http://www.osnews.com/story/17193/Hackers_Attack_Heart_of_the_Net Exploring the Future of Computing en-us Copyright 2001-2009, David Adams adam+nospam@osnews.com Tue, 10 Nov 2009 11:02:42 GMT http://www.osnews.com/images/osnews.gif http://www.osnews.com http://osnews.com/thread?210226 http://osnews.com/thread?210226 I'm glad you crossed out "hackers" in that summary. These days, I'm so used to seeing the word used in that way, I didn't even blink.

Nice to know some places still get it right! Wed, 07 Feb 2007 20:07:00 GMT donotreply@osnews.com (twenex) Comments http://osnews.com/thread?210231 http://osnews.com/thread?210231 I was going to say that too. Correct hacker lingo is important to me, as it isn't "m4d l33t sp34k!" like most think. Proper hackish lexicon is imaginative, fun and highly creative. Wed, 07 Feb 2007 20:15:00 GMT donotreply@osnews.com (Kroc) Comments http://osnews.com/thread?210235 http://osnews.com/thread?210235 No wonder my internet at home was not working yesterday. I told my roommate to change the dns server on our router, so he changed it from 4.2.2.1 to 4.2.2.2 and it was fine. I figured it was just a fluke. Wed, 07 Feb 2007 20:27:00 GMT donotreply@osnews.com (sappyvcv) Comments http://osnews.com/thread?210241 http://osnews.com/thread?210241 why couldn't they have attacked myspace instead? at least that would have been a HELP to the internet. Wed, 07 Feb 2007 20:42:00 GMT donotreply@osnews.com (zeroth404) Comments http://osnews.com/thread?210242 http://osnews.com/thread?210242 ...to the use of the term "crackers." The politically-correct terminology would be "honkies" or (no offense to any clowns who may be reading this). Wed, 07 Feb 2007 20:44:00 GMT donotreply@osnews.com (StephenBeDoper) Comments http://osnews.com/thread?210245 http://osnews.com/thread?210245 how do they know hackers are behind it? sure, its likely, but cant be known Wed, 07 Feb 2007 20:48:00 GMT donotreply@osnews.com (Redeeman) Comments http://osnews.com/thread?210249 http://osnews.com/thread?210249 The really sad thing about l33t speak is that (if I'm not mistaken) it was basically a silly "stylistic" fad/affectation that was borrowed from "punk" in the 80s, and has lived on with wannabe-"hackers" long after dying out with the group that originated it.

Although, I do admit thinking that the character name "Da5id" from Snow Crash was sort of clever. Wed, 07 Feb 2007 20:52:00 GMT donotreply@osnews.com (StephenBeDoper) Comments http://osnews.com/thread?210251 http://osnews.com/thread?210251 Last time I checked more of the Internet's big DNS (and BIND) servers were running some variant of Unix.

I think it's time we question whether Unix is an appropriate platform for the Internet. This is not the first time this has happened, and if we keep using in-secure OSes for critical data then we get what we deserve. Wed, 07 Feb 2007 20:57:00 GMT donotreply@osnews.com (linuxh8r) Comments http://osnews.com/thread?210259 http://osnews.com/thread?210259 if we keep using in-secure OSes for critical data then we get what we deserve

Certainly. And you propose to use.. what? Wed, 07 Feb 2007 21:12:00 GMT donotreply@osnews.com (raxtor) Comments http://osnews.com/thread?210265 http://osnews.com/thread?210265 I think it's time we question whether Unix is an appropriate platform for the Internet. This is not the first time this has happened, and if we keep using in-secure OSes for critical data then we get what we deserve.

You obviously didn't read the article. Yes, Unix runs most of the Internet. The article clearly points out that this sustained attack was a dismal failure. Yes, highly trained and competent people were involved in keeping it that way, but whatever the platform, you wouldn't want highly UNtrained and INcompetent people running the 'Net, would you?

As another poster said, I'd welcome your thoughts on any alternative that would be an improvement. Wed, 07 Feb 2007 21:22:00 GMT donotreply@osnews.com (twenex) Comments http://osnews.com/thread?210267 http://osnews.com/thread?210267 Certainly. And you propose to use.. what?

Vista!!!

So... let's see. The DNS insfrastructure didn't even BLINK because of this DDoS but so unix should be gotten rid of cause it's not robust enough??? Huh??? Oh, man... I'd like to know what would have happend had it been any of the MS server variants. Had it been on, we would be surfing a cheap porn site when you asked for www.google.com!!! :-S :-D Wed, 07 Feb 2007 21:23:00 GMT donotreply@osnews.com (eantoranz) Comments http://osnews.com/thread?210268 http://osnews.com/thread?210268 ...I think it's time we question whether Unix is an appropriate platform for the Internet. ...

If this can be construed as an OS problem, then it probably relates to unpatched Windows machines that were being used as zombies. Wed, 07 Feb 2007 21:24:00 GMT donotreply@osnews.com (PLan) Comments http://osnews.com/thread?210277 http://osnews.com/thread?210277 Last time I checked more of the Internet's big DNS (and BIND) servers were running some variant of Unix.


Um ... BIND is a DNS server.


I think it's time we question whether Unix is an appropriate platform for the Internet. This is not the first time this has happened, and if we keep using in-secure OSes for critical data then we get what we deserve.

Did you read the article? It had nothing to do with the OS that was running. It was a DOS attack. It doesn't matter what your OS is, if your pipe is full of illegitimate requests, then you're going to have a hard time servicing legitimate requests. Wed, 07 Feb 2007 21:49:00 GMT donotreply@osnews.com (openwookie) Comments http://osnews.com/thread?210278 http://osnews.com/thread?210278 And where is your evidence?

Please provide links... Wed, 07 Feb 2007 21:54:00 GMT donotreply@osnews.com (linuxh8r) Comments http://osnews.com/thread?210287 http://osnews.com/thread?210287 Go fix computers for your local community; that will soon open your eyes to the reality of 'computing'. Wed, 07 Feb 2007 22:17:00 GMT donotreply@osnews.com (Kroc) Comments http://osnews.com/thread?210288 http://osnews.com/thread?210288 race has nothing to do with this. Your post is pointless. Wed, 07 Feb 2007 22:21:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?210289 http://osnews.com/thread?210289 http://localhost

;) Wed, 07 Feb 2007 22:22:00 GMT donotreply@osnews.com (ctl_alt_del) Comments http://osnews.com/thread?210292 http://osnews.com/thread?210292 Remember that language is defined by usage, so in todays world, the term 'Hacker' actually means what most people think it means. Wed, 07 Feb 2007 22:35:00 GMT donotreply@osnews.com (stestagg) Comments http://osnews.com/thread?210296 http://osnews.com/thread?210296 wow, you are a bit of a moron. *pats head* It's ok. Wed, 07 Feb 2007 22:37:00 GMT donotreply@osnews.com (helf) Comments http://osnews.com/thread?210312 http://osnews.com/thread?210312 Well judging by the votes for that post, a lot of people disagree with you.

Besides, what something means is often defined not just by the general public, but also by its usage in a particular field. Watch a psychologist's reaction if you misuse the word "schizophrenia" for example.

Now if those who use "hacker" in the sense we use "cracker" had another word for OUR sense of "hacker", that might help. But they don't have one that fits exactly. Wed, 07 Feb 2007 22:58:00 GMT donotreply@osnews.com (twenex) Comments http://osnews.com/thread?210349 http://osnews.com/thread?210349 oh dear, LinuxH8r, it is because a unix user laugh at your poor little floppy willie and even you let him play with it there was nothing but floppyness and little size

this is why you hate unix! (and linux) Wed, 07 Feb 2007 23:46:00 GMT donotreply@osnews.com (littlewilliedetector) Comments http://osnews.com/thread?210448 http://osnews.com/thread?210448 Time to implement some P2P protocol for vital network parts lol.

And a cracker is a hacker, though a "bad" one. If u feel about mixing those two words, you still have to explain it _every_ time over and over again. Thu, 08 Feb 2007 05:25:00 GMT donotreply@osnews.com (PipoDeClown) Comments http://osnews.com/thread?210453 http://osnews.com/thread?210453 The articles I read on this implied that the attack didn't significantly affect users. Three of the root DNS servers (including DoD and ICANN) took the brunt of the attack, and the root DNS system responded quickly by rerouting DNS requests across a widely distributed network of backup servers. The operators of the root DNS system learned a lot from the 2002 attack and have implemented a vastly more resilient architecture.

Curiously, no one has produced any viable theories as to why this attack happened. All they say is that a lot of the traffic came from South Korea. I think that given the moderate size of the attack and the casual response, it's quite likely that this was an unannounced test of the emergency response capabilities of the root DNS. In other words, with my tin foil hat firmly in place, I think one or more national governments did this on purpose. By all accounts, the system passed the test quite nicely. Thu, 08 Feb 2007 05:36:00 GMT donotreply@osnews.com (butters) Comments http://osnews.com/thread?210457 http://osnews.com/thread?210457 Um ... BIND is a DNS server.

And it's an outstanding piece of code, too. One of my previous jobs involved using some static analysis software to analyze lots of system code. It's very picky and produces 50% false positives on a good day.

I was asked to run this tool on some open source code of my choice for comparison, and I happened to choose BIND. This resulted in zero "complaints" from the analysis tool, which I'd never seen happen for anything larger than a few thousand lines of code.

Taking a look, I found that the code is immaculate, highly structured, and defensive to the extreme. Every little function has a block of assertions at the top that list all of the preconditions and a block at the bottom to check the postconditions. It manages its own slab of memory using ultra-robust routines (because malloc just isn't hardened enough).

I came away with the sense that this is exactly the kind of code I would want running something so important as the Internet. Then I had to get back to work, so I scanned the FreeBSD kernel instead, and found a more usual distribution of bugs and weaknesses. Thu, 08 Feb 2007 05:55:00 GMT donotreply@osnews.com (butters) Comments http://osnews.com/thread?210461 http://osnews.com/thread?210461 butters, if you don't mind please post the name of the tool... Thu, 08 Feb 2007 06:11:00 GMT donotreply@osnews.com (arunta) Comments http://osnews.com/thread?210486 http://osnews.com/thread?210486 I have a incredibly strong hunch that was a joke. Thu, 08 Feb 2007 09:54:00 GMT donotreply@osnews.com (yak8998) Comments http://osnews.com/thread?210552 http://osnews.com/thread?210552 LOL! So true. Thu, 08 Feb 2007 14:09:00 GMT donotreply@osnews.com (Jedd) Comments http://osnews.com/thread?210618 http://osnews.com/thread?210618 Why do people insist in referring to these people in some specific way, when they are simply criminals?

If they would be referred to as criminals, then *anyone* would have no trouble figuring out their nature, and there would be a better chance that hackers could get back the respect they deserve. Thu, 08 Feb 2007 18:36:00 GMT donotreply@osnews.com (ccchips) Comments http://osnews.com/thread?210621 http://osnews.com/thread?210621 Sorry... I tried to convince them to open it up, claiming that the community would make a damn good frontend (which was sorely lacking), but no luck.

If you participate in an OSS project, please visit www.coverity.com -- They have the world's most advanced static analysis tool and provide licenses free of charge to any OSS project. It's significantly better than the tool I was using, but my attempts to push a licensing deal stalled because they wanted millions of dollars. Various happy OSS users include the Linux kernel, Apache, and FreeBSD, as well as Solaris, Oracle, and many other proprietary customers. It's based on a research project out of Stanford and has really grown into something special. They can do stuff with static analysis that many previously thought were impossible, such as detecting race conditions and deadlocks. Thu, 08 Feb 2007 18:52:00 GMT donotreply@osnews.com (butters) Comments