he isn't getting paid by the job, don't expect the car to get fixed anytime soon. In fact, expect your boss to call you an idiot.
For some reason, in the world of computers, it doesn't work like this. If you consistently break your computer in the same way in an office, the boss isn't likely to call you a moron, and you're still going to get it fixed as fast as the first time. Maybe calling that person an idiot is what needs to happen to get these users to respect their computers. Whatever is happening now sure isn't working.
If you could be told what you can see or read, then it follows that you could be told what to say or think - BoC
Mabey I'm just being paranoid, but to me this seems like it's a probing attack. Now that the attack is done, they know exactly what they need to do to kill the servers:
Go a little bigger and have it last 12+ hours.
Now that would start some serious problems.