[IP] more on Big holes in net's heart revealed

To: ip@xxxxxxxxxxxxxx
Subject: [IP] more on Big holes in net's heart revealed
From: David Farber <dave@xxxxxxxxxx>
Date: Sun, 30 Apr 2006 16:14:21 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <44BC1C84-086C-4459-BF92-3F0D9BCFAA89@xxxxxxxxxxxxxxx>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: brett watson <brett@xxxxxxxxxxxxxxx>
Date: April 30, 2006 11:31:37 AM EDT
To: dave@xxxxxxxxxx
Subject: Re: [IP] Big holes in net's heart revealed

hi dave,

your readers that are not on the dns-operations list might find thefollowing thread an interesting read related to the cornell projectdiscussed in this article. the first posting begins here:


http://lists.oarci.net/pipermail/dns-operations/2006-April/000504.html


-b



On Apr 30, 2006, at 5:32 AM, David Farber wrote:

Something "well known" but not advertised till now. djf


Begin forwarded message:

From: Dewayne Hendricks <dewayne@xxxxxxxxxxxxx>
Date: April 30, 2006 5:11:08 AM EDT
To: Dewayne-Net Technology List <dewayne-net@xxxxxxxxxxxxx>
Subject: [Dewayne-Net] Big holes in net's heart revealed
Reply-To: dewayne@xxxxxxxxxxxxx

 Big holes in net's heart revealed
By Mark Ward
Technology Correspondent, BBC News website
Simple attacks could let malicious hackers take over more than one-third of the net's sites, reveals research.
The finding was uncovered by researchers who analysed how the net'saddressing system works.
They also found that if the simple attacks were combined with so-called denial-of-service attacks, 85% of the net becomes vulnerableto take-over.
The researchers recommended big changes to the net's addressingsystem to tackle the vulnerability at its heart.
Site seizing
When you visit a website, such as news.bbc.co.uk, your computeroften asks one of the net's address books, or domain name servers,for information about where that site resides.
But the number of computers that have to be consulted to find thecomputers where that site is located often makes sites vulnerableto attack by vandals and criminals, found Assistant Professor EminGun Sirer and Venugopalan Ramasubramanian from the Department ofComputer Science at Cornell University.
Professor Sirer told the BBC News website that, on average, 46computers holding different information about the components of netaddresses are consulted to find out where each dotcom site isactually hosted.
But, he said, this chain of dependencies between the computers thatlook after the different parts of net addresses creates all kindsof vulnerabilities that clever hackers could easily exploit.
"The growth of the internet has caused these dependencies toemerge," said Professor Sirer. "Instead of having to compromise oneyou can compromise any one of the three dozen."
All the information gathered and analysed by the researchers has tobe publicly available to keep the net's addressing system working.The research analysed information about almost 600,000 computers.
The research also revealed that 17% of the servers that host thenet's address books are vulnerable to attack via widely knownexploits.
"Because of these dependencies about one-third of the net's namesare trivially compromisable by script kiddies," he said.
One site vulnerable in this way was run by the FBI, said Professor.Sirer. Although the five computers that act as the first referencepoint for the fbi.gov domain were secure, one of the five thatconnect to these has yet to install a patch for a well-known bug.
That computer was fixed after the Cornell team reported itsfindings to the FBI, but hundreds of thousands of sites suffer fromsimilar problems.
The most vulnerable net domain found by the survey was that of theRoman Catholic Church in the Ukraine.
Criminals such as phishing gangs would be interested in re-directing traffic from well-known sites so they can grab key loginand personal details that would help them de-fraud web users.
[snip]

Story from BBC NEWS:
<http://news.bbc.co.uk/go/pr/fr/-/1/hi/technology/4954208.stm>

Published: 2006/04/28 13:58:07 GMT

Weblog at: <http://weblog.warpspeed.com>



-------------------------------------
You are subscribed as brett@xxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/




-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] OFT [UK Office of Fair Trading] to investigate online shopping
Next by Date: [IP] impact on those with physical problems Dial-up provider loses Net access amid fee dispute
Previous by thread: [IP] more on Big holes in net's heart revealed
Next by thread: [IP] OFT [UK Office of Fair Trading] to investigate online shopping
Index(es):
- Date
- Thread