Computer Researchers Warn of Net Attacks

cy

Flashaholic
Joined
Dec 20, 2003
Messages
8,186
Location
USA
Computer Researchers Warn of Net Attacks

wonder if this is what slamming cpf?

"A new variety of unusually powerful Internet attacks can overwhelm popular Web sites and disrupt e-mails by exploiting the computers that help manage global Internet traffic, according to security researchers.

First detected late last year, the new attacks direct such massive amounts of spurious data against victim computers that even flagship technology companies could not cope. In one of the early cases examined, the unknown assailant apparently seized control of an Internet name server in South Africa and deliberately corrupted its contents."

http://news.yahoo.com/s/ap/20060316/ap_on_hi_te/internet_attack
 

CLHC

Flashaholic
Joined
Dec 25, 2004
Messages
6,001
Location
PNW|WA|USA
I heard of this on the news this morning. They described it as the "Katrina" of Internet attacks.
 

gadget_lover

Flashaholic
Joined
Oct 7, 2003
Messages
7,148
Location
Near Silicon Valley (too near)
These types of attacks will continue until the ISPs change their policies and block spoofed packets at their source. The attack relies on being able to get a server (like a DNS server) to respond with a lot of data to a request that looks like it's coming from your victim.

The ISP's know what address ranges are correct for each branch of their routers. It takes a 1 line configuration entry to block spoofed addresses. It's one of the few cases where I would consider a new law to be a good idea. Simply, block all spoofed packets at the point of network entry.

Simple idea, almost no cost. No negative impact on the customers.

Daniel
 

Donovan

Enlightened
Joined
Jan 6, 2005
Messages
420
Location
North Metro Atlanta, Georgia
http://isc.sans.org/

If you really want to know the current health of the internet...

status.gif
 
Last edited:

shaman

Newly Enlightened
Joined
Jun 12, 2005
Messages
160
Location
Under God.
Just one of the many stones in the shoe of DNS. DNS was, in its original form, never created with security in mind (for that matter neither was SMTP, TFTP, and countless other services/daemons). Zone transfers, Recursion, and the soon to be mandatory accurate DNS records... you gotta love em. The road of security in a constant never-ending one. A journey where there will never be a city called "security" no matter how many signs you pass or see that say otherwise.

Sincerely,

Shaman
 

gadget_lover

Flashaholic
Joined
Oct 7, 2003
Messages
7,148
Location
Near Silicon Valley (too near)
Mandatory accurate DNS records.... There's a concept for you. I can't even fathom how that would work in a world where people have grow used to split DNS, overloaded cnames and other oddities. Is it OK to have a FQDN with no A record? I can give at least one instance where it was valid.

Any connectionless protocol is subject to reflected DOS attacks if the originating address can be spoofed.

Hmmmm. Now I have to catch up with whichever body is going to insist on "accurate" records. Dang!

Daniel
 

shaman

Newly Enlightened
Joined
Jun 12, 2005
Messages
160
Location
Under God.
http://yro.slashdot.org/article.pl?sid=04/02/05/1930246

People just don't realize that correct/accurate DNS information on a whois is just as dangerous (in a social engineering sense and recon sense) as ...

Giving your corporate email out to everyone
Posting your corporate email in mailing lists, bulletin boards, or classified ads.
Not sanitizing/stripping certain email attachments

etc...

Yeah sure it, the honest will stay honest... just as the dishonest will stay dishonest and sinister will stay sinister. People still view security as a micro topic, rather than the macro library that it is. Accurate records is a waste, unless your trying to give the bad guys more info to use. I just hope they don't pass the CRAZY law requiring all companies to produce vul/pen test results in their financials... I got that link somewhere... oh well still absurd.

Sincerely,

Shaman
 
Top