Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet
New Posts  All Forums:Forum Nav:

[ZD] How to crash the Internet - Page 2

post #11 of 50
Quote:
Originally Posted by mushroomboy View Post
The number one problem I see with this is accounting. It instantly makes me wonder if a country would do this so that they could remove or hide debt/expenses.
What do you mean? Stored accounting information would be unaffected.

Banks and financial firms also regularly perform reconciliation.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
post #12 of 50
Quote:
Originally Posted by DuckieHo View Post
What do you mean? Stored accounting information would be unaffected.

Banks and financial firms also regularly perform reconciliation.
Right, but if a company does transactions and removes their own records.... I'm saying that they will use the "out" as a way to say somebody else is wrong. Not saying any country would do such a thing, however we have seen bigger more blatant lies in the past. You are assuming those financial firms would be honest and have no government influence. I'm talking about political warfare, govt. trying to fudge another govt.

[edit] Not just political warfare either, inter bank warfare. You just can't assume that people wouldn't do such an attack for diversion. It would be one of the best banking diversions I can think of, things would get cut off from the mainframe.

Like over-drafting on debit cards. When the ATM (connection) gets shut down and says you have more money than you really do. So what do you do? You over-draft. However, if a bank uses this "out" to draw out money from a private sector manually without reporting due to... Idk, security is "down" and so they can get away with it. It just seems like a good start on planning financial sabotage.

[edit2] I don't really care to do an extreme and elaborate plan on this, because that's wasting my time. lol But You could use the outage as a way to say somebody else has improper records. Maybe not theft, but financial sabotage. You wouldn't get money out of this but you could discredit somebody which might give you an advantage elsewhere.
Edited by mushroomboy - 2/18/11 at 10:58am
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #13 of 50
Sounds good in theory, but we won't know until we test it out

My question is, how would you get to the BGP servers anyway. If I may try an analogy, I see it like this:

If you try to ddos a website while behind a proxy, you effectively ddos the proxy and the website stays safe.

So if you tried to mass ddos BGP, your ISP would go down but BGP stays unaffected?
Webcrawler
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k ASRock Z75 Pro3 Sapphire 7870 XT Boost Corsair Vengeance, DDR3 1600Mhz 
Hard DriveHard DriveOSMonitor
SpinPoint F1 1TB 64GB M4 SSD Windows 8.1 SyncMaster P2050 
MonitorKeyboardPowerMouse
Dell U2312HM Sidewinder X4 Be Quiet! Pure Power CM L8 430w Zowie FK 
AudioAudio
Xonar DG Sennheiser HD 555 
  hide details  
Reply
Webcrawler
(17 items)
 
  
CPUMotherboardGraphicsRAM
i5 3570k ASRock Z75 Pro3 Sapphire 7870 XT Boost Corsair Vengeance, DDR3 1600Mhz 
Hard DriveHard DriveOSMonitor
SpinPoint F1 1TB 64GB M4 SSD Windows 8.1 SyncMaster P2050 
MonitorKeyboardPowerMouse
Dell U2312HM Sidewinder X4 Be Quiet! Pure Power CM L8 430w Zowie FK 
AudioAudio
Xonar DG Sennheiser HD 555 
  hide details  
Reply
post #14 of 50
This should be fun, GeoHot Should do this!
post #15 of 50
Quote:
Originally Posted by mushroomboy View Post
Exactly how do you blacklist a computer these days? I can change my MAC, change my hardware ID, basically make myself look like a brand new computer. When you can do this at will it then becomes a very serious threat. You don't realize what will happen once these boxes reboot either, they will be flooded with data AGAIN. This could possibly cause fake blacklists from firewalls, causing an even larger problem. Essentially this problem makes itself worse until somebody fixes it, causing huge amounts of chaos.
ISPs don't just recognise users by MAC address - otherwise anyone could use Comcast's network without paying for a subscription. ISPs assign users IP addresses, and because they have chosen the IP address they know which specific subscriber is DDoSing the internet. From here, it's simple to blacklist the subscriber completely, ie deny the attacker service. If an ISP has assigned a physical address (ie a house) an IP, they can stop that subscriber's service easily.

Quote:
Originally Posted by mushroomboy View Post
Right, but if a company does transactions and removes their own records.... I'm saying that they will use the "out" as a way to say somebody else is wrong. Not saying any country would do such a thing, however we have seen bigger more blatant lies in the past. You are assuming those financial firms would be honest and have no government influence. I'm talking about political warfare, govt. trying to fudge another govt.
Ok. The problem with what you are saying is that it doesn't rely on simply shutting down the internet. If I have a debt to a bank, I can't get away with it by simply burning my records - it doesn't work like that.

Quote:
[edit] Not just political warfare either, inter bank warfare. You just can't assume that people wouldn't do such an attack for diversion. It would be one of the best banking diversions I can think of, things would get cut off from the mainframe.
Well, it would stop banking (obviously) but would have no effect on actual money - it would be frozen. If you think you've made some amazing discovery, I'm afraid you're going to spell out better
- how shutting down the internet would make it foolproof
- why banks would want to 'attack' each other (remember, if a bank is suspected to be fraudulently handling money, not only would there be a governmental investigation, but other banks would stop lending it money).

Quote:
Like over-drafting on debit cards. When the ATM (connection) gets shut down and says you have more money than you really do. So what do you do? You over-draft. However, if a bank uses this "out" to draw out money from a private sector manually without reporting due to... Idk, security is "down" and so they can get away with it. It just seems like a good start on planning financial sabotage.
It doesn't quite work like that. When you overdraft, you effectively say to the bank 'ok, can I borrow some money please?', and the bank says 'yes'. If a bank tries this with the internet down, it would effectively be like making up money. Doesn't work like that.

Quote:
[edit2] I don't really care to do an extreme and elaborate plan on this, because that's wasting my time. lol But You could use the outage as a way to say somebody else has improper records. Maybe not theft, but financial sabotage. You wouldn't get money out of this but you could discredit somebody which might give you an advantage elsewhere.
OMG ITS A CONSPIRACY
Current PC
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k Asus Maximus IV Extreme KFA2 GTX 580 Point of View GTX 580 
RAMHard DriveOptical DriveCooling
Corsair Vengeance LP Crucial M4 Some Samsung Custom Water Cooling 
OSMonitorKeyboardPower
Windows 7 Home Premium 64 bit NEC 30 inch Razer Black Widow Corsair AX850W 
CaseMouseMouse PadAudio
Silverstone TJ07-S Steelseries Xai Razer Destructor Sennheiser HD 800 
Audio
Asus Xonar STX 
  hide details  
Reply
Current PC
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k Asus Maximus IV Extreme KFA2 GTX 580 Point of View GTX 580 
RAMHard DriveOptical DriveCooling
Corsair Vengeance LP Crucial M4 Some Samsung Custom Water Cooling 
OSMonitorKeyboardPower
Windows 7 Home Premium 64 bit NEC 30 inch Razer Black Widow Corsair AX850W 
CaseMouseMouse PadAudio
Silverstone TJ07-S Steelseries Xai Razer Destructor Sennheiser HD 800 
Audio
Asus Xonar STX 
  hide details  
Reply
post #16 of 50
Quote:
Originally Posted by mushroomboy View Post
Exactly how do you blacklist a computer these days? I can change my MAC, change my hardware ID, basically make myself look like a brand new computer. When you can do this at will it then becomes a very serious threat. You don't realize what will happen once these boxes reboot either, they will be flooded with data AGAIN. This could possibly cause fake blacklists from firewalls, causing an even larger problem. Essentially this problem makes itself worse until somebody fixes it, causing huge amounts of chaos.

The number one problem I see with this is accounting. It instantly makes me wonder if a country would do this so that they could remove or hide debt/expenses.

[edit] Not to mention HFC MAC masking/duping. Pretty much piggy back accounts (various methods, not just HFC MAC which is only cable) so that you make yourself look like somebody else.
Most (if not all) cable providers do identification by the modem's MAC address, so if you change it to anything else you'll lose service. MAC spoofing in theory is very possible but it's also very easy to counter; if you geolock MAC addresses correctly then the hacker would have to guess a MAC address that's in the right location. There are 281,474,976,710,656 possible MAC addresses, so cracking it would be pretty darn hard.
Jet
(13 items)
 
  
CPUMotherboardGraphicsRAM
940 3GHz Quad Core Black Edition ASRock 780GXE EVGA GTX 460 768MB 4GB OCZ Reaper DDR2 1066MHz 
Hard DriveOptical DriveOSMonitor
500GB 7200RPM SAMSUNG 22X Windows 7 64-Bit Dell ST2410 24" 1920x1080 
PowerCaseMouse
OCZ StealthXStream 700W Aplus Monolith Mircosoft SideWinder 
  hide details  
Reply
Jet
(13 items)
 
  
CPUMotherboardGraphicsRAM
940 3GHz Quad Core Black Edition ASRock 780GXE EVGA GTX 460 768MB 4GB OCZ Reaper DDR2 1066MHz 
Hard DriveOptical DriveOSMonitor
500GB 7200RPM SAMSUNG 22X Windows 7 64-Bit Dell ST2410 24" 1920x1080 
PowerCaseMouse
OCZ StealthXStream 700W Aplus Monolith Mircosoft SideWinder 
  hide details  
Reply
post #17 of 50
Quote:
Originally Posted by allenottawa View Post
It is very possible to "take the internet down" for a few hours, maybe even days but it won't last. ISPs will blacklist the infected computers allowing everyone else to resume connection; it still would take out the infected computers, but they already had control of them in the first place.
If the internet went down for a few days economies could crash
Mixed Bag
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 6950X 4600Mhz ASUS Rampage V Edition 10 1080 Ti FE HyperX 12-13-13 @2400Mhz 
Hard DriveCoolingOSMonitor
Samsung 850 EVO Corsair H100i GTX Windows 10 x64 ASUS ROG PG279Q Black 27" 
KeyboardPowerCaseMouse
Corsair K95 RGB EVGA SuperNOVA 1000 P2 Corsair Air 540 Corsair RGB 
Mouse Pad
Some naked Anime with a plump butt 
  hide details  
Reply
Mixed Bag
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 6950X 4600Mhz ASUS Rampage V Edition 10 1080 Ti FE HyperX 12-13-13 @2400Mhz 
Hard DriveCoolingOSMonitor
Samsung 850 EVO Corsair H100i GTX Windows 10 x64 ASUS ROG PG279Q Black 27" 
KeyboardPowerCaseMouse
Corsair K95 RGB EVGA SuperNOVA 1000 P2 Corsair Air 540 Corsair RGB 
Mouse Pad
Some naked Anime with a plump butt 
  hide details  
Reply
post #18 of 50
Isn't this a self defeating attack? Can't attack the internet if you don't have an internet, logically the first routers to crach are the ones you and your bots are connected to.
    
CPUMotherboardGraphicsRAM
Haswell I7 4790k Asus Maximus VII Formula 980 Ti 8 gigabytes 
Optical DriveOSPowerCase
Blu Ray Windows 7 Ultimate 64 bit 750 watts HAF-X 
Mouse
Mionix Naos 5000 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
Haswell I7 4790k Asus Maximus VII Formula 980 Ti 8 gigabytes 
Optical DriveOSPowerCase
Blu Ray Windows 7 Ultimate 64 bit 750 watts HAF-X 
Mouse
Mionix Naos 5000 
  hide details  
Reply
post #19 of 50
Quote:
Originally Posted by Singular1ty View Post
Isn't this a self defeating attack? Can't attack the internet if you don't have an internet, logically the first routers to crach are the ones you and your bots are connected to.
They can keep attacking, so as soon as things come back online they go right back down. AND THEY STAY THERE! (Somebody better get that joke or else...)

Quote:
Originally Posted by tconroy135 View Post
If the internet went down for a few days economies could crash
Yeah, it really depends on the response time of all the ISPs. I imagine that there would be a few services that would go back up within the first few hours/minutes.
Jet
(13 items)
 
  
CPUMotherboardGraphicsRAM
940 3GHz Quad Core Black Edition ASRock 780GXE EVGA GTX 460 768MB 4GB OCZ Reaper DDR2 1066MHz 
Hard DriveOptical DriveOSMonitor
500GB 7200RPM SAMSUNG 22X Windows 7 64-Bit Dell ST2410 24" 1920x1080 
PowerCaseMouse
OCZ StealthXStream 700W Aplus Monolith Mircosoft SideWinder 
  hide details  
Reply
Jet
(13 items)
 
  
CPUMotherboardGraphicsRAM
940 3GHz Quad Core Black Edition ASRock 780GXE EVGA GTX 460 768MB 4GB OCZ Reaper DDR2 1066MHz 
Hard DriveOptical DriveOSMonitor
500GB 7200RPM SAMSUNG 22X Windows 7 64-Bit Dell ST2410 24" 1920x1080 
PowerCaseMouse
OCZ StealthXStream 700W Aplus Monolith Mircosoft SideWinder 
  hide details  
Reply
post #20 of 50
Quote:
Originally Posted by mushroomboy View Post
Right, but if a company does transactions and removes their own records.... I'm saying that they will use the "out" as a way to say somebody else is wrong. Not saying any country would do such a thing, however we have seen bigger more blatant lies in the past. You are assuming those financial firms would be honest and have no government influence. I'm talking about political warfare, govt. trying to fudge another govt.

[edit] Not just political warfare either, inter bank warfare. You just can't assume that people wouldn't do such an attack for diversion. It would be one of the best banking diversions I can think of, things would get cut off from the mainframe.

Like over-drafting on debit cards. When the ATM (connection) gets shut down and says you have more money than you really do. So what do you do? You over-draft. However, if a bank uses this "out" to draw out money from a private sector manually without reporting due to... Idk, security is "down" and so they can get away with it. It just seems like a good start on planning financial sabotage.

[edit2] I don't really care to do an extreme and elaborate plan on this, because that's wasting my time. lol But You could use the outage as a way to say somebody else has improper records. Maybe not theft, but financial sabotage. You wouldn't get money out of this but you could discredit somebody which might give you an advantage elsewhere.
You don't work banking do you?


If a bank is required by law to maintain the information. There are regulations and auditors who check this yearly.

In addition, transaction data is not kept in one database. The data is sent to downstream and upstream systems so there are other sources of the data. Furthermore, the other company has to confirm the transaction as well and they will have the paper trail. In addition, one can perform reconcilation to verify holdings.

If a bank "lost" their transactions, they are still liable for them.
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
Once again...
(13 items)
 
  
CPUMotherboardGraphicsRAM
i7 920 [4.28GHz, HT] Asus P6T + Broadcom NetXtreme II VisionTek HD5850 [900/1200] + Galaxy GT240 2x4GB G.Skill Ripjaw X [1632 MHz] 
Hard DriveOSMonitorKeyboard
Intel X25-M 160GB + 3xRAID0 500GB 7200.12 Window 7 Pro 64 Acer H243H + Samsung 226BW XARMOR-U9BL  
PowerCaseMouseMouse Pad
Antec Truepower New 750W Li Lian PC-V2100 [10x120mm fans] Logitech G9 X-Trac Pro 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet