Re: [ISN] Fluffy Bunny No Longer Energized

From: InfoSec News (isnat_private)
Date: Thu Aug 01 2002 - 03:35:12 PDT

  • Next message: InfoSec News: "[ISN] Security UPDATE, July 31, 2002"

    Forwarded from: Bill Scherr IV <bschnzlat_private>
    On 31 Jul 2002 at 2:08, InfoSec News wrote:
    > Forwarded from: Darren Reed <darrenrat_private>
    > In some email I received from InfoSec News, sie wrote:
    > >,1282,54040,00.html
    > [...]
    > > Using their undetected toehold in Akamai's network, last year some of
    > > the group's members contemplated a massive, distributed
    > > denial-of-service (DDoS) attack on the Internet's 13 domain-name root
    > > servers, according to a source close to Fluffy Bunny.
    > [...]
    > One thing you've got to realise is that in doing this it would also
    > "kill the Internet" for this group of hackers.
    Hitting the ROOT domain name servers would only kill name resolution.  
    IP addresses and BGP would still work!  Packets would still get from
    one place to another.  Attacks could still be launched based on
    previously gathered lists.  Are we prepared to investigate without the
    DNS system?
    > Hacking into web sites maybe fun, as with causing specific web sites
    > problems with their web servers but if your attack makes your play
    > thing next to useless to yourself, well what's the point of that ?
    > It's not like they can just throw it away and get a new one.
    > Unfortunately I doubt this was a concern of those involved...
    > Darren
    Proper administration dictates that backups be made and stored in
    accordance with well thought out and tested procedures.  No we can't
    just replace it, but we can reboot it and we can determine what each
    machine is doing!  The proper response here would be a)  trace the
    attack (a HUGE job, requiring HUGE cooperation), and b) restore from
    IF the fuzzy boys have a toehold in akamai, who else has a hold there?  
    Has the vulnerability been addressed?  Whether or not the kids were
    concerned about their "plaything" is irrelavent.  What is relavent is
    are we prepared to saddle and ride this monster we have created!!!  
    IMHO, it is well within our potential!!!
    > -
    > ISN is currently hosted by
    > To unsubscribe email majordomoat_private with 'unsubscribe isn'
    > in the BODY of the mail.
    Bill Scherr IV, GSEC, GCIA
    EWA / Information & Infrastructure Technologies
    Camp Johnson, Vermont 05446
    (802) 338-3213
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Thu Aug 01 2002 - 06:42:57 PDT