Go to Post I almost forgot the biggest advantage of all! Three times as many people get to hear me and Karthik sing at 2 am! - Derek Bessette [more]
Home
Go Back   Chief Delphi > Other > Chit-Chat
CD-Media   CD-Spy  
portal register members calendar search Today's Posts Mark Forums Read FAQ rules

 
Reply
Thread Tools Rate Thread Display Modes
  #1   Spotlight this post!  
Unread 23-04-2003, 14:38
MattK's Avatar
MattK MattK is offline
Tap it.
no team
 
Join Date: Jul 2002
Location: Manchester
Posts: 1,084
MattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to beholdMattK is a splendid one to behold
Send a message via AIM to MattK
Question Crashing the Internet

I have been hearing all these things about "Cyber attacks" and all this technology warfare... and I was really wondering. Would it be possible to crash the Internet. Bring it to the point where its almost impossible to send data.

Now I am NOT asking for anyone to give a detailed explanation of how it would be done (that would be against the DMCA, and well just dangerous) but how do you think it would happen? Maybe something like the Code Red Worm?
__________________
The views expressed in my posts are Mine and mine only.

my myspace!
Reply With Quote
  #2   Spotlight this post!  
Unread 23-04-2003, 15:01
Brandon Martus's Avatar Unsung FIRST Hero
Brandon Martus Brandon Martus is offline
busy.
AKA: B. Slash Kamen
no team
 
Join Date: May 2001
Rookie Year: 1998
Location: Nevada, TX USA
Posts: 5,271
Brandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond reputeBrandon Martus has a reputation beyond repute
Send a message via ICQ to Brandon Martus Send a message via AIM to Brandon Martus Send a message via Yahoo to Brandon Martus
You can buy alot of dangerous stuff here:[link]
__________________
Brandon Martus
e-mail
Reply With Quote
  #3   Spotlight this post!  
Unread 23-04-2003, 16:35
Wetzel's Avatar
Wetzel Wetzel is offline
DC Robotics
FRC #2914 (Tiger Pride)
Team Role: Mentor
 
Join Date: Sep 2001
Rookie Year: 1999
Location: DC
Posts: 3,522
Wetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond reputeWetzel has a reputation beyond repute
Send a message via AIM to Wetzel
Quote:
Originally posted by Brandon Martus
You can buy alot of dangerous stuff here:[link]


It's nice to bash, but MS isn't the problem so much as clueless (l)users. Random thing on internet wants my email? Sure I'll share it.
I don't need a virus checker, I just use email, not the internet.

sigh

That said, physical attacks on the backbone....
/me exhibits shifty eyes


Wetzel
~~~~~~~~~~
I don't live anywhere near McLean...
Reply With Quote
  #4   Spotlight this post!  
Unread 23-04-2003, 19:25
evulish's Avatar
evulish evulish is offline
1010100
AKA: Grant Harding
#0084 (WATTNESS (bot: Chuck))
Team Role: Alumni
 
Join Date: Jul 2002
Location: Towanda/Wysox, PA
Posts: 1,434
evulish is just really niceevulish is just really niceevulish is just really niceevulish is just really nice
Send a message via AIM to evulish
It's really pretty much impossible to 'shut down' the internet. You can disable parts of it but not the whole thing (due to the way it's designed...). Well, you _can_ take down the entire thing, but you have to get to every computer...and that's pretty much impossible.

To do as much damage as possible, take down the largest bandwidth providers (which is not simple...since the normal way to take them down is to flood their servers...some of the largest BW providers transfer multiple tb/s Also the main DNS servers (which, I guess, won't really affect it too much since most ISP's run their own cached DNS servers that update).

Simply, there is no way to really take down the entire thing. Yes, it's insanely simple to take down sites. Anyone who wants to be jailbait and has access to a *nix machine can pretty much flood any site they wanted.
__________________
I'm a professional web developer. I'm good with PHP, Perl, Java/JSP, some RoR, XML, Javascript (AJAX as well), (x)HTML, CSS, etc.. Validated code is good; fully cross-browser code is better (you comply to your users and the software they use, not the other way around. Sorry!)
Reply With Quote
  #5   Spotlight this post!  
Unread 23-04-2003, 20:42
srawls's Avatar
srawls srawls is offline
Registered User
#0122 (Nasa Knights)
 
Join Date: Dec 2001
Location: Yorktown
Posts: 507
srawls is an unknown quantity at this point
Send a message via AIM to srawls
http://ask.slashdot.org/article.pl?s...52&mode=thread
http://slashdot.org/article.pl?sid=0...05&mode=thread
http://ask.slashdot.org/article.pl?s...52&mode=thread
http://slashdot.org/article.pl?sid=0...04&mode=thread
http://computer.howstuffworks.com/in...astructure.htm

Some of those are outdated, but you can at least skim through them and learn a little.

Also, I seem to recall some discussion on the physical security at various root DNS servers, and what would happen if terrorist, say, attacked them (by bombs and such, nothing as fancy as an internet virus, or a DDOS attack). Basically, the WHOLE internet may not go down, but a large portion would, or there would be a significant slowdown, and only a limited number of people would have access.

Stephen
Reply With Quote
  #6   Spotlight this post!  
Unread 24-04-2003, 01:36
AlbertW's Avatar
AlbertW AlbertW is offline
harker robotics :. 1072
AKA: Aonic
#1072 (Harker Robotics)
Team Role: College Student
 
Join Date: Oct 2002
Rookie Year: 2003
Location: San Jose, CA
Posts: 323
AlbertW is on a distinguished road
Send a message via AIM to AlbertW
Think of the internet like a metropolitan sprawl, and data pathways like roads. If you hit a single intersection (a router,) you do some damage. if you hit a house (a user node,) you do little to no damage to the entire thing. If you program all the houses to start spewing cars onto the road (NIMDA) then you clog it up.

if you had the major backbone companies go bankrupt, the internet would become fragmented into regions, with traffic betrween regions traveling very slowly throught normal lines.

it's like if you disabled the entire x80 highway system (and 85 and 101) in the bay area. You could GET somewhere, just not very fast.
__________________

We were the first seeded first-year team at a first-year FIRST regional.
Reply With Quote
  #7   Spotlight this post!  
Unread 24-04-2003, 15:47
Kevin A Kevin A is offline
In Hibernation
#0481 (DART)
Team Role: Mechanical
 
Join Date: Jan 2003
Rookie Year: 2000
Location: Richmond, CA
Posts: 244
Kevin A will become famous soon enough
Send a message via AIM to Kevin A
nimda is admin backwards

(another freshman stating the obvious)

yesterday i found 10 diverent viruses on my friends comp, ranging from codeworm to trojans.
Reply With Quote
  #8   Spotlight this post!  
Unread 24-04-2003, 15:56
Joe Matt's Avatar
Joe Matt Joe Matt is offline
Wake Up Get Up Get Out There
no team
 
Join Date: Dec 2001
Rookie Year: 2001
Location: CAK
Posts: 5,067
Joe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond reputeJoe Matt has a reputation beyond repute
In a nutshell:

Can the internet be impared? Yes.
Can the internet go down? Possably.
Will it crash forever? No
__________________
Reply With Quote
  #9   Spotlight this post!  
Unread 24-04-2003, 16:26
DanL DanL is offline
Crusty Mentor
FRC #0097
Team Role: Mentor
 
Join Date: Jan 2002
Rookie Year: 2001
Location: Somerville, MA
Posts: 682
DanL is just really niceDanL is just really niceDanL is just really niceDanL is just really niceDanL is just really nice
Send a message via AIM to DanL
A few weeks ago there was this one attack that tried to launch a DDOS against (I think it was) four of the (I think it is) seven (13 maybe?) root DNS servers. If I recal right, that did slow traffic considerably and put a lot of stress on the remaining root DNS servers, but it wasn't anything that they could handle.

About the physical security of those servers, I thought the actual locations of those are kept secret. I don't know... my memory's a bit foggy on this.

There's also talk of redesigning TCP/IP in general to make it more efficient and less prone to attacks - TCP/IP was designed back when the internet first took off. At that time, the most you would send was a little bit of information through your 5600 modem. Now with broadband, TCP/IP as it is isn't optimized for the large amount of data being sent. Internet2 - the academia-and-military-only successor to the current internet - is supposed to be about that.
__________________
Dan L
Team 97 Mentor
Software Engineer, Vecna Technologies
Reply With Quote
  #10   Spotlight this post!  
Unread 24-04-2003, 21:00
evulish's Avatar
evulish evulish is offline
1010100
AKA: Grant Harding
#0084 (WATTNESS (bot: Chuck))
Team Role: Alumni
 
Join Date: Jul 2002
Location: Towanda/Wysox, PA
Posts: 1,434
evulish is just really niceevulish is just really niceevulish is just really niceevulish is just really nice
Send a message via AIM to evulish
You could stop the internet from expanding for a little while. Buy out all the remaining IP addresses. There are only 4 trillion possibilities. Many are already taken...and some are reserved for other uses. Well, even if you had the money and the means...it would just push forward IPv6...so go for it

By just taking out a small chunk of the internet for a few seconds can cost thousands of dollars. It's kind of scary that anybody could really harness that power. To make a brick and mortar store lose money, you either need to rob it or shut it down. With ecommerce, you only need a simple little program. Anybody that knows how to run simple unix commands could take down the biggest website. I sure could. Am I stupid enough to? No.

DDoS floods are a pain. They're hard to trace (since they make use of insecure machines), they're hard to stop, and they can cost businesses lots of money. I remember a few months ago DALnet (a large IRC network) was being taken down by a bunch of kiddies. The network owners announced a massive price spike in their fees due to all the traffic the DOS'ers were sending through.

It's sad that there are people like this. It's sad that those people can have such a power. I imagine that the internet will severly get cut off some day. 'Hacking' (and I use that term very loosely...since it should rather be called 'cracking') has become way too simple. People don't bother to secure their machines or even bother to check the traffic going through them. It's also a bit of the software developers fault. To point out some popular ones...Microsoft knew about many of the security holes that worms and viruses use to work their way into machines. It was only patched _after_ the virus was released. Then there were still machines that didn't even apply the patch! It's a vicious circle. (I know that I still get some Codered hits on my website...so it is still going around.)

The _BIGGEST_ reason sites like Amazon and Yahoo can get taken down is due to the ignorance of some folks! Yes, it _is_ the fault of the person who initiates the DDoS, but if there were no machines to distribute the DoS attack to, there would be no problem. People have misconfigured Cisco routers running on high-bandwidth connections and they're getting badly abused.

Simple descriptions of DoS:

You ping one computer, they send back a response.
You ping a misconfigured computer, they send back multiple responses.
You ping a misconfigured computer with IP spoofing, they send back multiple responses to the spoofed IP. Therefore, somebody is getting packets they didn't ask for.
Send hundreds and thousands of those...so that it overwhelms the spoofed IP with packets, they go offline. That is a DoS.
__________________
I'm a professional web developer. I'm good with PHP, Perl, Java/JSP, some RoR, XML, Javascript (AJAX as well), (x)HTML, CSS, etc.. Validated code is good; fully cross-browser code is better (you comply to your users and the software they use, not the other way around. Sorry!)
Reply With Quote
  #11   Spotlight this post!  
Unread 24-04-2003, 21:56
Gobiner Gobiner is offline
Registered User
#0753 (High Desert Droids)
 
Join Date: Nov 2002
Location: Bend, Oregon
Posts: 54
Gobiner is an unknown quantity at this point
Send a message via ICQ to Gobiner Send a message via AIM to Gobiner
The SQL Slammer worm essentially crashed the internet, and that was exploiting a bug that had already been fixed. Imagine if a hacker finds a similar exploit that has not yet been identified and uses it to create a similar worm. You could very easily crash the internet, and not just for a few hours, but for a few days (until Microsoft discovers the exploit and creates a patch and everyone patches their system). It's not too likely, I'll admit, but it could still happen.
Barring that, a sustained DDoS of the root DNS servers could cause some problems, but due to the decentralized nature of the system, ISPs could just stop attempting to look up domain names from the root servers and only websites that change their IPs would be unavailable. At least, I think that's how the system works. Don't quote me.
As for a redesign of TCP/IP, don't count on it anytime soon. The Reg covered something about it here.
Reply With Quote
  #12   Spotlight this post!  
Unread 24-04-2003, 22:01
rbayer's Avatar Unsung FIRST Hero
rbayer rbayer is offline
Blood, Sweat, and Code
no team (Teamless Orphan)
 
Join Date: Mar 2002
Rookie Year: 2001
Location: Minnetonka, MN
Posts: 1,087
rbayer is a glorious beacon of lightrbayer is a glorious beacon of lightrbayer is a glorious beacon of lightrbayer is a glorious beacon of lightrbayer is a glorious beacon of light
Send a message via AIM to rbayer
Quote:
Originally posted by srawls

Also, I seem to recall some discussion on the physical security at various root DNS servers, and what would happen if terrorist, say, attacked them (by bombs and such, nothing as fancy as an internet virus, or a DDOS attack). Basically, the WHOLE internet may not go down, but a large portion would, or there would be a significant slowdown, and only a limited number of people would have access.

Stephen
Probably not. In fact, as little as 12% of DNS queries actually make it all the way to the root servers, since any decent ISP will run their own.

Also, the internet has SO much redundancy that you would literally have to take down EVERY major backbone to cripple it. For example, you are required to have two DNS servers registered to a domain, even though one is plenty for most simple websites. Likewise, routers use routing protocols (OSPF, BGP, etc), to find multiple paths to any destination on the internet. Depending on which routing protocol is used, the router can switch over in as little as a few seconds. Add in things like HSRP (proprietary to Cisco, but still VERY cool), and you can get switchover times that are virtually zero.

Basically, the entire internet is designed with redundancy, backups, and backups to the redundancy. Short of siumultaneously destroying ATT, MCI, Sprint, Bell, etc, I really can't imagine any way of knocking out the whole thing.
__________________
New C-based RoboEmu2 (code simulator) available at: http://www.robbayer.com/software.php
Reply With Quote
  #13   Spotlight this post!  
Unread 24-04-2003, 22:02
Dj Danni Boy's Avatar
Dj Danni Boy Dj Danni Boy is offline
Registered User
#0481 (de anza robotics team)
 
Join Date: Jan 2003
Location: richmond/elsobrante
Posts: 3
Dj Danni Boy is an unknown quantity at this point
trojans

i hate to tell you but its impossible to shut down the net. there are networks that are not connected to the "internet". plus if there was a worm that was destroying computers left and right. it would simply be quarentined. companiess would simply connect to other networks directly. not through the internet.

by the way kevin A. the computer works fine due to your wonderfull craftsmanship.
post a pic of your egg launcher.
Reply With Quote
  #14   Spotlight this post!  
Unread 24-04-2003, 22:37
Ian W. Ian W. is offline
College? What?
no team (Gompei and the Herd)
Team Role: College Student
 
Join Date: Jan 2002
Rookie Year: 2002
Location: Worcester, MA | Smithtown, NY
Posts: 1,464
Ian W. is a name known to allIan W. is a name known to allIan W. is a name known to allIan W. is a name known to allIan W. is a name known to allIan W. is a name known to all
Send a message via AIM to Ian W.
i'm pretty sure there was a fear that the internet could be taken down. internet2 isn't there just for higher speeds i think.

it's vital that colleges and labs remain open to each other, if any research is to get done. they can't be on a potentially faulty system, so they made their own, based on the original. that means, as far as i can see, the internet is capable of being taken down. how easy that is, well, i can't say. i can say that it must be doable though, otherwise i doubt there would be an "internet2".
__________________
AIM --> Woloi
Email --> ian@woloschin.com
Reply With Quote
  #15   Spotlight this post!  
Unread 24-04-2003, 23:35
evulish's Avatar
evulish evulish is offline
1010100
AKA: Grant Harding
#0084 (WATTNESS (bot: Chuck))
Team Role: Alumni
 
Join Date: Jul 2002
Location: Towanda/Wysox, PA
Posts: 1,434
evulish is just really niceevulish is just really niceevulish is just really niceevulish is just really nice
Send a message via AIM to evulish
Re: trojans

Quote:
Originally posted by Dj Danni Boy
i hate to tell you but its impossible to shut down the net. there are networks that are not connected to the "internet". plus if there was a worm that was destroying computers left and right. it would simply be quarentined. companiess would simply connect to other networks directly. not through the internet.
But if those networks aren't part of the internet...then uhh...it's not part of the internet (but rather an intranet). It most certainly is possible to take down the internet. It's not _easy_, but it is possible. Some psycho guy could run around with a sledge hammer and bash in all of Worldcom's routers. Then do the same for AT&T and such. You'd see a bit of a slowdown (and one tired man wielding a sledge-hammer!)

Also, just because a worm is found out about doesn't mean that everybody is going to go out and patch it the instant it's found out about. Look at Codered, Codered2, and Nimda. They did a whole bunch of damage even after the patch was publically announced.

Oh yes, and redundancy is beginning to be a thing of the past for the internet. Many ISP's are beginning to get uptight about their money. For people paying $10/mo. for connectivity, what's the difference between 80% uptime and 99% uptime? For the ISP, it's quite a bit of money. Redundancy is expensive. In the big internet picture, there is enough redundancy for intercontinental stuff...but local ISP's and things like that are getting skimpy
__________________
I'm a professional web developer. I'm good with PHP, Perl, Java/JSP, some RoR, XML, Javascript (AJAX as well), (x)HTML, CSS, etc.. Validated code is good; fully cross-browser code is better (you comply to your users and the software they use, not the other way around. Sorry!)

Last edited by evulish : 24-04-2003 at 23:38.
Reply With Quote
Reply


Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
WinXP Internet Connection Firewall Yan Wang Chit-Chat 1 09-09-2003 18:48
watching maryland competiton on the internet angier314 Regional Competitions 6 13-03-2003 11:47
wireless internet at competitions? Jeremy_Mc General Forum 0 14-01-2003 14:37
CHICAGO & The Internet archiver 2001 4 24-06-2002 02:43
kick-off 2000 via internet archiver 2000 0 23-06-2002 22:08


All times are GMT -5. The time now is 19:01.

The Chief Delphi Forums are sponsored by Innovation First International, Inc.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
Copyright © Chief Delphi