Network Solutions Under Large Scale DDoS Attack
On Fri, Jan 23, 2009 at 6:28 PM, Danny Younger <dannyyounger@yahoo.com>wrote:
http://www.circleid.com/posts/20090123_network_solutions_down_ddos_attack/
Hate to say it folks - but I told you so a long time ago this was going to happen. If you want to attack the Internet - you don't attack the root servers - you attack .com name space. Once .com name space is offline a lot of the net just twinkles out of existence. Being the most popular name space also makes .com the most vulnerable not recommended to support infrastructure. cheers joe baptista
<http://www.circleid.com/posts/20090123_network_solutions_down_ddos_attack/>
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org
http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...
At-Large Official Site: http://atlarge.icann.org
-- Joe Baptista www.publicroot.org PublicRoot Consortium ---------------------------------------------------------------- The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large. ---------------------------------------------------------------- Office: +1 (360) 526-6077 (extension 052) Fax: +1 (509) 479-0084
Hate to say it folks - but I told you so a long time ago this was going to happen. If you want to attack the Internet - you don't attack the root servers - you attack .com name space. Once .com name space is offline a lot of the net just twinkles out of existence.
Network Solutions is not Verisign, and hasn't been for about a decade. Perhaps you might want to update your bookmarks or something. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
On Sat, Jan 24, 2009 at 1:56 PM, John R. Levine <johnl@iecc.com> wrote:
Hate to say it folks - but I told you so a long time ago this was going to
happen. If you want to attack the Internet - you don't attack the root servers - you attack .com name space. Once .com name space is offline a lot of the net just twinkles out of existence.
Network Solutions is not Verisign, and hasn't been for about a decade.
Perhaps you might want to update your bookmarks or something.
Don't bother telling me that - email the journalist who wrote the article. The issue here is that a successful attack against the .com servers would take out most of the internet since the technical infrastructure is so heavily dependent on the the .com zone. Any dummy should understand that. It's irrelevant who runs the .com zone - the problem here is its popularity as a tld label also makes it vulnerable to attack because so many name space objects - ns hosts - are technically dependent on the zone. The day .com goes off line - and this day is inevitable - most of the internet will simply disappear for so many folks. I look forward to that day - will give me an excuse to take the day off and enjoy an Internet free day.. regards joe baptista -- Joe Baptista www.publicroot.org PublicRoot Consortium ---------------------------------------------------------------- The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to e Internet community @large. ---------------------------------------------------------------- Office: +1 (360) 526-6077 (extension 052) Fax: +1 (509) 479-0084
The issue here is that a successful attack against the .com servers would take out most of the internet since the technical infrastructure is so heavily dependent on the the .com zone. Any dummy should understand that.
We know. Fortunately VRSN is a lot more technically sophisticated than Netsol, and I would be quite surprised if anyone managed to DDoS them successfully. I know some of the people who run the DNS servers, and they have a variety of tricks up their sleeve that make them a lot more resilient than you might think. No, I can't tell you what they are. Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
And do you think that an attack against .com would be a simple matter now? I think I can hear "nation security" with all the nasty things that come with it when you piss off some people. Toute connaissance est une réponse à une question On 26/01/2009, at 7:59, "John R. Levine" <johnl@iecc.com> wrote:
The issue here is that a successful attack against the .com servers would take out most of the internet since the technical infrastructure is so heavily dependent on the the .com zone. Any dummy should understand that.
We know. Fortunately VRSN is a lot more technically sophisticated than Netsol, and I would be quite surprised if anyone managed to DDoS them successfully.
I know some of the people who run the DNS servers, and they have a variety of tricks up their sleeve that make them a lot more resilient than you might think. No, I can't tell you what they are.
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex- Mayor "More Wiener schnitzel, please", said Tom, revealingly.
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...
At-Large Official Site: http://atlarge.icann.org
<offlist> John, In discussions that I had with Ken Silva, Verisign's CSO, he stated that they take DDoS attacks very seriously. I am under the impression that a serious attack could really do some damage. On the other hand, a serious attack would probably need some very good motivation, as I don't think that the cost of it would be trivial. So, my personal feeling would be rather that the possibility of a DoS is rather unlikely than impossible. But that, as I said, is just my impression as a non-technical person. Cheers, Roberto
-----Original Message----- From: at-large-bounces@atlarge-lists.icann.org [mailto:at-large-bounces@atlarge-lists.icann.org] On Behalf Of John R. Levine Sent: Sunday, 25 January 2009 21:00 To: At-Large Worldwide Cc: Ga Subject: Re: [At-Large] Network Solutions Under Large Scale DDoS Attack
The issue here is that a successful attack against the .com servers would take out most of the internet since the technical infrastructure is so heavily dependent on the the .com zone. Any dummy should understand that.
We know. Fortunately VRSN is a lot more technically sophisticated than Netsol, and I would be quite surprised if anyone managed to DDoS them successfully.
I know some of the people who run the DNS servers, and they have a variety of tricks up their sleeve that make them a lot more resilient than you might think. No, I can't tell you what they are.
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlar ge-lists.icann.org
At-Large Official Site: http://atlarge.icann.org
On Mon, Jan 26, 2009 at 11:25 AM, Roberto Gaetano <roberto@icann.org> wrote:
<offlist>
John, In discussions that I had with Ken Silva, Verisign's CSO, he stated that they take DDoS attacks very seriously. I am under the impression that a serious attack could really do some damage. On the other hand, a serious attack would probably need some very good motivation, as I don't think that the cost of it would be trivial. So, my personal feeling would be rather that the possibility of a DoS is rather unlikely than impossible. But that, as I said, is just my impression as a non-technical person.
Your non-technical persona is displaying an appropriate level of ignorance common to ICANN directors. They get DoS attacks all the time. There have been items dealing with one or more of their gtld servers under attack. But non of these attacks has ever been successful. regards joe baptista
Cheers, Roberto
-----Original Message----- From: at-large-bounces@atlarge-lists.icann.org [mailto:at-large-bounces@atlarge-lists.icann.org] On Behalf Of John R. Levine Sent: Sunday, 25 January 2009 21:00 To: At-Large Worldwide Cc: Ga Subject: Re: [At-Large] Network Solutions Under Large Scale DDoS Attack
The issue here is that a successful attack against the .com servers would take out most of the internet since the technical infrastructure is so heavily dependent on the the .com zone. Any dummy should understand that.
We know. Fortunately VRSN is a lot more technically sophisticated than Netsol, and I would be quite surprised if anyone managed to DDoS them successfully.
I know some of the people who run the DNS servers, and they have a variety of tricks up their sleeve that make them a lot more resilient than you might think. No, I can't tell you what they are.
Regards, John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies", Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor "More Wiener schnitzel, please", said Tom, revealingly.
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlar ge-lists.icann.org<http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...>
At-Large Official Site: http://atlarge.icann.org
_______________________________________________ At-Large mailing list At-Large@atlarge-lists.icann.org
http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann...
At-Large Official Site: http://atlarge.icann.org
-- Joe Baptista www.publicroot.org PublicRoot Consortium ---------------------------------------------------------------- The future of the Internet is Open, Transparent, Inclusive, Representative & Accountable to the Internet community @large. ---------------------------------------------------------------- Office: +1 (360) 526-6077 (extension 052) Fax: +1 (509) 479-0084
participants (5)
-
Danny Younger -
Franck Martin -
Joe Baptista -
John R. Levine -
Roberto Gaetano