Skip navigation
Help

Network architecture

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

msm1267 writes "Attackers are using route injection attacks against BGP-speaking routers to insert additional hops in the traffic stream, redirecting traffic to third-party locations where it can be inspected before it's sent to its destination. Internet intelligence company Renesys has detected close to 1,500 IP address blocks that have been hijacked on more than 60 days this year, a disturbing trend that indicates attackers could finally have an increased interest in weaknesses inherent in core Internet infrastructure."

0
Your rating: None
Original author: 
Sean Gallagher

Aurich Lawson

A little more than a year ago, details emerged about an effort by some members of the hacktivist group Anonymous to build a new weapon to replace their aging denial-of-service arsenal. The new weapon would use the Internet's Domain Name Service as a force-multiplier to bring the servers of those who offended the group to their metaphorical knees. Around the same time, an alleged plan for an Anonymous operation, "Operation Global Blackout" (later dismissed by some security experts and Anonymous members as a "massive troll"), sought to use the DNS service against the very core of the Internet itself in protest against the Stop Online Piracy Act.

This week, an attack using the technique proposed for use in that attack tool and operation—both of which failed to materialize—was at the heart of an ongoing denial-of-service assault on Spamhaus, the anti-spam clearing house organization. And while it hasn't brought the Internet itself down, it has caused major slowdowns in the Internet's core networks.

DNS Amplification (or DNS Reflection) remains possible after years of security expert warnings. Its power is a testament to how hard it is to get organizations to make simple changes that would prevent even recognized threats. Some network providers have made tweaks that prevent botnets or "volunteer" systems within their networks to stage such attacks. But thanks to public cloud services, "bulletproof" hosting services, and other services that allow attackers to spawn and then reap hundreds of attacking systems, DNS amplification attacks can still be launched at the whim of a deep-pocketed attacker—like, for example, the cyber-criminals running the spam networks that Spamhaus tries to shut down.

Read 16 remaining paragraphs | Comments

0
Your rating: None

Internet map

Upon discovering hundreds of thousands open embedded devices on the Internet, an anonymous researcher conducted a Census of the Internet, mapping 460 million IP addresses around the world.

While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.

It's a pretty thorough analysis, but the conclusion interested me most:

The why is also simple: I did not want to ask myself for the rest of my life how much fun it could have been or if the infrastructure I imagined in my head would have worked as expected. I saw the chance to really work on an Internet scale, command hundred thousands of devices with a click of my mouse, portscan and map the whole Internet in a way nobody had done before, basically have fun with computers and the Internet in a way very few people ever will. I decided it would be worth my time.

It makes me feel...uneasy. [Thanks, Roger]

0
Your rating: None

Golden_krishna_2_large

Golden Krishna, Senior Designer at Samsung Innovation Labs, wants to upend the way we think about user interfaces. "Our love for the digital interface is out of control," he says. "It has become our answer to everything." If he has his way, the future of Samsung consumer electronics might work more like the Nest thermostat, which learns about your favorite temperature, or a Mercedes-Benz automobile, which automatically unlocks when it detects the keys in your pocket.

Continue reading…

0
Your rating: None

In a series of posts on his blog, military theorist John Robb outlines what he thinks will be the next big thing — "as big as the internet," as he puts it. It's DRONENET: an internet of drones to be used as an automated delivery service. The drones themselves would require no futuristic technology. Modern quadrotor drones are available today for a few hundred dollars, and drone usage would be shared across an open, decentralized network. Robb estimates the cost for a typical delivery at about $0.25 every 10 miles, and points out that the drones would fit well alongside many ubiquitous technologies; the drone network shares obvious parallels with the internet, the drones would use GPS already-common GPS navigation, and the industry would mesh well with the open source hardware/software community. Finally, Robb talks about the standards required for building the DRONENET: "Simple rules for drone weight, dimensions, service ceiling, and speed. Simple rules for battery swap and recharging (from battery type, dimension, etc.). Simple rules for package containers. Simple rules for the dimensions and capabilities of landing pads. ... Decentralized database and transaction system for coordinating the network. Rules for announcing a landing pad (information from GPS location and services provided) to the network. Rules for announcing a drone to the network (from altitude to speed to direction to destination). Cargo announcement to the network, weight, and routing (think: DNS routing). A simple system for allocating costs and benefits (a commercial overlay). This commercial system should handle everything from the costs of recharging a drone and/or swapping a battery to drone use."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None