[Chapter-delegates] [isoc-members-discuss] Fwd: Big holes in net's heart revealed

Fred Baker fred at cisco.com
Mon May 1 00:19:01 PDT 2006 

Thanks. Good idea. And by the way, not just the DNS servers: the  
SMTP, web, and other application servers as well.

On Apr 30, 2006, at 9:32 AM, Patrick Vande Walle wrote:

> Dear all,
>
> I see here a potential for a project associating ISOC and its  
> chapters.
> I just tested (with http://www.dnsreport.com) how my local top ten  
> sites
> performed on the DNS side. The results were surprising: open,  
> recursive
> DNS servers, invalid glue records, etc., not to mention numerous
> violations of RFCs on the SMTP side. I guess this is not specific  
> to my
> country.
>
> ISOC chapters could render a good service to their local community by
> testing the DNS servers of their community. This is not a new idea
> actually. ISOC England did a similar project some years ago.
>
> Based on the collected data, the chapter could:
>
> - send a detailed report to each company it tested (and maybe gain an
> org member in the process)
> - send a statistical report to the local press, which generally likes
> alarming headlines.
>
> This would also help establish the local chapter as a reference for
> Internet related issues.
>
> The project itself would be to develop a common technical platform to
> perform the tests and extracts the statistics.
>
> Best regards
>
> Patrick Vande Walle
> ISOC Luxembourg
>
>
> -------- Original Message --------
> Subject: 	Big holes in net's heart revealed
> Date: 	Sun, 30 Apr 2006 08:32:02 -0400
> From: 	David Farber <dave at farber.net>
> Reply-To: 	dave at farber.net
> Newsgroups: 	lists.interesting-people
> References: 	<70935544-E016-41F9-BD0D-619F652C3ECB at WARPSPEED.COM>
>
>
>
> Something "well known" but not advertised till now. djf
>
>
> Begin forwarded message:
>
> From: Dewayne Hendricks <dewayne at WARPSPEED.COM>
> Date: April 30, 2006 5:11:08 AM EDT
> To: Dewayne-Net Technology List <dewayne-net at WARPSPEED.COM>
> Subject: [Dewayne-Net] Big holes in net's heart revealed
> Reply-To: dewayne at WARPSPEED.COM
>
>   Big holes in net's heart revealed
> By Mark Ward
> Technology Correspondent, BBC News website
>
> Simple attacks could let malicious hackers take over more than one-
> third of the net's sites, reveals research.
>
> The finding was uncovered by researchers who analysed how the net's
> addressing system works.
>
> They also found that if the simple attacks were combined with so-
> called denial-of-service attacks, 85% of the net becomes vulnerable
> to take-over.
>
> The researchers recommended big changes to the net's addressing
> system to tackle the vulnerability at its heart.
>
> Site seizing
>
> When you visit a website, such as news.bbc.co.uk, your computer often
> asks one of the net's address books, or domain name servers, for
> information about where that site resides.
>
> But the number of computers that have to be consulted to find the
> computers where that site is located often makes sites vulnerable to
> attack by vandals and criminals, found Assistant Professor Emin Gun
> Sirer and Venugopalan Ramasubramanian from the Department of Computer
> Science at Cornell University.
>
> Professor Sirer told the BBC News website that, on average, 46
> computers holding different information about the components of net
> addresses are consulted to find out where each dotcom site is
> actually hosted.
>
> But, he said, this chain of dependencies between the computers that
> look after the different parts of net addresses creates all kinds of
> vulnerabilities that clever hackers could easily exploit.
>
> "The growth of the internet has caused these dependencies to emerge,"
> said Professor Sirer. "Instead of having to compromise one you can
> compromise any one of the three dozen."
>
> All the information gathered and analysed by the researchers has to
> be publicly available to keep the net's addressing system working.
> The research analysed information about almost 600,000 computers.
>
> The research also revealed that 17% of the servers that host the
> net's address books are vulnerable to attack via widely known  
> exploits.
>
> "Because of these dependencies about one-third of the net's names are
> trivially compromisable by script kiddies," he said.
>
> One site vulnerable in this way was run by the FBI, said Professor.
> Sirer. Although the five computers that act as the first reference
> point for the fbi.gov domain were secure, one of the five that
> connect to these has yet to install a patch for a well-known bug.
>
> That computer was fixed after the Cornell team reported its findings
> to the FBI, but hundreds of thousands of sites suffer from similar
> problems.
>
> The most vulnerable net domain found by the survey was that of the
> Roman Catholic Church in the Ukraine.
>
> Criminals such as phishing gangs would be interested in re-directing
> traffic from well-known sites so they can grab key login and personal
> details that would help them de-fraud web users.
>
> [snip]
>
> Story from BBC NEWS:
> <http://news.bbc.co.uk/go/pr/fr/-/1/hi/technology/4954208.stm>
>
> Published: 2006/04/28 13:58:07 GMT
>
> Weblog at: <http://weblog.warpspeed.com>
>
>
>
> -------------------------------------
> You are subscribed as patrick at isoc.lu
> To manage your subscription, go to
>   http://v2.listbox.com/member/?listname=ip
>
> Archives at: http://www.interesting-people.org/archives/interesting- 
> people/
>
>
> _______________________________________________
> ISOC-members-discuss mailing list
> ISOC-members-discuss at elists.isoc.org
> http://elists.isoc.org/mailman/listinfo/isoc-members-discuss

More information about the Chapter-delegates mailing list