Information Security News mailing list archives
Re: Fluffy Bunny No Longer Energized
From: InfoSec News <isn () c4i org>
Date: Thu, 1 Aug 2002 05:35:12 -0500 (CDT)
Forwarded from: Bill Scherr IV <bschnzl () bigfoot com> On 31 Jul 2002 at 2:08, InfoSec News wrote:
Forwarded from: Darren Reed <darrenr () reed wattle id au> In some email I received from InfoSec News, sie wrote:http://www.wired.com/news/technology/0,1282,54040,00.html[...]Using their undetected toehold in Akamai's network, last year some of the group's members contemplated a massive, distributed denial-of-service (DDoS) attack on the Internet's 13 domain-name root servers, according to a source close to Fluffy Bunny.[...] One thing you've got to realise is that in doing this it would also "kill the Internet" for this group of hackers.
Hitting the ROOT domain name servers would only kill name resolution. IP addresses and BGP would still work! Packets would still get from one place to another. Attacks could still be launched based on previously gathered lists. Are we prepared to investigate without the DNS system?
Hacking into web sites maybe fun, as with causing specific web sites problems with their web servers but if your attack makes your play thing next to useless to yourself, well what's the point of that ? It's not like they can just throw it away and get a new one. Unfortunately I doubt this was a concern of those involved... Darren
Proper administration dictates that backups be made and stored in accordance with well thought out and tested procedures. No we can't just replace it, but we can reboot it and we can determine what each machine is doing! The proper response here would be a) trace the attack (a HUGE job, requiring HUGE cooperation), and b) restore from backup.... IF the fuzzy boys have a toehold in akamai, who else has a hold there? Has the vulnerability been addressed? Whether or not the kids were concerned about their "plaything" is irrelavent. What is relavent is are we prepared to saddle and ride this monster we have created!!! IMHO, it is well within our potential!!!
- ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Bill Scherr IV, GSEC, GCIA EWA / Information & Infrastructure Technologies Camp Johnson, Vermont 05446 (802) 338-3213 - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Re: Fluffy Bunny No Longer Energized InfoSec News (Aug 01)