“That’s Impossible!”

Gee, that's no good.

Best regards,
Steven.

eewwwww   not good...   best regards

So basically we could shoot ourselves in the foot thinking we're under attack when in reality no such attack exists. Worse case scenario. Playing Devil's advocate here. Feint and counter-feint. If Egypt did it and they've gotten most of their tech from the US, imagine what the US and allies can do. Insidious world we live in.

First off, the article title is black, and I cannot read it over here because the GC2 forums use a black background.

But aside from that, is there any way to defend against this without just doing the hackers' work for them??

^ One solution to the visibility problem would be simply to logon to JoeUser.com, or to WinCustomize.com.

"Another solution is to have 10% of operators monitoring the health of the Internet by alternative means, and that probably would prove difficult despite what was seen with the net disruptions caused by the Slammer Worm in 2003."

By doing that, we would be asking to have the Router Managers and ISP Network Managers "open an umbrella before it started raining", so to speak. That's a difficult thing to ask or to mandate, but so far that's the only solution short of having a 'shadow' internet as far as I have researched.

But I'm mostly curious as to how exactly one would "trick" a router into falsely identifying another router as "down".

Talk about insidious.

Best regards,
Steven.

Be prepared to do unto others before they do unto you. If a threat is perceived perhaps having a pre-emptive solution is in order.

Which would be.....?

Hackers are hard to find in realspace and move around to a fair degree, and although I do not doubt that the US would try to go to war with any country the attacks came from I don't think that would really, you know, work. The hackers would have to be found and removed from play before they were able to implement something like this, which would be hard considering that it is unlikely that they would give much warning.

Ever hear of a piggy-back? A signal superimposed on any incoming signal that can ride it back to the source. The cable companies did that years ago to prevent their signals being read from 'hacked' cable boxes. It was called a bullet. Signals can be traced, even wifi. Think of what SETI uses to trace signals from space, monitoring literally billions at a time. SETI's been operating since the sixties. In fifty years the US has improved on the technology tremendously. You'd be surprised what they are capable of.

Guess anything is possible with the minds available to do these type of things. I also know there is nothing the regular computer user can do about such a situation. Well  again I guess there is and that would be to never turn on your computer. So really this is just another thing to relate to the Off switch. First we had articles saying there was actually an off switch now it says there is no such thing. Even if its possible to do this type of stuff we should just go on with our computer enjoyment and not worry so much about what may or may not happen. So enjoy today as you may or maynot not have it tomorrow but then you may not even be here tomorrow.

The best thing that could ever happen would be that the Internet die a quick and painful death. I use it because everyone else does and I do not want to be left out. Wouldn't it be great to actually read letters that were sent in the mail or to get our news by visiting the corner news stand and buying a cheap news paper? We feel as if we need it because its so versatile in what it can do but does the Internet really make people any better off or even more content with their lives? This generation will tell you they cannot live without it. Yes they can they just don't want too. It's like the drug addict who is content with their miserable lives and choose not to live without the drugs. The drugs make them not think right and I am beginning to think computers and the Internet are making people not to think right too. Perhaps I am living in the wrong era and and should start a modern luddite movement where we destroy every computer we can find.     

Sorry, Scoutdog...not being a hacker, I wouldn't know.

I see you now understand my earlier post about an off switch for the internet... I believe that there must be such a switch in the case of a botnet attack such as this.

For every hacker, there's one better. Just have to harness our resources. Just as the cash prize prize is being offered for the hacker who can 'poison' or 'opt' the new browsers.

One step is to adopt safe browsing practices, and possibly a temporary virtual environment while opening "trusted" emails. Also, using software such as Threatfire and malware sniffers.

I never said there wasn't such a switch. I asked "Should there be...?".

The ultimate "Off Switch". Just hope for a friend to erase your browser history.  JK, Dave... you're one of the good guys.

 1. Safe browsing is pretty standard with most of us I would say.

2. Doc I never said you said there wasn't such a thing as an off switch and know you only asked if there should be one. I have read it all over the Internet on many different sites a couple said there was and some said no such thing was available.

3. Hell I may not be here after I post this. Something may just fly out of my computer and suck my brain out (such as it is but won't be getting much information), one never knows. 

That's ok, Dave: I read what you wrote as referring to my prior article. No biggy.

Yep...gotta beware of them flyin' brain suckers.

Thanks for the pic. Now I really have something to worry about knowing that thing is out there.

Power is one thing.

But deception is everything.

There is only one "other-ment".

-.-

Can somebody explain the OP in a simple way to me?

It's too wordy.

Basically, drJBHL is presenting a possible scenario where an off-switch (a theoretical button turning off major parts of the internet) would be the ideal solution to hackers trying to do damage to crucial infrastructure.

The counter-argument, now as before, is not that the button would be ineffective against countering a supposed threat. The argument is that it will be used for other ends, and that the government cannot be trusted with that power.

Looks pretty simple to me....  

I am not surprised by the discovery of this attack vector. Every programmer should understand that all things can and will break eventually. This particular vector of attack aims at disrupting the redundancies built into the protocol to handle single router failures. However, as the OP points out, such an attack would require a large amount of well orchestrated disruptions in order to take down the entire internet, and even then, this would only cause a temporary outage while the routers were reset. One should remember that router outages are rare to the individual router, but quite common when considering all routers. Thus, a router which finds itself cut off without being somehow disabled would still invoke its routines for creating a new route map and would send out the appropriate messages. The real problem is these message which would flood the various networks causing large scale congestion. However, this congestion would tend to be localized and would probably be at its worst for only a few hours following the conclusion of the attack. From what I know of BGP, this type of attack would be highly unlikely on this scale as one would have to perform the attack from many locations at once while also not disrupting the internet enough to disrupt the attack itself before it has had time to effect such a large number of BGP routers, which are not exactly simple store bought routers.

Yeah, BGP has its downfalls. But its far from being only routing protocol on the net. In fact, there are dozens of them, and some of them have a way to counter such attacks.

Moreover, many backbones use static routing tables instead of any dynamic protocol and are not affected by this at all.

Such articles just spread FUD around, trying to scare people who dont understand the technology and believe them w/out doubt.

You're a native englishspeaker (an arrogant one). I'm not.

Thanks Heaven