Expert: Anonymous root DNS servers attack unlikely to cause much damageFebruary 20, 2012 - 12:04 AMT PanARMENIAN.Net - An upcoming campaign announced by the hacking group Anonymous directed against the Internet's core address lookup system is unlikely to cause much damage, according to one security expert. PM World reports that in a warning on Pastebin, Anonymous said last week it would launch an action on March 31 as part of "Operation Global Blackout" that would target the root Domain Name System (DNS) servers. Anonymous said the attack has been planned as a protest against "our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun". The DNS translates a Web site name, such as www.idg.com, into a numerical IP (Internet Protocol) address, which is used by computers to find the Web site. The 13 authoritative root servers contain the master list of where other name servers can look up an IP address for a domain name within a certain top-level domain such as ".com." The group said it had built a "Reflective DNS Amplification DDOS" (distributed denial-of-service) tool, which causes other DNS servers to overwhelm those root servers with lots of traffic, according to the Pastebin post. But there are several factors working against the Anonymous campaigners, wrote Robert Graham, CEO of Errata Security. "They might affect a few of the root DNS servers, but it's unlikely they could take all of them down, at least for any period of time," Graham wrote. "On the day of their planned Global Blackout, it's doubtful many people would notice." Although there are 13 root servers, an attack on one would not affect the other 12, Graham wrote. Additionally, an attack would be less successful due to "anycasting," which allows traffic for a root server to be redirected to another server containing a replica of the same data. There are hundreds of other servers worldwide that hold the same data as the root servers, which increase the resiliency of DNS. ISPs also tend to cache DNS data for a while, Graham wrote. ISPs may cache data for a day or two before needing to do a fresh lookup, a time period that can be set on servers known as "time-to-live." It means that even if a root server was down, it would not necessarily immediately affect an ISP's customers. Lastly, root DNS servers are closely watched. If trouble started, the malicious traffic to the root servers would likely be blocked, with disruptions lasting a few minutes, Graham wrote. "Within minutes of something twitching, hundreds of Internet experts will converge to solve the problem," he wrote. Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020." Partner news Most popular in the section | Court in Azerbaijan extends former Karabakh leader’s arrest by 5 months The Binagadi District Court in Azerbaijan has granted the prosecutor’s petition to extend the arrest of Arkady Ghukasyan. U.S. still believes “peace is possible” between Armenia, Azerbaijan The United States continues to believe that peace is possible between Armenia and Azerbaijan, Vedant Patel says. Dozens detained as antigovernment protest continue in Armenia At least 63 people demanding Prime Minister Nikol Pashinyan’s resignation were detained on May 14 as they blocked streets in Yerevan. Family of Ilham Aliyev’s security chief owns vast property in UK As head of security for Azerbaijan’s president, Eyyubov is closely trusted by one of the world’s most authoritarian leaders. |