All times are UTC




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Internet Down March 31st?
Post Number:#1  PostPosted: 29 Mar 2012 12:59 
Offline
Moderator
User avatar

Joined: 25 Oct 2008
Last Visit: 08 Oct 2018 19:45
Posts: 804
Location: UK
Gender: Male
Status: Married
Her/His Country: UK
Times_to_FSU: Many times
Internet Down March 31st?

Warning: Not sure how true is this article .... but I am posting it ... just in case! _____________________________________________________________________________________


“The greatest enemy of freedom is a happy slave.”

Posted on 2012/03/28 http://www.blogg.com

To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun,

On March 31, anonymous will shut the Internet down.

________________________________________________________________________________________________

Image


In order to shut the Internet down, one thing is to be done. Down the 13 root DNS servers of the Internet. Those servers are as follow:

Image

By cutting these off the Internet, nobody will be able to perform a domain name look-up, thus, disabling the HTTP Internet, which is, after all, the most widely used function of the Web. Anybody entering “http://www.google.com” or ANY other url, will get an error page, thus, they will think the Internet is down, which is, close enough. Remember, this is a protest, we are not trying to ‘kill’ the Internet, we are only temporarily shutting it down where it hurts the most.

While some ISPs uses DNS caching, most are configured to use a low expire time for the cache, thus not being a valid failover solution in the case the root servers are down. It is mostly used for speed, not redundancy.

We have compiled a Reflective DNS Amplification DDoS tool to be used for this attack. It is based on AntiSec’s DHN, contains a few bugfix, a different dns list/target support and is a bit stripped down for speed.

The principle is simple; a flaw that uses forged UDP packets is to be used to trigger a rush of DNS queries all redirected and reflected to those 13 IPs. The flaw is as follow; since the UDP protocol allows it, we can change the source IP of the sender to our target, thus spoofing the source of the DNS query.

The DNS server will then respond to that query by sending the answer to the spoofed IP. Since the answer is always bigger than the query, the DNS answers will then flood the target ip. It is called an amplified because we can use small packets to generate large traffic. It is called reflective because we will not send the queries to the root name servers, instead, we will use a list of known vulnerable DNS servers which will attack the root servers for us.


So what the techs think about it?

[drink-coffee.gif]


 Profile  
 
 Post subject: Re: Internet Down March 31st?
Post Number:#2  PostPosted: 30 Mar 2012 06:59 
Offline
Expert Member
User avatar

Joined: 28 Jan 2010
Last Visit: 27 Mar 2015 07:10
Posts: 469
Location: Netherlands
Gender: Male
Status: Married 28-07-2010
Her/His Country: Ukraine/Holland
RW_here_since: 04-december-2008
Times_to_FSU: Lost count in 2010
If you cut off the root-servers, you will need to wait days for the cache to expire.

this mens that "existing" domains as google.com, will continue to operate, but if google invents a new project say "markje.google.com" , it will not become available to the general public until the rootservers will be back.

Hackers have proven it is possible to take down a root-server, the largest attack took down 5 of thirteen. However, the amount of network traffic needed was so staggering everyone doubted it could be done with all 13.

This problem is becoming more real as the end-user like myself keeps getting more bandwidth (especially upload). When the 5/13 went down, most of us had DSL/Cable with 1Mbit/5Mbit upload speeds being about the maximum. Nowadays, Most of Netherlands has glass-fibre, with a max-upload of 100Mbit.

Thus, a ZombiePC in my network can upload 20-100x faster than in the days when they took down 5 of the 13 root dns servers.

Note:I don't have a zombie in my network of course, but less knowledgeable users will have theirs.

Markje.

_________________
I AMsterdam


 Profile  
 
 Post subject: Re: Internet Down March 31st?
Post Number:#3  PostPosted: 30 Mar 2012 10:05 
Offline
Admin
User avatar

Joined: 28 Oct 2008
Last Visit: 13 Nov 2018 09:09
Posts: 3621
Location: Surrey UK
Gender: Male
Status: Married
Her/His Country: Russia
RW_here_since: July 2008
Times_to_FSU: Too many to remember
Don't think it's possible!

The link on the original post about the announcement from Anonymous about the attack.... is not working but I found this announcement in many other sites like Tomsguide.com where I read several different comment and the general view is that it's not possible.

Nearly a month ago the whole world media was full of announcements about Anonymous hackers’ group which promised to close the Internet on March 31, this year.

The group posted a statement on Pastebin earlier which says that the group plans to attack 13 DNS servers that ensure URLs such as google.co.uk are translated into the IP addresses that host these websites.

As tomsguide.com writes this may be why LulzSec decided to rise from the ashes early, as by April 1 there probably won't be internet to showcase its new hacking prowess.

Anonymous believes if it can successfully take those root servers down for long enough, "DNS as we currently use it would cease to function, and the web would become at least temporarily inaccessible for most of its users".

Comments by various posters on TomsGuide.

Razor512 03/29/2012 5:19 AM

Wont work, most people do not use the root servers.

The non root servers cache DNS records from the DNS servers so the only harm taking out the root servers will do is stop people from getting the correct IP for a website if they were to change their IP address.

For example, if you are using your ISP's DNS server and anon takes out the root servers. Google.com will still take you to google, but if google for some reason decided to change their IP address during the attack, then you would have trouble accessing it.

The access to the DNS servers are also based on location so the attack will have to be carried out on all 13 servers from 13 different locations that are close to the servers.

Not to mention that each of the 13 roots are massive server farms with a connection with a massive throughput. Their attack will be the equivalent of taking down google 13 times.

Remember the 13 root servers are responsible for updating the DNS records for the entire internet

To take down the 1 servers, you will need to get like half of the Internet attacking those servers.

memadmax 03/29/2012 5:25 AM

Good luck with that....

Just taking out the root servers does nothing.... You would also have to take out the Authoritive servers for each domain...

And on top of that, you would have to keep the attack up for at least 12 hours so that when the authoritive servers flush, which is every 12 hours or so, they would have nothing to refill their list. Depending on setup, servers will just fall back to their original list till the root servers come back online...

In other words, this is just a big waste of time. The DNS system was designed for this sort of thing.

vrocker 03/29/2012 12:57 PM

Have to chuckle everytime i see some 'Anonymous' news, its always empty threats like 'OMG IMA GONNA KILL TEH INTERWEBS!', what have they ever done apart from using script exploits to hack websites?

The root servers will be extremely secure, not your average crappy government set up which runs outdated buggy software. I say good luck to them, all they will end up doing is making another ass of themselves then they will tweet that they never planned to do it.

Also, didn't they setup some redundancies a few years ago just in case the root servers died? I seem to recall them setting something up in case of a war/natural disaster but i may have dreamt it. [lol.gif]

nforce4max 03/29/2012 1:10 PM

All this would do is give the government an excuse to restrict and limit internet access as well police it by usually silencing dissident voices. I and others have been suspecting that Anonymous just isn't a group of hackers on their own but are part of a CIA operation designed to change public opinion and once again for a crack down of general but legal activity on the net.

I highlighted the last comment because that could be very true BUT ..... we will never know anyway! [wink.gif]

_________________
.
Image


 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC


Who is online

Registered users: Bing [Bot]


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
cron
Powered by phpBB