Print 41 comment(s) - last by JBlongz.. on Apr 3 at 7:44 AM

Planned DDOS campaign against DNS is meant to highlight piracy legislation issues

Al Gore may have finally met his match.  While members of Anonymous aren't planning on inventing the internet, they are planning on destroying it -- supposedly.  

The tricky thing about Anonymous is that they're Anonymous, so it's hard to differentiate fact from fictional prank, even if you want to.  But a Pastebin has been posted dubbed "Operation Global Blackout", which claims that the Anons are going to test the limits of their distributed denial of service attacking capabilities at the end of March.

The DDOS campaign is expected to target the world's 13 domain name servers (DNSs), that allow the public to use the internet by translating human legible text-string URLs into machine-readable IP addresses.  If the attack indeed materializes and if the DNS servers are all taken down, the Mayan apocalypse could come early -- the internet could blink offline.

The Pastebin describes:

By cutting these off the Internet, nobody will be able to perform a domain name lookup, thus, disabling the HTTP Internet, which is, after all, the most widely used function of the Web. Anybody entering "" or ANY other url, will get an error page, thus, they will think the Internet is down, which is, close enough. Remember, this is a protest, we are not trying to 'kill' the Internet, we are only temporarily shutting it down where it hurts the most.

In other words "we're not trying to kill the internet, but we're trying to kill it for a little bit," implies Anonymous.

The posting goes into the planned attack in explicit detail.  The tool use will be the Reflective DNS Amplification DDoS tool.  By spoofing the DNS server with small UDP packets which appear to have orginated from the DNS server itself, the attacker tricks the DNS server into sending messages to itself creating a cascade of failures.  The "amplified" part comes from the fact that the sent packets are small, but they trigger a large barrage of data.

DNS Server
Anonymous will reportedly try to shut down DNS servers worldwide at the end of the month.
[Image Source: Renjus Blog]

So what's the point of this planned attack?  According to Anonymous:

To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun, On March 31, anonymous will shut the Internet down.

Again, there's no confirmation this post is real -- it could simply be the work of a clever security researcher trying to scare the DNS servers into beefing up their security.  Also, given that the Anons have explained their reported attack vector, it may be easier to block.

It's a bit hard to believe that they could actually take down the internet.  Past attacks on DNS servers have failed to accomplish the unthinkable -- worldwide internet outage.  And Anonymous's purported past claims -- such as a threat that Facebook would be taken down (a claim later denied by some members), an attack on the NYSE, and a DDOS attack on BART all failed to have the intended level of service disruption.  On the other hand Anonymous did help take down Sony Corp.'s (TYO:6758) digital properties as well as the U.S. Central Intelligence Agency's public homepage.

Thus it's a bit premature to start panicking, but it couldn't hurt to grab a few IP addresses of your favorite sites, just in case things get anywhere close to as crazy as the post promises.

Sources: PasteBin, NeoWin

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

Good thing
By Gondor on 3/28/2012 2:58:46 AM , Rating: 1
I for one think this is actually a good thing to do - to test the resilience of root name servers. Chances are more "cyber-crime" will be taking place in the future so getting some practical experience in handling such attacks could prove very handy.

Magnitude of future attacks by criminals/terrorists and governmental agencies will not be known in advance, much like this particular case, which makes for a more reliable test than any internal audit could ever be.

And there's also the ultimate upside - root DNS server maintainers cannot lose. If servers hold in spite of disruption they have done their job and if they fail the scapegoats are known prior to the fact ... more script kiddies to jail :) Anonymous are st00pid and doing this for all the wrong reasons but their pestering could be far more useful than they could possibly imagine.

RE: Good thing
By ShaolinSoccer on 3/28/2012 7:55:49 AM , Rating: 2
I for one think this is actually a good thing to do - to test the resilience of root name servers.

Don't you think there are lots of people who try this all the time, every year from all over the world? And fail at it?

RE: Good thing
By Gondor on 3/28/2012 2:54:40 PM , Rating: 2
Don't you think there are lots of people who try this all the time, every year from all over the world? And fail at it?

No, I don't think there are any coordinated efforts of this magnitude taking place. This will be a good test and - should the servers fail - a good wake-up call.

The fact that they managed to DoS other servers in the past (which are just as exposed to everyday attempts) makes me believe I am right and you are wrong in implying that I am wrong :)

RE: Good thing
By ShaolinSoccer on 3/30/2012 1:21:23 PM , Rating: 2
Sorry, but I fail to believe that after all this time that the internet has existed, not one group of people attempted to shut down DNS. And not only once, but multiple times. Just because it never hit the mainstream media doesn't mean it never happened...

"I'm an Internet expert too. It's all right to wire the industrial zone only, but there are many problems if other regions of the North are wired." -- North Korean Supreme Commander Kim Jong-il

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki