Domain root servers under heavy attack
This Tuesday will be remembered as a day of really serious hacker attempt. Unknown hackers tried to flood root servers with DDoS (distributed denial-of-service) attack. In the early hours of Tuesday three key servers were hit by this serious attack method. There is no evidence so far of damage, which experts are saying is testament to the robust nature of the internet. The so-called root servers involved in the attack act as a kind of global address book for the internet by translating website name information into IP addresses to enable computers to visit particular sites. The servers involved were each operated by a separate body – the US Defense Department, the net’s oversight body ICANN (Internet Corporation for Assigned Names and Numbers) and UltraDNS, which manages traffic for websites ending in “org” and some other suffixes.
“Last night we were seeing attacks which lasted for a couple of hours. There were probably hundreds of root server operators co-operating around the globe to make sure that the average user wouldn’t notice,” said Paul Levins, executive officer of Icann. The fact that the attack remained invisible to users is being hailed as a success. If a part of the DNS system went down it would mean websites could be unreachable and e-mail undeliverable. Research last year suggested that holes in the net’s addressing system could leave 85% of the net vulnerable to take over if hackers combined simple attacks with denial-of-service attacks.
It was, said Mr Levin, too early to analyse exactly what happened or why; although there is speculation that zombie computers – the machines of innocent users which are recruited by hackers – were involved in the attack. DDoS is by far the most dangerous method of attacking remote machines, especially with botnets counting thousands of compromised machines. I can quite imagine the catastrophe caused by disabling few of these 13 root servers and we should be really happy it didn’t happen – or you really know IP addresses of your favourite websites?
Comments(10)
Heh even some of the most seasoned “techs” floating around here don’t realize that the internet is basically at the mercy of 13 root hint servers. They go down, the web becomes a private network with no dns. Old skewl days peeps, you’d need to know the true IP of a site to hit it.
Doesn’t surprise me this is happening, but it also doesn’t really make much sense. You take out the root hint servers and it’s harder for you as a hacker to connect and attack peoples machines to add them into your botnet.
I’d expect to see this attack coming from somewheres in China as usual. That or it’s simply the US department of defense creating a new threat. They’ve been grasping at straws for years trying to find a reason to control and censor the internet.
Make a few large scale coordinated attacks and blame it on rouge hackers and electronic warfare and you have a reason to start large scale internet regulation.
who have profit from that ???
check out the 13 rootservers here http://root-servers.org/
> Heh even some of the most seasoned “techs” floating around here don’t realize that the internet is basically at the mercy of 13 root hint servers
Yes, 13 IP addresses, but not 13 servers… far more.
It’s actually possible for an IP address to live in 2 countries at once.
not sure if this is related but for the past few days it seems as though Charter or someone posing as Charter has hijacked parts of search engines. when i type in a bad url like lkjldsfkj.com in the address bar, instead of having a connect error i’m redirected to www11.charter.net. first i’m not a charter cable costumer, (i have dsl) second this happens on all of my comps running different OS’s so i’m sure it’s not spyware. i read that Verisign tries the same scam a few years ago and got spanked for it.
I use/used OpenDNS servers, which has builtin phishing prevention and website-spelling-mistype correction, so its awesome.
All you need to do is change your DNS servers to 208.68.222.222 and 208.67.220.220.
Suprisingly, OpenDNS servers are faster than my own ISPs!
(PS: Yes, I do have a local cache of all the websites I visit, so incase the worlds DNS servers are down, I still can keep visiting them
)
these lame ass wannabe haxxorz all have one thing in common: too much time on their hands~! they need to unplug, lose some fucking weight, get some social skillz and then LOSE THEIR VIRGINITY before they turn 40~!!!! LOL! FUcking losers! Only a dork who couldn’t/hasn’t gotten laid yet/ever would have enough time to waste fucking around with the internet trying to fuck it up for all us regular ppl who go to work, have a girl, fuck, have kids, etc…..
[...] Read full article here… These icons link to social bookmarking sites where readers can share and discover new web pages. [...]
back in 2002 they DDos’ed 9 outta 13.. so the botnets from south korea aren’t on par with the chinese ones..
oh well, that’s politics for ya
@atreyu: “trying to fuck it up for all us regular ppl who go to work, have a girl, fuck, have kids, etc…..”
if you lived in the fifties you’d be called a square
(hell, even nowadays you’ll be called a sheep).
Besides, these attacks are mostly political or financial related.