HOW TO TAKE DOWN THE ENTIRE INTERNET!!!---VIDEO

Weakest link in the chain. However, while this will disrupt the average person from surfing it will NOT shut down the internet completely!

The most important sites (Banking, Shopping, GLP, e-mail, etc.)I use have been added with aliases to my hosts file so I can surf even without a DNS server.

Hack Attack: Is the Whole Internet at Risk?
By Joel Johnson
Illustration by Headcase Design
Published in the June 2007 issue.



Q: I heard recently that some hackers tried to take down the entire Internet. Is that possible?

A: Hack the entire Internet? Hard to say. But yes, it has been tried. You may have experienced a pronounced sluggishness on the Web on Feb. 6 of this year. For several hours that day, a distributed denial of service (DDoS) attack was directed at six of the 13 “root” servers that form the backbone of the Internet. Two of them were severely affected. What? You didn’t notice? Actually, it’s not surprising — few people did. And so, we all got further proof of the robust nature of the Internet’s distributed networking structure.

According to the Internet Corporation for Assigned Names and Numbers, the company that manages much of the structure of the Internet and runs one of the two compromised servers, the attack likely originated in the Asia-Pacific region. The identity of the hackers is still unknown, but they utilized hundreds of hijacked “zombie” PCs to flood the root servers with billions of packets of worthless data with the intention of overwhelming the Internet as a whole.

To understand the attack, you need to know what the root servers actually do. Everything sent over the Internet is divided into packets of data. To get where they’re going, those packets carry domain name addresses, which are checked against directories stored on any number of lower-level servers. If those servers don’t have the address that a packet is looking for, they refer the packet up to a higher-level server. Root servers are the top level in the domain name system (DNS) architecture, listing where on the Internet all the directories for domains — such as .com, .net or .uk — can be found. Most packets never reach one of the 13 root servers, but the system wouldn’t work without them.

When the February DDoS attack hit six of the servers, the administrators who run the servers blocked packets that were obviously part of the attack. In addition, some of the root servers were protected by a load-balancing technol­ogy called Anycast that distributes packet queries among the servers and across multiple machines. (In reality, each of the 13 servers is made up of a number of machines distributed around the world.) This reduced the stress on any one server. These two strategies kept normal traffic on the Web relatively undisturbed. So why the number 13? It’s because the Internet is run by a coven of witches. Just kidding. Early in the history of the Internet, the User Datagram Protocol, the format in which DNS requests are made, was set at 512 bytes — just enough space to hold the 13 root server addresses.

Hack Attack: Is the Whole Internet at Risk?
By Joel Johnson
Illustration by Headcase Design
Published in the June 2007 issue.
Q: I heard recently that some hackers tried to take down the entire Internet. Is that possible?

A: Hack the entire Internet? Hard to say. But yes, it has been tried. You may have experienced a pronounced sluggishness on the Web on Feb. 6 of this year. For several hours that day, a distributed denial of service (DDoS) attack was directed at six of the 13 “root” servers that form the backbone of the Internet. Two of them were severely affected. What? You didn’t notice? Actually, it’s not surprising — few people did. And so, we all got further proof of the robust nature of the Internet’s distributed networking structure.

According to the Internet Corporation for Assigned Names and Numbers, the company that manages much of the structure of the Internet and runs one of the two compromised servers, the attack likely originated in the Asia-Pacific region. The identity of the hackers is still unknown, but they utilized hundreds of hijacked “zombie” PCs to flood the root servers with billions of packets of worthless data with the intention of overwhelming the Internet as a whole.

To understand the attack, you need to know what the root servers actually do. Everything sent over the Internet is divided into packets of data. To get where they’re going, those packets carry domain name addresses, which are checked against directories stored on any number of lower-level servers. If those servers don’t have the address that a packet is looking for, they refer the packet up to a higher-level server. Root servers are the top level in the domain name system (DNS) architecture, listing where on the Internet all the directories for domains — such as .com, .net or .uk — can be found. Most packets never reach one of the 13 root servers, but the system wouldn’t work without them.

When the February DDoS attack hit six of the servers, the administrators who run the servers blocked packets that were obviously part of the attack. In addition, some of the root servers were protected by a load-balancing technol­ogy called Anycast that distributes packet queries among the servers and across multiple machines. (In reality, each of the 13 servers is made up of a number of machines distributed around the world.) This reduced the stress on any one server. These two strategies kept normal traffic on the Web relatively undisturbed. So why the number 13? It’s because the Internet is run by a coven of witches. Just kidding. Early in the history of the Internet, the User Datagram Protocol, the format in which DNS requests are made, was set at 512 bytes — just enough space to hold the 13 root server addresses.

Hack Attack: Is the Whole Internet at Risk?
By Joel Johnson
Illustration by Headcase Design
Published in the June 2007 issue.
Q: I heard recently that some hackers tried to take down the entire Internet. Is that possible?

A: Hack the entire Internet? Hard to say. But yes, it has been tried. You may have experienced a pronounced sluggishness on the Web on Feb. 6 of this year. For several hours that day, a distributed denial of service (DDoS) attack was directed at six of the 13 “root” servers that form the backbone of the Internet. Two of them were severely affected. What? You didn’t notice? Actually, it’s not surprising — few people did. And so, we all got further proof of the robust nature of the Internet’s distributed networking structure.

According to the Internet Corporation for Assigned Names and Numbers, the company that manages much of the structure of the Internet and runs one of the two compromised servers, the attack likely originated in the Asia-Pacific region. The identity of the hackers is still unknown, but they utilized hundreds of hijacked “zombie” PCs to flood the root servers with billions of packets of worthless data with the intention of overwhelming the Internet as a whole.

To understand the attack, you need to know what the root servers actually do. Everything sent over the Internet is divided into packets of data. To get where they’re going, those packets carry domain name addresses, which are checked against directories stored on any number of lower-level servers. If those servers don’t have the address that a packet is looking for, they refer the packet up to a higher-level server. Root servers are the top level in the domain name system (DNS) architecture, listing where on the Internet all the directories for domains — such as .com, .net or .uk — can be found. Most packets never reach one of the 13 root servers, but the system wouldn’t work without them.

When the February DDoS attack hit six of the servers, the administrators who run the servers blocked packets that were obviously part of the attack. In addition, some of the root servers were protected by a load-balancing technol­ogy called Anycast that distributes packet queries among the servers and across multiple machines. (In reality, each of the 13 servers is made up of a number of machines distributed around the world.) This reduced the stress on any one server. These two strategies kept normal traffic on the Web relatively undisturbed. So why the number 13? It’s because the Internet is run by a coven of witches. Just kidding. Early in the history of the Internet, the User Datagram Protocol, the format in which DNS requests are made, was set at 512 bytes — just enough space to hold the 13 root server addresses.

Hack Attack: Is the Whole Internet at Risk?
By Joel Johnson
Illustration by Headcase Design
Published in the June 2007 issue.
Q: I heard recently that some hackers tried to take down the entire Internet. Is that possible?

A: Hack the entire Internet? Hard to say. But yes, it has been tried. You may have experienced a pronounced sluggishness on the Web on Feb. 6 of this year. For several hours that day, a distributed denial of service (DDoS) attack was directed at six of the 13 “root” servers that form the backbone of the Internet. Two of them were severely affected. What? You didn’t notice? Actually, it’s not surprising — few people did. And so, we all got further proof of the robust nature of the Internet’s distributed networking structure.

According to the Internet Corporation for Assigned Names and Numbers, the company that manages much of the structure of the Internet and runs one of the two compromised servers, the attack likely originated in the Asia-Pacific region. The identity of the hackers is still unknown, but they utilized hundreds of hijacked “zombie” PCs to flood the root servers with billions of packets of worthless data with the intention of overwhelming the Internet as a whole.

To understand the attack, you need to know what the root servers actually do. Everything sent over the Internet is divided into packets of data. To get where they’re going, those packets carry domain name addresses, which are checked against directories stored on any number of lower-level servers. If those servers don’t have the address that a packet is looking for, they refer the packet up to a higher-level server. Root servers are the top level in the domain name system (DNS) architecture, listing where on the Internet all the directories for domains — such as .com, .net or .uk — can be found. Most packets never reach one of the 13 root servers, but the system wouldn’t work without them.

When the February DDoS attack hit six of the servers, the administrators who run the servers blocked packets that were obviously part of the attack. In addition, some of the root servers were protected by a load-balancing technol­ogy called Anycast that distributes packet queries among the servers and across multiple machines. (In reality, each of the 13 servers is made up of a number of machines distributed around the world.) This reduced the stress on any one server. These two strategies kept normal traffic on the Web relatively undisturbed. So why the number 13? It’s because the Internet is run by a coven of witches. Just kidding. Early in the history of the Internet, the User Datagram Protocol, the format in which DNS requests are made, was set at 512 bytes — just enough space to hold the 13 root server addresses.

Hackers take down 3 of 13 servers critical to managing internet traffic
Today, hackers successfully attacked 3 of 13 servers critical to managing internet traffic according to CNN. In "Hackers hit key Internet traffic computers" the article states "Hackers briefly overwhelmed at least three of the 13 computers that help manage global computer traffic Tuesday in one of the most significant attacks against the Internet since 2002. Experts said the unusually powerful attacks lasted for hours but passed largely unnoticed by most computer users, a testament to the resiliency of the Internet."

It goes on to state "Experts said the hackers appeared to disguise their origin, but vast amounts of rogue data in the attacks were traced to South Korea."

It is great that the internet didn't go down during the attempt. However, it is still very worrying that 3 of the critical servers went down.

I have blogged repeatedly on DNS attacks and in one blog "Partnering with criminals" said that enterprises must give some thought to partnering with criminals to protect themselves from DNS attacks until the international authorities and the technology catches up. I have also blogged on possible interim strategies for preventing DNS attacks.

What chance does a mid-size enterprise, with a small IT department, have against these types of attacks that can successfully take down 3 of 13 critical internet servers?

Guy
www.authenticationworld.com
[email protected]