backtop

Internet Hackers Launch Attack on DNS Servers
Marcus Yam (Blog) - February 7, 2007 8:21 AM
Print 33 comment(s) - last by Justin Case.. on Feb 15 at 11:42 PM
Large scale attack went largely unnoticed thanks to Internet strength

Hackers launched an attack Tuesday on at least three of the 13 root systems dedicated to DNS, or domain name system, that help to resolve alphanumeric domain names to their specific IP addresses.

“There was what appears to be some form of attack during the night hours here in California and into the morning,” said John Crain, chief technical officer for ICANN.

The attacks lasted for as long as 12 hours, causing several DNS servers to slow to a crawl from the bombardment. But thanks to the resiliency built into the Internet’s design, most users continued on about their business unaffected during the attack.

“It is an unusual large amount of traffic that is hitting DNS servers. We see large attacks on a regular basis, but this hit quite a few servers, so it was fairly large,” said Crain. “It was extraordinary in the fact that it happened to multiple systems at once, but this is not affecting Internet users.”

“The main thing is that there was very little impact on the general public, the servers were able to hold up against the attacks,” said Zully Ramzan, a researcher at Symantec Security Response, in a CNET story. “The Internet in general was designed to even withstand a nuclear attack.”

Reports from the AP say that experts have traced a significant amount of the rogue data to South Korea, which could be where the attacks originated. Representatives from ICANN and Symantec still believe that much investigation needs to be done before determining the true cause of the attacks.

“I don't think anybody has the full picture,” Crain said. “We're looking at the data.”

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
<no subject>
By Scabies on 2/7/07, Rating: 0
RE: <no subject>
By Alphafox78 on 2/7/2007 9:52:30 AM , Rating: 2
If you knew anything about the history of the Internet, you would know that it was in fact designed to withstand a nuke. the defense dept (DARPA?) designed it to do just that as it was origionally intended to be used by the militarty.


RE: <no subject>
By glynor on 2/7/2007 9:55:13 AM , Rating: 3
This is a common "Internet origin" myth about Arpanet (the Advanced Research Projects Agency's precursor to the Internet). The myth goes that Arpanet was originally designed as a command and control system that was designed to withstand a nuclear war. This isn't true, despite being often repeated. Arpanet (and later the Internet) was designed to withstand losses of switches and routers on the network, but this was because the switches and routers were unreliable on there own (no Nukes required).

The commonly quoted myth is described a bit here: http://en.wikipedia.org/wiki/ARPANET#The_ARPANET_a...


RE: <no subject>
By michal1980 on 2/7/07, Rating: -1
RE: <no subject>
By gdillon on 2/7/2007 11:06:55 AM , Rating: 4
Oh, that's right, there's not a single piece of factual information on Wikipedia.

...

Right.

~g


RE: <no subject>
By SunAngel on 2/7/07, Rating: -1
RE: <no subject>
By cochy on 2/7/2007 11:39:33 AM , Rating: 5
Universities normally do not allow citation from encyclopedias. Wikipedia or Britannica. These sources reference other sources for their information, so professors do not want people cutting steps. If you use the references cited inside the Wikipedia articles there won't be a problem.


RE: <no subject>
By Oregonian2 on 2/7/2007 5:53:59 PM , Rating: 2
An encyclopedia that allows you to edit the information yourself would make for interesting class projects if it were an allowed reference: "but Wikipedia said that Portugal was a country between the U.S. and Canada! See look.....


RE: <no subject>
By dever on 2/8/2007 12:40:58 PM , Rating: 2
According to a recent article published in the journal Nature, the authors found an equivelent rate of errors between Wikipedia and Encyclopaedia Britannica:

http://blog.sciam.com/index.php?title=wiki_this&mo...


RE: <no subject>
By Justin Case on 2/7/2007 4:38:47 PM , Rating: 3
If your university lets you quote any encyclopedia as a source, it's probably not a very good university.


RE: <no subject>
By cochy on 2/7/2007 11:54:04 AM , Rating: 3
Now that's a stupid comment. Wikipedia is a great source of a wealth of information. The Web is a better place now for it. A lot of people spend a lot of time keeping it up to spec.


RE: <no subject>
By rushfan2006 on 2/7/2007 2:03:59 PM , Rating: 2
Wiki its good for "recreational research". The value of Wiki in this is tremendous and I think it is a wonderful resource that I'm glad we have available to us.

As a cynical person to begin with, however -- it is VERY hard for me to rely on Wiki alone for any kind of serious decision making on something, any kind of serious work-related research, etc.

Why? Because its too easy for anyone to change the content. Why? Because what is my assurance that it was written by credible people.
Why? Because even if an article would say "by Joe Sixpack, Phd"....how do I know it was really written by "Joe Sixpack, phd"?


At least with a book you know the author is kind of "locked in" -- meaning not just ANYONE can change what the author writes. Also at least you know there is a publishing company involved, with editors and (hopefully) people who fact check before printing. Also, since all the credits are listed right on the book and you know no one can just "come up and edit" the information -- you know right where to go if you have quesitons on accuracy or whatever.

Wiki...its great to get you thinking and that is the true value of Wiki....but I'd suggest once it gets your attention on an issue to follow up with research from other sources.



RE: <no subject>
By Ringold on 2/7/2007 2:28:07 PM , Rating: 2
On top of that, while all things are vulernable to bias, Wiki is moreso due to its extremely 'open source' nature. All it takes is a majority to feel one way and miss simple, even unintentional, forms of bias or slight disinformation.

I don't even feel comfortable using wiki's linked sources for college research; I've seen sources linked to that clearly nobody checked for credibility, and some of the english and poor formatting that can be found hurts its overall credibility as well. 'Recreational research' sums it up pretty excellently.


RE: <no subject>
By glynor on 2/7/2007 12:17:48 PM , Rating: 3
While you may not have faith in Wikipedia, it was simply quoting and referencing a well known paper from the Internet Society (ISOC), titled "A Brief History of the Internet", which is available here: http://www.isoc.org/internet/history/brief.shtml

I initially cited Wikipedia only because it was easier to point there and point directly to the applicable quotes, rather than pointing to an entire multi-page document.


RE: <no subject>
By Hare on 2/7/2007 12:30:45 PM , Rating: 3
quote:
while I belive you, Wikkipedia is not a source of any factual information.

Study: Wikipedia as accurate as Britannica
http://news.com.com/2100-1038_3-5997332.html

Wikipedia has many articles that have a political bias or are simply inaccurate but still Wikipedia is extremely useful and often as good as a real encyclopedia.

Just because you can't reference it in a scientific paper doesn't mean that it's useless for the general public.


RE: <no subject>
By Ringold on 2/7/2007 3:33:59 PM , Rating: 2
Wikipedia is not as accurate as Britannica, but nice try -- even your own article very clearly shows nearly 32% more errors in an average Wikipedia article (from their limited sample group) than in its comparable Britannica article. That's a rather large difference. The article doesn't discuss in any great detail what sort of errors there are, how they are distributed or anything else about them, potentially making the true comparison even worse.

Nice try, though. I was almost too lazy to click and read your link. Hooray for avoiding intellectual laziness. Boo for extremely misleading statements.


RE: <no subject>
By Justin Case on 2/7/2007 4:56:04 PM , Rating: 2
Well, if Britannica is infallible, then 32% higher than zero is still zero, eh?

The actual number of "mistakes" was 2.92 per article for Britannica and 3.86 per article for Wikipedia. So what you are calling "a rather large difference" actually means 0.94 mistakes per article. I guess that's why you wrote "32%" (a number that doesn't appear anywhere in the article), instead of giving the real values.

Horray for intellectual honesty... not.

Considering that Wikipedia's articles are, on average, 40% bigger than Britannica's, a "32% increase" in the total number of errors actually means less errors for the same volume of material.

Anyway, that Nature study has been shown to be full of problems. A lot of the "mistakes" they found (both in Wikipedia and Britannica) were in fact not mistakes at all. It was Nature's team of "experts" that was wrong. So the actual number of factual mistakes is lower for both. As to the number of "ommissions", god knows what that is supposed to mean. In subjects that I'm an expert on, I can find hundreds of ommissions in any encyclopedia.

But all this is meaningless; encyclopedias aren't sources of information, they are references. No respectable university will let you quote an encyclopedia. You use the encyclopedia to find the research papers, and then you quote the papers.


RE: <no subject>
By Ringold on 2/7/2007 5:04:34 PM , Rating: 3
They said "a third" in the article, but I prefer numbers, so did the division myself. If you'd read it, you'd of seen the word, but instead I assume you just skimmed for numbers. Nice try, though.

Wiki's length might not mean quality, either. I was checking out the article for Vancouver I think it was a few weeks ago and, lo and behold, a whole section informing me of the best places to acquire pot while I'm in town. That's really classy, isn't it?

But Britannica isn't infallible, so we agree there. And we agree encyclopedia's arent sources.


RE: <no subject>
By Ringold on 2/7/2007 5:09:53 PM , Rating: 2
http://wikitravel.org/en/Vancouver#Cannabis

Just in case you thought I was making that up. Three paragraphs that imho ought to be excluded just so people can mistakenly think that Wiki actually has some class instead of making it that more obvious that it's the 'lowest common denominator' of encyclopedia's.


RE: <no subject>
By Xenoid on 2/8/2007 3:46:01 AM , Rating: 2
You can't seem to win the battle so you change it to focus on the "class" of Wiki. Tsk tsk. Wiki has a lot more information than Brit. will ever have.


RE: <no subject>
By Hare on 2/8/2007 11:41:32 AM , Rating: 2
That was wikitravel, not wikipedia. It's not as "formal" as wikipedia.

Feel free to check out vancouver at wikipedia. It's currently mostly blank (messed up)...

That's one example of what can happen when anyone can edit content. Yesterday I checked out the page for chocolate brownies. The last sentence seemed to suggest that chocolate brownies often contain sh*t.

Wikipedia is far from perfect but mostly offers good information. Wiki facts should be just taken with a grain of salt.


RE: <no subject>
By Justin Case on 2/15/2007 11:42:36 PM , Rating: 2
So now you quote Wikitravel as an argument against Wikipedia? Maybe you need to compare that with the "Rough Guide" instead of Britannica, then.

Geez, they don't even make proper trolls these days.



RE: <no subject>
By rushfan2006 on 2/7/07, Rating: 0
Hackers huh
By cochy on 2/7/2007 11:43:07 AM , Rating: 2
Sounds like a regular old DoS attack on multiple servers at once. Hardly anything got hacked. Now if these "hackers" could have managed to corrupt the DNS servers to effectively point ebay.com to some porn site I would be impressed. Alas these people were probably kids with way too much time on their hands. Maybe they got tired of playing Guild Wars or something.




RE: Hackers huh
By Griswold on 2/7/2007 12:01:58 PM , Rating: 2
So, how do you think did they do that? Click-spam on a browser reload button? Or was it a botnet? To obtain, maintain and control the latter, it takes a bit more than what Joe Average can do with his computer, depending on the quality of the botnet. The term "hacker" may be overused, but this was most likely beyond the powers of some script kiddies. It was a powerful attack that didnt yield much, thanks to lessons learned from the past.. it could also have been a test for something even bigger.

I still think these fellers are a bunch of idiots, though.



RE: Hackers huh
By cochy on 2/7/2007 1:02:31 PM , Rating: 2
There's are many ways to accomplish a DoS. I haven't the slightest idea how they did so in this case so I won't comment further on it. DoS isn't impressive because it accomplishes nothing constructive from a hacking view point and there's really no exploitation of a particular flaw of a system. Anyway these were Koreans not Joe Average. They always pwn me in GW :P


RE: Hackers huh
By NullSubroutine on 2/7/2007 12:47:32 PM , Rating: 4
quote:
site I would be impressed. Alas these people were probably kids with way too much time on their hands.


You forget that all this is practice for when teh aliens invade and tottally waxzors out our cities with their biggo moutherships. Then we pony them with by use of leet haxzors and virus. Without the leet haxzors we would be dead because our initial plan to fly a stolen shipzor into their uber mouthership was foiled after aliens downloaded Independence Day off BitTorrent.


RE: Hackers huh
By Spivonious on 2/7/2007 1:47:31 PM , Rating: 3
Jeff K?


A simpler explanation...
By Raidin on 2/7/2007 1:20:30 PM , Rating: 2
If you think about it logically, just imagine the diameter of a nuclear detonation as a floating flat 2D circle, and then move it anywhere in the world that you want, put it down on the surface. All of the destroyed systems within this circle that are part of the net will not shut it down.

There are so many redundancies in the Internet's infrastructure that you just can't knock it out with one shot in any one spot even if it were the diameter of a nuclear warhead.




RE: A simpler explanation...
By akosixiv on 2/7/2007 1:59:36 PM , Rating: 2
exactly...

hit some of the dns root servers and the infrastructure will just point us in another root server that is working.

The DNS infrastructure is made so that there is redundancy, to be able to take the load in case one or more nameservers go offline.


By rcc on 2/7/2007 12:39:54 PM , Rating: 3
I'm not talking about keeping people out of their favorite MMORPG. But what do you charge some one with if they interupt a video feed for a life and death surgery?

They think they are cute and important, messing with people's entertainment. But given the use of the internet for communications, banking, etc. they are messing with lives and livelihoods.

It's a bit like cutting someone's brake lines as a practical joke.







correction
By maevinj on 2/7/2007 9:52:38 AM , Rating: 2
quote:
Large scale attack when largely unnoticed thanks to Internet strength


when= went




RE: correction
By SunAngel on 2/7/07, Rating: -1
"This week I got an iPhone. This weekend I got four chargers so I can keep it charged everywhere I go and a land line so I can actually make phone calls." -- Facebook CEO Mark Zuckerberg









botimage
Copyright 2012 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki