Crashing the Internet

I have been hearing all these things about “Cyber attacks” and all this technology warfare… and I was really wondering. Would it be possible to crash the Internet. Bring it to the point where its almost impossible to send data.

Now I am NOT asking for anyone to give a detailed explanation of how it would be done (that would be against the DMCA, and well just dangerous) but how do you think it would happen? Maybe something like the Code Red Worm?

You can buy alot of dangerous stuff here:link]

*Originally posted by Brandon Martus *
**You can buy alot of dangerous stuff here:link] **

:smiley:

It’s nice to bash, but MS isn’t the problem so much as clueless (l)users. Random thing on internet wants my email? Sure I’ll share it.
I don’t need a virus checker, I just use email, not the internet.

sigh

That said, physical attacks on the backbone…
/me exhibits shifty eyes

Wetzel

I don't live anywhere near McLean...

It’s really pretty much impossible to ‘shut down’ the internet. You can disable parts of it but not the whole thing (due to the way it’s designed…). Well, you can take down the entire thing, but you have to get to every computer…and that’s pretty much impossible.

To do as much damage as possible, take down the largest bandwidth providers (which is not simple…since the normal way to take them down is to flood their servers…some of the largest BW providers transfer multiple tb/s :slight_smile: Also the main DNS servers (which, I guess, won’t really affect it too much since most ISP’s run their own cached DNS servers that update).

Simply, there is no way to really take down the entire thing. Yes, it’s insanely simple to take down sites. Anyone who wants to be jailbait and has access to a *nix machine can pretty much flood any site they wanted.





Some of those are outdated, but you can at least skim through them and learn a little.

Also, I seem to recall some discussion on the physical security at various root DNS servers, and what would happen if terrorist, say, attacked them (by bombs and such, nothing as fancy as an internet virus, or a DDOS attack). Basically, the WHOLE internet may not go down, but a large portion would, or there would be a significant slowdown, and only a limited number of people would have access.

Stephen

Think of the internet like a metropolitan sprawl, and data pathways like roads. If you hit a single intersection (a router,) you do some damage. if you hit a house (a user node,) you do little to no damage to the entire thing. If you program all the houses to start spewing cars onto the road (NIMDA) then you clog it up.

if you had the major backbone companies go bankrupt, the internet would become fragmented into regions, with traffic betrween regions traveling very slowly throught normal lines.

it’s like if you disabled the entire x80 highway system (and 85 and 101) in the bay area. You could GET somewhere, just not very fast.

nimda is admin backwards

(another freshman stating the obvious)

yesterday i found 10 diverent viruses on my friends comp, ranging from codeworm to trojans.

In a nutshell:

Can the internet be impared? Yes.
Can the internet go down? Possably.
Will it crash forever? No

A few weeks ago there was this one attack that tried to launch a DDOS against (I think it was) four of the (I think it is) seven (13 maybe?) root DNS servers. If I recal right, that did slow traffic considerably and put a lot of stress on the remaining root DNS servers, but it wasn’t anything that they could handle.

About the physical security of those servers, I thought the actual locations of those are kept secret. I don’t know… my memory’s a bit foggy on this.

There’s also talk of redesigning TCP/IP in general to make it more efficient and less prone to attacks - TCP/IP was designed back when the internet first took off. At that time, the most you would send was a little bit of information through your 5600 modem. Now with broadband, TCP/IP as it is isn’t optimized for the large amount of data being sent. Internet2 - the academia-and-military-only successor to the current internet - is supposed to be about that.

You could stop the internet from expanding for a little while. Buy out all the remaining IP addresses. There are only 4 trillion possibilities. Many are already taken…and some are reserved for other uses. Well, even if you had the money and the means…it would just push forward IPv6…so go for it :slight_smile:

By just taking out a small chunk of the internet for a few seconds can cost thousands of dollars. It’s kind of scary that anybody could really harness that power. To make a brick and mortar store lose money, you either need to rob it or shut it down. With ecommerce, you only need a simple little program. Anybody that knows how to run simple unix commands could take down the biggest website. I sure could. Am I stupid enough to? No.

DDoS floods are a pain. They’re hard to trace (since they make use of insecure machines), they’re hard to stop, and they can cost businesses lots of money. I remember a few months ago DALnet (a large IRC network) was being taken down by a bunch of kiddies. The network owners announced a massive price spike in their fees due to all the traffic the DOS’ers were sending through.

It’s sad that there are people like this. It’s sad that those people can have such a power. I imagine that the internet will severly get cut off some day. ‘Hacking’ (and I use that term very loosely…since it should rather be called ‘cracking’) has become way too simple. People don’t bother to secure their machines or even bother to check the traffic going through them. It’s also a bit of the software developers fault. To point out some popular ones…Microsoft knew about many of the security holes that worms and viruses use to work their way into machines. It was only patched after the virus was released. Then there were still machines that didn’t even apply the patch! It’s a vicious circle. (I know that I still get some Codered hits on my website…so it is still going around.)

The BIGGEST reason sites like Amazon and Yahoo can get taken down is due to the ignorance of some folks! Yes, it is the fault of the person who initiates the DDoS, but if there were no machines to distribute the DoS attack to, there would be no problem. People have misconfigured Cisco routers running on high-bandwidth connections and they’re getting badly abused.

Simple descriptions of DoS:

You ping one computer, they send back a response.
You ping a misconfigured computer, they send back multiple responses.
You ping a misconfigured computer with IP spoofing, they send back multiple responses to the spoofed IP. Therefore, somebody is getting packets they didn’t ask for.
Send hundreds and thousands of those…so that it overwhelms the spoofed IP with packets, they go offline. That is a DoS.

The SQL Slammer worm essentially crashed the internet, and that was exploiting a bug that had already been fixed. Imagine if a hacker finds a similar exploit that has not yet been identified and uses it to create a similar worm. You could very easily crash the internet, and not just for a few hours, but for a few days (until Microsoft discovers the exploit and creates a patch and everyone patches their system). It’s not too likely, I’ll admit, but it could still happen.
Barring that, a sustained DDoS of the root DNS servers could cause some problems, but due to the decentralized nature of the system, ISPs could just stop attempting to look up domain names from the root servers and only websites that change their IPs would be unavailable. At least, I think that’s how the system works. Don’t quote me.
As for a redesign of TCP/IP, don’t count on it anytime soon. The Reg covered something about it here.

*Originally posted by srawls *
**
Also, I seem to recall some discussion on the physical security at various root DNS servers, and what would happen if terrorist, say, attacked them (by bombs and such, nothing as fancy as an internet virus, or a DDOS attack). Basically, the WHOLE internet may not go down, but a large portion would, or there would be a significant slowdown, and only a limited number of people would have access.

Stephen **

Probably not. In fact, as little as 12% of DNS queries actually make it all the way to the root servers, since any decent ISP will run their own.

Also, the internet has SO much redundancy that you would literally have to take down EVERY major backbone to cripple it. For example, you are required to have two DNS servers registered to a domain, even though one is plenty for most simple websites. Likewise, routers use routing protocols (OSPF, BGP, etc), to find multiple paths to any destination on the internet. Depending on which routing protocol is used, the router can switch over in as little as a few seconds. Add in things like HSRP (proprietary to Cisco, but still VERY cool), and you can get switchover times that are virtually zero.

Basically, the entire internet is designed with redundancy, backups, and backups to the redundancy. Short of siumultaneously destroying ATT, MCI, Sprint, Bell, etc, I really can’t imagine any way of knocking out the whole thing.

i hate to tell you but its impossible to shut down the net. there are networks that are not connected to the “internet”. plus if there was a worm that was destroying computers left and right. it would simply be quarentined. companiess would simply connect to other networks directly. not through the internet.

by the way kevin A. the computer works fine due to your wonderfull craftsmanship. :yikes:
post a pic of your egg launcher.:ahh:

i’m pretty sure there was a fear that the internet could be taken down. internet2 isn’t there just for higher speeds i think.

it’s vital that colleges and labs remain open to each other, if any research is to get done. they can’t be on a potentially faulty system, so they made their own, based on the original. that means, as far as i can see, the internet is capable of being taken down. how easy that is, well, i can’t say. i can say that it must be doable though, otherwise i doubt there would be an “internet2”.

*Originally posted by Dj Danni Boy *
i hate to tell you but its impossible to shut down the net. there are networks that are not connected to the “internet”. plus if there was a worm that was destroying computers left and right. it would simply be quarentined. companiess would simply connect to other networks directly. not through the internet.

But if those networks aren’t part of the internet…then uhh…it’s not part of the internet (but rather an intranet). It most certainly is possible to take down the internet. It’s not easy, but it is possible. Some psycho guy could run around with a sledge hammer and bash in all of Worldcom’s routers. Then do the same for AT&T and such. You’d see a bit of a slowdown (and one tired man wielding a sledge-hammer!)

Also, just because a worm is found out about doesn’t mean that everybody is going to go out and patch it the instant it’s found out about. Look at Codered, Codered2, and Nimda. They did a whole bunch of damage even after the patch was publically announced.

Oh yes, and redundancy is beginning to be a thing of the past for the internet. Many ISP’s are beginning to get uptight about their money. For people paying $10/mo. for connectivity, what’s the difference between 80% uptime and 99% uptime? For the ISP, it’s quite a bit of money. Redundancy is expensive. In the big internet picture, there is enough redundancy for intercontinental stuff…but local ISP’s and things like that are getting skimpy :slight_smile:

Wow… a bunch of computer people who know more than I do… anyway. I think it would be really difficult to shut down the internet … and would it even matter that much? I’m sure people would just do the same thing except SLIGHTLY differnet and form another thing that would work the same. I mean come on, like with y2k everyone was trying to change stuff around…they’d do the same thing!

If you have IE 4.0 or higher, around 5 lines of html will crash your browser (just html, nothing else)…

Test it here: http://vibrantlogic.com/new.html

Here’s the article on it: http://www.secunia.com/advisories/8642/

*Originally posted by monsieurcoffee *
**If you have IE 4.0 or higher, around 5 lines of html will crash your browser (just html, nothing else)…

Test it here: http://vibrantlogic.com/new.html

Here’s the article on it: About Secunia Research | Flexera **

Haha, I was laughing when I saw that on slashdot today. And you really only need one line.

Of course, crashing IE is FAR FAR less than crashing the internet. If all you had to do to crash the internet was to crash IE, we’d be in trouble :smiley:

Stephen

PS. I’m glad I don’t use IE :slight_smile: