[Kictanet] Fw: [alac] Big holes in net's heart revealed
alice at apc.org
alice at apc.org
Mon May 1 12:10:10 EAT 2006
Big holes in net's heart revealed
> By Mark Ward
> Technology Correspondent, BBC News website
> Simple attacks could let malicious hackers take over more than
> one-third of the net's sites, reveals research.
> The finding was uncovered by researchers who analysed how the net's
> addressing system works.
> They also found that if the simple attacks were combined with
> so-called denial-of-service attacks, 85% of the net becomes
> vulnerable to take-over.
> The researchers recommended big changes to the net's addressing
> system to tackle the vulnerability at its heart.
> Site seizing
> When you visit a website, such as news.bbc.co.uk, your computer often
> asks one of the net's address books, or domain name servers, for
> information about where that site resides.
> But the number of computers that have to be consulted to find the
> computers where that site is located often makes sites vulnerable to
> attack by vandals and criminals, found Assistant Professor Emin Gun
> Sirer and Venugopalan Ramasubramanian from the Department of Computer
> Science at Cornell University.
> Professor Sirer told the BBC News website that, on average, 46
> computers holding different information about the components of net
> addresses are consulted to find out where each dotcom site is
> actually hosted.
> But, he said, this chain of dependencies between the computers that
> look after the different parts of net addresses creates all kinds of
> vulnerabilities that clever hackers could easily exploit.
> "The growth of the internet has caused these dependencies to emerge,"
> said Professor Sirer. "Instead of having to compromise one you can
> compromise any one of the three dozen."
> All the information gathered and analysed by the researchers has to
> be publicly available to keep the net's addressing system working.
> The research analysed information about almost 600,000 computers.
> The research also revealed that 17% of the servers that host the
> net's address books are vulnerable to attack via widely known
> "Because of these dependencies about one-third of the net's names are
> trivially compromisable by script kiddies," he said.
> One site vulnerable in this way was run by the FBI, said Professor.
> Sirer. Although the five computers that act as the first reference
> point for the fbi.gov domain were secure, one of the five that
> connect to these has yet to install a patch for a well-known bug.
> That computer was fixed after the Cornell team reported its findings
> to the FBI, but hundreds of thousands of sites suffer from similar
> The most vulnerable net domain found by the survey was that of the
> Roman Catholic Church in the Ukraine.
> Criminals such as phishing gangs would be interested in re-directing
> traffic from well-known sites so they can grab key login and personal
> details that would help them de-fraud web users.
> The research had exposed a big problem that net administrators need
> to tackle, said Professor Sirer. Thought should be given to using a
> secure version of the system used to pass around information about
> net addresses.
> "The domain name system has been incredibly successful so far but it
> is showing its age," he said. "We need to re-think the entire naming
> infrastructure of the internet."
> The hierarchical structure of the net's address books could be
> replaced with a more resilient system, he said, that uses a
> peer-to-peer type structure that would be harder to compromise.
> Story from BBC NEWS:
> Published: 2006/04/28 13:58:07 GMT
More information about the KICTANet