dslreports logo
 story category
Hackers Attack Internet Core
'Briefly overwhelmed' several root servers
"Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002," notes the Associated Press. The motive for this morning's attack was unclear, according to the report. The F, I, M, L (ICANN), and G (US Department of Defense) servers were the primary targets using botnet traffic that originated in South Korea. The AP is calling the attack "one of the most significant attacks against the Internet since 2002," though the impact was negligible. Also see: Infoworld.
view:
topics flat nest 

AnonDOG
@kaballero.com

1 recommendation

AnonDOG

Anon

The motive for the attack on the root servers was unclear

quote:
...
though the impact was negligible.
...

Yawn. ICANN and DOD and the motive was unclear? LOL.

aw well. It will become more clear with time and experience.

SunnyFL8
Premium Member
join:2001-02-08

1 edit

SunnyFL8

Premium Member

Re: The motive for the attack on the root servers was unclear

Bots have been a real threat for many company's something should be done to stop it at the source.

They need a way to trace the DOS attack and temporarily cease the attack blocking ports or IP ranges what ever is necessary in real time not after the fact.

FFH5
Premium Member
join:2002-03-03
Tavistock NJ

FFH5 to AnonDOG

Premium Member

to AnonDOG
said by AnonDOG :
quote:
...
though the impact was negligible.
...

Yawn. ICANN and DOD and the motive was unclear? LOL.

aw well. It will become more clear with time and experience.


Yes, an anti-US motive can be suspected because of the attacks main victims. Even if there is no proof yet.

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: The motive for the attack on the root servers was unclear

Suspected - maybe because one of the sites was DoD run.
Since it was traced back to South Korea, it doesn't necessarily mean that it's an anti-US attack, however, as the US (and the G-8 countries in general) are _very_ Internet dependent, then it would have some credibility. '.org' isn't the huge commercial suffix to hit.. '.com' is.

LiberalKing
Intocable
Premium Member
join:2005-09-12
Bronx, NY

LiberalKing

Premium Member

SINCE 2002?

what happen in 2002?

fegul
Premium Member
join:2004-08-23
united state

2 recommendations

fegul

Premium Member

Re: SINCE 2002?

Google went down for maintenance
vasta
join:2003-04-07
Orlando, FL

vasta to LiberalKing

Member

to LiberalKing
»archives.cnn.com/2002/TE ··· dex.html

i think thats what happened
samanaki
join:2001-12-21
Beverly Hills, CA

samanaki to LiberalKing

Member

to LiberalKing
Backbone DDoS
Dateline: 10/22/2002

At 1:45pm for about one hour an extremely large distributed denial-of-server (DDoS) attack took place. The target of the attack were the 13 DNS root servers, which are responsible forhelping to resolving domain names to their respective IP's. Even though 9 of the 13 servers were disabled in the attack, the remaining were able to support the additional load without any widespead problems. Prior to this attack, the largest outage for the root registry was 7 machines in July of 1997, due to a technical problem.

this is according to www.internettrafficreport.com

Anonymous88
Premium Member
join:2004-06-01
IA

Anonymous88

Premium Member

Lame

3 out of 13?

I hope they do better next time.


Nerdtalker
Working Hard, Or Hardly Working?
MVM
join:2003-02-18
San Jose, CA

Nerdtalker

MVM

Re: Lame

said by Anonymous88:

3 out of 13?

I hope they do better next time.
Rather, I hope there isn't a next time.

Thank God for resolution caches, otherwise this could be pretty interesting. Nice to see some resiliency in the system for once, since normal usage wasn't disrupted at all by this. This is clearly a "show-off" type attack, since it didn't practically accomplish anything.

Anonymous88
Premium Member
join:2004-06-01
IA

Anonymous88

Premium Member

Re: Lame

That was a joke.

Nerdtalker
Working Hard, Or Hardly Working?
MVM
join:2003-02-18
San Jose, CA

Nerdtalker

MVM

Re: Lame

said by Anonymous88:

That was a joke.
I know I just wanted to comment.

MysticGogeta
The Robot Devil
Premium Member
join:2005-03-14
Katy, TX

MysticGogeta to Anonymous88

Premium Member

to Anonymous88
Yeah what a fail

Wowser
@cox.net

Wowser

Anon

This just kills me!

Experts said the unusually powerful attacks lasted as long as 12 hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet.
... or the skill of the programmer! I noticed this when, around 4 pm EST, our connection was severed, followed by a voicemail message transferred to me by a coworker that XO blocked our IP due to a DoS attack that may be originating from our domain. Examination of the router/fw logs shows nothing aloof! Now I have to pick through every fricking PC on the network and prove to myself that all security systems are working correctly. I can't wait to hear the explanation in the A.M.

DeathNowSCUM
@comcast.net

DeathNowSCUM

Anon

Death to all hackers

One can only hope there is a judgment day and the scum get what is coming to them.
theeinstein
Premium Member
join:2003-07-31
Fernandina Beach, FL

theeinstein

Premium Member

At the Door

I would hope ICANN and DOD have a mechanism in which they can cut connectivity from outside the US to maintain service. As this would provide the most immediate solution to sustain the Internet until the issue can be resolved.

AmarilloSATs
Premium Member
join:2006-04-14
Freehold, NJ

AmarilloSATs

Premium Member

OPENDNS Works Great...And It's FREE

»www.opendns.com

I have comcast HSI at home and their DNS resolution has been awful for over 2 months now....I switched to OPENDNS last week, I'm flying now.

NJxxxJon
2 0 1 7 Mmm Here We go man!
Premium Member
join:2005-10-22

NJxxxJon

Premium Member

Vista Icon.

NO WONDER things are f'ed up. Its Vista Icon Forshadowing.............

en102
Canadian, eh?
join:2001-01-26
Valencia, CA

en102

Member

Re: Vista Icon.

or the 3 root servers were running Vista

elvishkp
@rr.com

elvishkp

Anon

How much dis-information can one thread give?

IMHO
-- First, name resolution would affect more than the US, so a "plug" that DOD could pull would not keep the internet from going down. Granted, you could make sure that ONLY US servers and US based workstations could talk to each other, but it doesn't seem very "World" Wide Webish.
-- For the guy who is having to check every machine... for what are you checking? At your firewall/routers can't you tell what traffic you are sending? Also that will give you what IP the source traffic is coming from. If you take your ISP's word for the fact you are infected, and visit every machine you are wasting your time. Use a drill down approach.
-- Lastly, although they were able to briefly overwhelm 3 of 13 DNS servers (not very impressive really)I can't for the life of me see how this more of an attack than SPAM which continues to waste precious resources, flood e-mail server and in general continues to reduce the usability of e-mail. However, now the US President and crew can continue to beat the terrorism drum to violate more civil rights. See those terrorists over there -- THEY CAN BRING DOWN THE INTERNET. We need to install camera's in every home, load Big Brother software on every PC, then we can protect you from those big bad Computer Terrorists out there who were able to bring down 3 DNS servers for a few mili-seconds. WOW. Now I've added to this bull....
bogey7806
join:2004-03-19
Here

bogey7806

Member

crack some heads

When are we going to start treating attacks on vital internet components and systems seriously.

If a rogue state fired off missiles at a US communication satellite we certainly wouldn't be just investigating.

I say it's time to get wetworks something to do. These attackers have real lives. You don't even have to take them out. Just cut off their hands and gouge out their eyes and their ability to attack the internet falls drastically.

Steve
I know your IP address

join:2001-03-10
Tustin, CA

1 recommendation

Steve

Re: crack some heads

said by bogey7806:

When are we going to start treating attacks on vital internet components and systems seriously?
As soon as it's actually serious.

Nobody really thinks there are actually only 13 root servers, right?

Steve

Wily_One
Premium Member
join:2002-11-24
San Jose, CA

Wily_One

Premium Member

Re: crack some heads

said by Steve:

Nobody really thinks there are actually only 13 root servers, right?
Nope. Thanks to IP Anycast, (at least) 6 of the 13 are multiple-site, multiple-server endpoints located all over the world.

...and that's just what they publicly admit to.
nanoflower
join:2002-07-14
30876

nanoflower to bogey7806

Member

to bogey7806
Heck with most of these people if you just had some security force show up (like the FBI in the USA) and start asking question it would scare them enough to stop the attacks.

ElvishKP
@positivenetworks.net

ElvishKP to bogey7806

Anon

to bogey7806
Are you serious? By your use of the word crack I assume that is the drug you are taking. Some 13 year old kid could write a DoS script with text and linux and do much the same thing. So we need to "gouge out their eyes" good grief. And what exactly stops happening if the internet goes down, which to my knowledge has never happened, and theoretically is impossible. The internet isn't one entity, it's millions, if not billions of inter-connected systems. So what exactly are these terrible people going to break -- porn surfing for a few hours? It hardly seems earth shattering.

LaZ3R
Premium Member
join:2003-01-17

LaZ3R

Premium Member

You're telling me if these 13 servers were ever destroyed...

We'd ALL BE SCREWED AND EARTH WOULD BE OVER AS WE KNOW IT? AHHHHHHHHHHHHH, GODDZILAAA!!!!!!!

Kakalaky
Premium Member
join:2003-04-04
Chattanooga, TN

Kakalaky

Premium Member

It's all Vista's fault

maybe cnet was right about vista. lol
»news.com.com/Will+Vista+ ··· 338.html
Techman21
join:2005-04-14
Richmond, VA

Techman21

Member

About "unplugging" from the world

I do not think that "unplugging" from the rest of the world would be much of a practical way of temp. resolving the issue. Mainly due to the amount of overseas trade our country does. If we were to sever connections to the other parts of the world companies would lose a ton of money and that would eventually trickle down to the consumer if this was a constant occurrence. Imagine trying to buy from a company a website, but the website is based in some other part of the world and all of a sudden you get a "Forbidden" or "Page cannot be displayed" error message. The effects this would have nationwide would be tremendous. Especially on those who man the support lines at various ISPs (both small & large).

rahlquist
Redeye
join:2001-10-30
Villa Rica, GA

rahlquist

Member

Hmm makes you wonder

Who says this was a real attack? Maybe it was just a test.

who is that
Hat Trickery
Premium Member
join:2002-09-29
Brooklyn, NY

who is that

Premium Member

self destruction!

if hackers broke the net.. they'd get bored pretty quickly after.