Vulnerability Development mailing list archives
Re: A code red that could bring down the net?
From: Ian Stoba <ian () BabcockBrown com>
Date: Wed, 25 Jul 2001 08:58:42 -0700
I think if you're looking for a "killer app" in that sense of the term, DDOSing the root name servers is not going to be the way to do it.
Predicting failure in any complex system begins with an analysis looking for single points of failure. These could be physical (turning off the power to MAE West would take down a pretty good chunk of the internet) or logical.
In the logical category I think the most obvious ones would be if someone found an effective remote kill for BIND or a flaw in BGP4, particularly Cisco's implementation.
I've had a hunch for some time that a vulnerability in BGP4 was behind the L0pht's claim to Congress that they could take down the internet in half an hour.
FWIW, I'm rather fond of the internet and this is in no way meant to be any kind of encouragement for anyone to try to attack it.
--Ian On Tuesday, July 24, 2001, at 03:25 AM, Felix Harris wrote:
As I've said previously, DDos wouldn't work particularly well, because there's a lot of hosts to hit, and the root nameservers are fairly well maintained. The next suggestion would be just a typical memory leaky-thingy (I love technical terms) or something along those lines to kill the named. This is also fairly difficult as the primary nameservers run different nameds (as far as I know), and so would require multiple applications to be flawed.
Current thread:
- Re: multi-OS infections (Multi OS shellcode), (continued)
- Re: multi-OS infections (Multi OS shellcode) Damir Rajnovic (Jul 25)
- Re: multi-OS infections (Multi OS shellcode) corecode (Jul 25)
- RE: A code red that could bring down the net? Dom De Vitto (Jul 23)
- Re: A code red that could bring down the net? Birger Toedtmann (Jul 23)
- Re: A code red that could bring down the net? Michael Tench (Jul 23)
- Re: A code red that could bring down the net? Felix Harris (Jul 24)
- Re: A code red that could bring down the net? David R. Conrad (Jul 25)
- Re: A code red that could bring down the net? Lynn Crumbling (Jul 25)
- Re: A code red that could bring down the net? Sven van ´t Veer (Jul 26)
- Re: A code red that could bring down the net? security curmudgeon (Jul 26)
- Re: A code red that could bring down the net? Ian Stoba (Jul 25)
- Re: A code red that could bring down the net? Michael Tench (Jul 26)
- Re: A code red that could bring down the net? Jose Nazario (Jul 26)
- Re: A code red that could bring down the net? Meritt James (Jul 24)
- RE: Update to "Code Red" Worm. Its a date bomb, not time. Marc Maiffret (Jul 19)
- Re: Update to "Code Red" Worm. Its a date bomb, not time. Blue Boar (Jul 19)
- Re: Update to "Code Red" Worm. Its a date bomb, not time. Blue Boar (Jul 19)