Re: A code red that could bring down the net?

[Ian Stoba <ian () BabcockBrown com>]

I think if you're looking for a "killer app" in that sense of the term, 
DDOSing the root name servers is not going to be the way to do it.

Predicting failure in any complex system begins with an analysis looking 
for single points of failure. These could be physical (turning off the 
power to MAE West would take down a pretty good chunk of the internet) 
or logical.

In the logical category I think the most obvious ones would be if 
someone found an effective remote kill for BIND or a flaw in BGP4, 
particularly Cisco's implementation.

I've had a hunch for some time that a vulnerability in BGP4 was behind 
the L0pht's claim to Congress that they could take down the internet in 
half an hour.

FWIW, I'm rather fond of the internet and this is in no way meant to be 
any kind of encouragement for anyone to try to attack it.

--Ian

On Tuesday, July 24, 2001, at 03:25 AM, Felix Harris wrote:

> As I've said previously, DDos wouldn't  work particularly well,
> because there's a lot of hosts to hit, and the root nameservers are
> fairly well maintained. The next suggestion would be just a typical
> memory leaky-thingy (I love technical terms) or something along
> those lines to kill the named. This is also fairly difficult as the
> primary nameservers run different nameds (as far as I know), and
> so would require multiple applications to be flawed.