News Hackers target core net routers

[Da Dego]

http://www.bit-tech.net/news/2007/02...e_net_routers/

[K.I.T.T.]

....funny it wasn't that long ago that i was talking about a way to 'take down the internet' that involved basically doing what this group of hackers did.

it would have worked what they did but only if they had kept it up to a point at which the DNS records held on the servers and ISP DNS servers lower started to become invalid so to speak (basically 24 hours old IIRC). Then they would have caused some good old fashioned vigalante mayhem but keeping up a DDoS of this severity for anything up to a day without being traced would be not exactly easy.

P.S. as it was said in the article, its not real hacking, hacking is finding and uncovering information that you weren't supposed to see or gaining access to a system purely to have a look around....this was a groups of randoms playing H4X0Rz

[DougEdey]

Call them Crackers Then! Hackers try to make something do what it shouldn't do.

[TheoGeo]

damn script kiddies, they should leave internet tubes alone

[mmorgue]

Pfft - big deal. I downloaded the internets yesterday. Let them hack it -- I can always reload it...

[randosome]

Quote:

Originally Posted by guardian.co.uk

When a person types the name of a website into a web browser it looks up the location of that site by consulting a root server.

As far as my understanding went

Lets say i look up bit-tech.net - well firstly my PC would look at its DNS records, if it isn't there, it then goes to the next DNS server up (you Router ?) then if that doesn't have the DNS record, it would go up again (your ISP)

So technically, if you look at a site that almost no-one else has looked at, you could actually end up querying the root servers, but unlikely

now if the root servers did crash, then you would still have all those DNS caches all along the way, still unaffected - therefore you probably wouldn't notice, and the root DNS servers would come back up and everything would be OK

Now i think all those DNS caches do update every so often (depending on the TTL set on the domain)

[K.I.T.T.]

thats exactly why you've got to keep the core routers down for an extended period because once the DNS records go out of date in all the lower DNS caches (which i believe would be about 24 hours until DNS records are invalid because of age) then they'd query the core routers for their routing tables and certain IP's in their DNS database but since the core routers would either be offline or just plain DoS'd then they wouldn't respond and no-one (apart from anyone who knows the IP of the sites they go on) would be able to do anything.....apart from the USA who can pull all the international lines and run on their own, again unless it was a DDoS in which case that may not help either because the attack would be coming form inside the USA as well.....but this is all hypothetical rambling, its not like i was actually going to try it

[Rocket733]

Quote:

Originally Posted by K.I.T.T.

thats exactly why you've got to keep the core routers down for an extended period because once the DNS records go out of date in all the lower DNS caches (which i believe would be about 24 hours until DNS records are invalid because of age) then they'd query the core routers for their routing tables and certain IP's in their DNS database but since the core routers would either be offline or just plain DoS'd then they wouldn't respond and no-one (apart from anyone who knows the IP of the sites they go on) would be able to do anything.....apart from the USA who can pull all the international lines and run on their own, again unless it was a DDoS in which case that may not help either because the attack would be coming form inside the USA as well.....but this is all hypothetical rambling, its not like i was actually going to try it

Next time I know the internet is being hacked I'll know who to question.

[DXR_13KE]

i noticed this...... the trucks were not fully loaded that day.

[speedfreek]

I think it would take too much to take down the internets for too long, it probably made some people a little nervous though.

[randosome]

Quote:

Originally Posted by K.I.T.T.

thats exactly why you've got to keep the core routers down for an extended period because once the DNS records go out of date in all the lower DNS caches (which i believe would be about 24 hours until DNS records are invalid because of age) then they'd query the core routers for their routing tables and certain IP's in their DNS database but since the core routers would either be offline or just plain DoS'd then they wouldn't respond and no-one (apart from anyone who knows the IP of the sites they go on) would be able to do anything.....apart from the USA who can pull all the international lines and run on their own, again unless it was a DDoS in which case that may not help either because the attack would be coming form inside the USA as well.....but this is all hypothetical rambling, its not like i was actually going to try it

even then, if the lower DNS servers don't get a response, their not exactly just going to throw out their DNS records are they ?

So what would have thought would happen is that some pages wouldn't work because the DNS would no longer have the right ip, but most of the Internet would still be fine
Unless of course the core DNS servers were off for like a month, or a year
For eg, a site like bit tech - i think they have probably only ever had 1 ip, unless it changes there shouldn't be a problem