[IP] Experts Report Major Internet Vulnerability

[Dave Farber <dave@xxxxxxxxxx>]

Delivered-To: dfarber+@xxxxxxxxxxxxxxxxxx
Date: Tue, 20 Apr 2004 15:16:55 -0400
From: Claudio Gutiérrez <cgutierrez@xxxxxxxxxxxxxx>
Subject: Experts Report Major Internet Vulnerability
To: Dave Farber <dave@xxxxxxxxxx>
By Ted Bridis
AP Technology Writer
Tuesday, April 20, 2004; 1:11 PM

WASHINGTON -- Researchers found a serious security flaw that left core 
Internet technology vulnerable to hackers, prompting a secretive effort by 
international governments and industry experts in recent weeks to prevent 
global disruptions of Web surfing, e-mails and instant messages.

Experts said the flaw, disclosed Tuesday by the British government, affects 
the underlying technology for nearly all Internet traffic. Left 
unaddressed, they said, it could allow hackers to knock computers offline 
and broadly disrupt vital traffic-directing devices, called routers, that 
coordinate the flow of data among distant groups of computers.

"Exploitation of this vulnerability could have affected the glue that holds 
the Internet together," said Roger Cumming, director for England's National 
Infrastructure Security Coordination Centre.

The flaw affecting the Internet's "tranmission control protocol," or TCP, 
was discovered late last year by a computer researcher in Milwaukee, Paul 
"Tony" Watson, 36, who said he identified a method to reliably trick 
personal computers and routers into shutting down electronic conversations 
by resetting the machines remotely.

Routers continually exchange important updates about the most efficient 
traffic routes between large networks. Continued successful attacks against 
routers can cause them to go into a stand-by mode, known as "dampening," 
that can persist for hours.

Experts previously maintained such attacks could take between four years 
and 142 years to succeed because they require guessing a rotating number 
from roughly 4 billion possible combinations. Watson said he can guess the 
proper number with as few as four attempts, which can be accomplished 
within seconds.

"The biggest concern is (the effect on routers) because of the risk of 
bringing down the Internet or severely disrupting traffic on the Internet," 
Watson said.

Already in recent weeks, some U.S. government agencies and companies 
operating the most important digital pipelines have quietly fortified their 
own vulnerable systems because of early warnings communicated by some 
security organizations. The White House has expressed concerns especially 
about risks to crucial Internet routers, since attacks against them could 
profoundly disrupt online traffic.

"Any flaw to a fundamental protocol would raise significant concern and 
require significant attention by the folks who run the major 
infrastructures of the Internet," said Amit Yoran, the U.S. government's 
cybersecurity chief. The new flaw has dominated discussions since last week 
among experts in close-knit security circles.

The public announcement coincides with a presentation Watson expects to 
make Thursday at a popular Internet security conference in Vancouver, where 
Watson said he will reveal full details of his research.

Watson, who runs the www.terrorist.net Web site, predicted that hackers 
will understand how to begin launching attacks "within five minutes of 
walking out of that meeting."

"It's fairly easy to implement," Watson said. "Someone walking out of the 
conference would immediately understand. No matter how vague I am, people 
will figure it out."

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/