RE: CRIME Attack on the Internet Core

From: scott ellis (lonestarltd@private)
Date: Wed Oct 23 2002 - 12:13:03 PDT

  • Next message: Andrew Plato: "RE: CRIME Driveby DOS"

    Looks like something that the China Cyber Warefare
    division would do to test there cababilities.
    
    They have been doing these tests every few weeks
    around the world attacking key systems and occationaly
    penetrating key systems.
    
    
    
    
    --- Gunderson_Dane <dane.gunderson@private> wrote:
    > http://www.internettrafficreport.com/7day.htm  fun
    > location that seems to
    > confirm that fact
    > 
    > -----Original Message-----
    > From: Wanja Eric Naef [IWS]
    > [mailto:w.naef@private]
    > Sent: Wednesday, October 23, 2002 9:35 AM
    > To: crime@private
    > Subject: RE: CRIME Attack on the Internet Core
    > 
    > 
    > It is not as bad as it sounds as the attackers did
    > really not achieve
    > anything (apart from creating a media frenzy and
    > making hosts of root
    > servers improve their security).
    > 
    > WEN
    > 
    > From today's Infocon:
    > 
    >    
    >
    _________________________________________________________________
    > 
    >                                 News
    >    
    >
    _________________________________________________________________
    > 
    > (It is very difficult to attack such systems as
    > there are too many
    > redundancies. Such an attack would only have a
    > chance of success if it
    > lasted for a long time as other DNS servers would
    > then be unable to
    > update their lists. What I am interested in is to
    > know what would happen
    > if the US decided to cut off some countries and
    > removed their domains
    > from the root DNS, would there be an impact? Does
    > anyone know? WEN)
    > 
    > '... Still, the results were not severe. According
    > to Matrix NetSystems,
    > the peak of the attack saw the average reachability
    > for the entire DNS
    > network dropped only to 94 percent from its normal
    > levels near 100
    > percent.  ...'
    > 
    > [1] Attack on Net servers fails 
    > 
    > By Robert Lemos 
    > Staff Writer, CNET News.com
    > October 22, 2002, 7:40 PM PT
    > 
    > An attempt to cripple the computers that serve as
    > the address books for
    > the Internet failed Monday. 
    > 
    > The so-called distributed denial-of-service attack
    > leveled a barrage of
    > data at the 13 domain-name service root servers
    > beginning around 1 p.m.
    > PDT Monday and apparently is ongoing, according to
    > Internet performance
    > measurement company Matrix NetSystems. Traffic from
    > several Internet
    > service providers have been slightly delayed, but
    > because the domain
    > name system is spread out and because the 13 root
    > servers are the last
    > resort for address searches, the attack had almost
    > no effect on the
    > Internet itself.
    > 
    > http://news.com.com/2100-1001-963005.html 
    > 
    > Net backbone comes under cyberattack
    >
    http://www.boston.com/dailyglobe2/296/business/Net_backbone_comes_under_
    > cyberattack+.shtml 
    > 
    > Key Internet servers hit by attack
    >
    http://www.cnn.com/2002/TECH/internet/10/23/internet.attack.ap/index.htm
    > l
    > 
    > Hackers' bid to cripple Internet fails 
    >
    http://www.abc.net.au/news/scitech/2002/10/item20021023130601_1.htm
    > 
    > 
    > Root server DoS attack slows net
    > http://www.theregister.co.uk/content/6/27731.html
    > 
    > 
    > 
    >
    ------------------------------------------------------------------------
    > 'Information is the currency of victory on the
    > battlefield.'
    > GEN Gordon Sullivan, CSA (1993)
    >
    ------------------------------------------------------------------------
    > 
    > Wanja Eric Naef
    > Principal Researcher
    > IWS - The Information Warfare Site
    > http://www.iwar.org.uk
    > 
    >
    ------------------------------------------------------------------------
    > Join the IWS Infocon Mailing List @
    > http://www.iwar.org.uk/general/mailinglist.htm
    >
    ------------------------------------------------------------------------
    > 
    > 
    > 
    > -----Original Message-----
    > From: owner-crime@private
    > [mailto:owner-crime@private] On Behalf
    > Of Jere Retzer
    > Sent: 23 October 2002 16:41
    > To: crime@private
    > Subject: CRIME Attack on the Internet Core
    > 
    > Apologies if this from SANS has gone out on the list
    > already. It seems
    > very significant:
    >  
    > --22 October 2002  DDoS Attack Targets The Core of
    > The Internet
    > The thirteen root name servers, effectively the
    > master directory
    > for the Internet, were subjected to a large-scale
    > distributed
    > denial of service attack on Monday evening. 
    > According to Internet
    > Software Consortium Inc. Chairman Paul Vixie, only
    > four withstood the
    > attack. Redundancy designed into the Internet in the
    > system allowed
    > most traffic to get to its intended destination
    > without delay.
    >
    http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html
    > [Editor's Note (Paller): The only way to stop such
    > attacks is to fix
    > the vulnerabilities on the machines that would
    > ultimately get taken
    > over and used to launch the attacks. There's no
    > defense once the
    > machines are under the attacker's control.  If
    > organizations have not
    > established vulnerability identification and
    > remediation program for
    > all their systems - even the "unimportant" ones - it
    > won't be long
    > before their foot dragging will subject them to
    > economic liability
    > and community contempt for their negligence.]
    > 
    > 
    
    
    __________________________________________________
    Do you Yahoo!?
    Y! Web Hosting - Let the expert host your web site
    http://webhosting.yahoo.com/
    



    This archive was generated by hypermail 2b30 : Wed Oct 23 2002 - 12:44:37 PDT