Internet backbone at center of suspected attack

There are signs that hackers attacked key parts of the backbone of the Internet on Tuesday, but no damage seems to have been done, experts said.

The attack appears to have focused on the Domain Name System, which maps text-based domain names, such as "News.com," to the actual numeric IP addresses of servers connected to the Internet, and vice versa. Several key DNS servers saw traffic spike in the early morning on Tuesday, several experts said--a sign of an attack.

"It is an unusual large amount of traffic that is hitting DNS servers," said John Crain, chief technical officer at the Internet Corporation for Assigned Names and Numbers, which operates one of the main so-called root DNS servers. "We see large attacks on a regular basis, but this hit quite a few servers, so it was fairly large."

Yet the DNS servers were able to withstand the onslaught, Crain added. "It was irritating. It ruined my night's sleep. It was extraordinary in the fact that it happened to multiple systems at once, but this is not affecting Internet users," he said.

DNS serves as the address books for the Internet. There are 13 official root DNS servers, which sit at the top of the DNS hierarchy. These root servers get queried only if other DNS servers, like those at an internet service provider, don't have the right IP address for a specific Web site.

If part of the DNS system goes down, Web sites could become unreachable and e-mail could become undeliverable. But DNS is built to be resilient, and attacks on the system are rare. In 2002, a similar denial-of-service attack also failed.

"The main thing is that there was very little impact on the general public, the servers were able to hold up against the attacks," said Zully Ramzan, a researcher at Symantec Security Response. "The Internet in general was designed to even withstand a nuclear attack."

The barrage of data being apparently targeted at the DNS system started around 2.30 a.m. Pacific Time on Tuesday. Multiple root servers saw a traffic spike, but the "G" server, run by the U.S. Department of Defense, and "L," run by ICANN, seem to have gotten the brunt of it, Ramzan said. ICANN's Crain confirmed that impression.

While ICANN and Symantec didn't see any effect on the Internet at large, Internet service provider Neustar did see slow downs on the Net. "We would call it a brownout instead of a blackout. It was significant, but it did not take anything down," a representative for the company said.

The true cause of the traffic surge still needs to be determined, both Ramzan and Crain said.

[Dachi]

DNS != backbone

DNS != backbone

[djcaseley]

But...

It's darned useful!

[Get_Bent]

Poor choice of words

The author didn't mean backbone as in "network backbone". He meant backbone as in "vital support structure".

[Launchpad_72]

It doesn't take much...

The DNS servers may not be the literal backbone of the internet (for those of you who don't speak programming, != means "not equal to"), but they're still an integral part of the global internet. Without the DNS servers, we'd be having to remember IP addresses instead of websites.

An attack on the DNS servers may not be the end of the world, but it could have a severe impact on the global network if such an attack were sucessful. After all, it only takes one link in the chain to bring down the whole thing. Believe me, I know. Here in Vermont, we had an internet blackout across most of the state on Monday because someone tripped over a simple fiber optic cable. One tiny little cable took out half of the state's communications network.

Does that sound acceptable to you?

[nickelspit]

Why would anyone...

...want to take down the network that allows them so much joy?

[wbenton]

Why?

To cause panic.
To say I did it.
To create havoc.
To terrorise.
To see if it could be broken.
As a test to see how far they can actually get.
To disrupt service.
To search for/find a weakness to take the internet down.
To purposefully cripple the internet.
The list of possible reasons are basically endless...

Just because one doesn't understand the reasoning... doesn't make the threat any less!!!

Walt

[HlLLARY CLITON]

II'm sure Leo knows

Leo Laporte will have plenty to say about this I'm sure

[guyfrom2006]

Let us have a Alternative to domain and dns

It is high time the Internet shifts from a Server based system to a Peer based system.

The technology exists in the form of IPv6 which offers unique peer to peer address and communication and P2P technology has also taken leap ahead.

In the coming months and years, we at NetAlter visualize a secured domain-less and dns-less solutions.

For example, if I need to send an email to a friend, I can simply send it across from my computer to my friends computer without routing through mail servers.

NetAlter is under development and is supposed to offer an alternative network to internet users.

[darix2005]

internet

there is no evil that wouldn't come to internet ...

---
http://iphone.emigrantas.com - iPhone blog

[n3td3v]

MMMM

Ouch

Gonna hurt!

[n3td3v]

Testing testing 123

So when the actual attack happening guys?

[wbenton]

It just happened...

That's the point. A major attack actually occurred as reported... but the results were minimal to users.

Walt

[n3td3v]

Joris Evers

copy n pastes from network and security mailing lists and takes the basics about dns is the address book of the internet from wikipedia.

bring back credibility to cnet! wait! they never had any to begin with! ;-)

[anwood]

Root Server Time Map at DNSstuff

There's a cool page graphing root server response times at DNSstuff.

http://www.dnsstuff.com/info/roottimes.htm