Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet
New Posts  All Forums:Forum Nav:

[ZD] How to crash the Internet - Page 3

post #21 of 50
Gotta discuss this with my dad and brother. I have a hard time believing that this is even possible. The companies that house and run most if not all these BGP routers are here in the US. Their facilities are hardened like a military base as are their connections and hardware.


EDIT - Talked to my brother, Cisco certified network admin and senior network admin for a very large hospital service in Richmond VA. He said that this is is feasible but with some things left out. First he said that you would have to know which routers are the core BGP routers for each and every ISP, which is a crap load of routers. Second that you would also have to figure out which routers run the back plane which are run by three companies, two of which are in the US and are probably some of the most secure facilities and HW in the world. Getting access to this info is like working for the NSA, its very hard to get.
Edited by Pheatton - 2/18/11 at 12:23pm
post #22 of 50
Quote:
Originally Posted by shadow19935 View Post
This should be fun, GeoHot Should do this!
wow. epic comment.
Raven
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core I7 W3520 EVGA X58 FTW3 Sapphire HD 5970 6 GB Mushkin Red Line 
Hard DriveOptical DriveOSMonitor
Samsung F3 x2 (Raid 0) Asus Blu-Ray / Sony Optiarc DVD Windows 7 / Mint Linux Yamakasi Catleap Q270 
KeyboardPowerCaseMouse
Logitech UltraSlim ys-x49 Corsair 850 Watt HAF 932 MX500 
Mouse PadAudio
SteelSeries IceMat (Black) HT|Omega Claro Halo 
  hide details  
Reply
Raven
(14 items)
 
  
CPUMotherboardGraphicsRAM
Core I7 W3520 EVGA X58 FTW3 Sapphire HD 5970 6 GB Mushkin Red Line 
Hard DriveOptical DriveOSMonitor
Samsung F3 x2 (Raid 0) Asus Blu-Ray / Sony Optiarc DVD Windows 7 / Mint Linux Yamakasi Catleap Q270 
KeyboardPowerCaseMouse
Logitech UltraSlim ys-x49 Corsair 850 Watt HAF 932 MX500 
Mouse PadAudio
SteelSeries IceMat (Black) HT|Omega Claro Halo 
  hide details  
Reply
post #23 of 50
Quote:
Originally Posted by Cepheus View Post
ISPs don't just recognise users by MAC address - otherwise anyone could use Comcast's network without paying for a subscription. ISPs assign users IP addresses, and because they have chosen the IP address they know which specific subscriber is DDoSing the internet. From here, it's simple to blacklist the subscriber completely, ie deny the attacker service. If an ISP has assigned a physical address (ie a house) an IP, they can stop that subscriber's service easily.



Ok. The problem with what you are saying is that it doesn't rely on simply shutting down the internet. If I have a debt to a bank, I can't get away with it by simply burning my records - it doesn't work like that.



Well, it would stop banking (obviously) but would have no effect on actual money - it would be frozen. If you think you've made some amazing discovery, I'm afraid you're going to spell out better
- how shutting down the internet would make it foolproof
- why banks would want to 'attack' each other (remember, if a bank is suspected to be fraudulently handling money, not only would there be a governmental investigation, but other banks would stop lending it money).



It doesn't quite work like that. When you overdraft, you effectively say to the bank 'ok, can I borrow some money please?', and the bank says 'yes'. If a bank tries this with the internet down, it would effectively be like making up money. Doesn't work like that.



OMG ITS A CONSPIRACY
First off, I've been "spoofing" for over a year now. sbhacker.net will explain how it works completely, I'm not going to. Basically, yes they register by HFC MAC. They CAN do other methods, but it requires a lot more work than most of them are willing to pay for. I've got friends in Comcast who A) work internally, and B) spoof. I don't care if you don't believe in it, but it's been possible for years.

Second, why would china hack other sites? More so, why would china do anything illegal if there was nothing to gain from it? Apply that same reasoning to why a govt would put the effort into establishing a method of hurting another govt and you have your answer. I'm not saying they will, I'm saying they can.

Quote:
Originally Posted by allenottawa View Post
Most (if not all) cable providers do identification by the modem's MAC address, so if you change it to anything else you'll lose service. MAC spoofing in theory is very possible but it's also very easy to counter; if you geolock MAC addresses correctly then the hacker would have to guess a MAC address that's in the right location. There are 281,474,976,710,656 possible MAC addresses, so cracking it would be pretty darn hard.
See above. It's possible, I know from personal experience. You actually can't use a MAC in the same hub/node/network as your "local" area. You have to spoof outside your current hub, otherwise both modems do a constant reboot loop. It's all explained at sbhacker.net, however they don't exactly explain the spoofing part as that's illegal. They do give you all the tools and knowledge to do so.

Quote:
Originally Posted by DuckieHo View Post
You don't work banking do you?


If a bank is required by law to maintain the information. There are regulations and auditors who check this yearly.

In addition, transaction data is not kept in one database. The data is sent to downstream and upstream systems so there are other sources of the data. Furthermore, the other company has to confirm the transaction as well and they will have the paper trail. In addition, one can perform reconcilation to verify holdings.

If a bank "lost" their transactions, they are still liable for them.
Your assuming that this bank will follow the law. Roughly 5.7 billion dollars is laundered in drug money through the U.S. Govt. Who's to say the Govt won't do this? As I said earlier, China has already done "cyber attacks", why not go a step further? If you could facilitate the timing correctly, that's the biggest "if", you could do a lot of problematic things with this.

No offense, but the line of thinking you guys are going under needs to be changed if you want to see the reasoning behind it. If we committed a crime together, I'm going to end up killing you because it benefits me multiple ways. More profit (if that was the case), security issues, or maybe I just didn't like you and decided to just because.

Do you think geohot was thinking "Oh, I shouldn't do this because it's going to cause a huge amount of legal questions". Jesus, do you think China even gave a crap about the "cyber attacks". I mean honestly, if they cared they wouldn't have done it.

[edit]
Quote:
Originally Posted by allenottawa View Post
Most (if not all) cable providers do identification by the modem's MAC address, so if you change it to anything else you'll lose service. MAC spoofing in theory is very possible but it's also very easy to counter; if you geolock MAC addresses correctly then the hacker would have to guess a MAC address that's in the right location. There are 281,474,976,710,656 possible MAC addresses, so cracking it would be pretty darn hard.
First off, you can't "geolock" a mac address. The ISP only sends a yes/no config to the Hub(node, different names but I'm going to use HUB). Now, the thing is it's the HUB that accepts traffic not the ISP. So for you to have to do this you would need to put a HUB in place that has GPS (for location), or is sent with a config that knows where it is. Of course, doing this would also force the ISP to create a new department. People who have cable internet and move, getting a new location, would have to have things update and they would have to call tech support. Tech would then need to deal with that, costing them more money.

As for your "cracking" a MAC address. Your thinking too narrow, you need to re-design your method of cracking. All you need is a base address that works, get a friends/neighbors (or my favorite, an inside source). Once you have a base address you can do pre-mutations of that address to get new ones. That's because of how things are manufactured. You figure they manufacture XX:XX:XX:XX:XX:00 to XX:XX:XX:XX:XX:99 in a single shipment. When the ISP gets the shipment all those MACs are going to be in the same box. Thus, the chances of an address being used goes up, all you have to do is find the ones that aren't in storage. Of course, you get situations where independent contractors may get these shipments, or people are using store bought ones, which makes it a little more dicey. Due to the fact that that shipment will be dispersed locally still, because so many come in a box, you still have the chance of finding a few local "extra" addresses.

However, you can always do the scan method. Go find a hotspot or wifi that's open and scan for MACs, that's the no-brainer solution.

Honestly, I don't know why you people bother to say you can't do this crap. Go wifi hacking and come back with some field experience and then tell me what you can and can't do. In fact, one of the methods of wifi hacking could easily explain how you could "fake" bank records. In order to get the wifi hacked people will jam the base and create a "new" base so that the clients will connect to it. This allows them to get a multitude of packets, compare, and crack. How would this go anywhere? Shut the network down (internet), build your own bank protocol, think more imaginatively.
Edited by mushroomboy - 2/18/11 at 2:17pm
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #24 of 50
One Word: Skynet.
post #25 of 50
This will never happen. It's one of those 'what if; doomsday articles'.
post #26 of 50
Quote:
Originally Posted by s-x View Post
This will never happen. It's one of those 'what if; doomsday articles'.
I'm sure by now they are creating a safety net, or certain protocols are hard wired to each other. Either way, it's probably not feasible unless with a LOT of hardware (converts to money/time really, something that would have to be funded large scale.
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #27 of 50
This is not even a problem, most companies use 2 to 3 ISPs to connect to the internet, failovers and even active failovers. You also have the fact that when they take down a BGP router it just connects 1 ISP to another so if you take out ATT BGP to Sprint the network still remains it will reroute through another ISP, even if it dosent the website wouldnt be down long.
post #28 of 50
Quote:
Originally Posted by mushroomboy View Post
First off, I've been "spoofing" for over a year now. sbhacker.net will explain how it works completely, I'm not going to. Basically, yes they register by HFC MAC. They CAN do other methods, but it requires a lot more work than most of them are willing to pay for. I've got friends in Comcast who A) work internally, and B) spoof. I don't care if you don't believe in it, but it's been possible for years.
Ugh. Spoofing your MAC address is easy. The problem is that simply spoofing your mac address does not make you anonymous, in any way. When you send data, pieces of information are always sent by your computer, irrespective of hardware IDs - the source IP and destination IP. The source IP is the address your computer can be found at on the internet - if your public IP is 205.56.49.23 any computer in the world can attempt to connect to your computer by sending packets to 205.56.49.23. This is actually the target of this attack - to disrupt the servers that provide the map to each IP address. Anyway. You don't get to choose your IP address (unless you're a large corporation such as Google), you get assigned it by your ISP. This means that as soon as it becomes clear that 205.56.49.23 is being used to perpetrate an attack, the ISP that owns the ip address can be contacted - the isp can then easily block said line from the network, because they know who (ie the person) they assigned the specific ip address to. This is not the computer. It is the actual subscriber.

Spoofing MAC addresses sounds all high and mighty, but in reality it achieves very little.


Quote:
Second, why would china hack other sites? More so, why would china do anything illegal if there was nothing to gain from it? Apply that same reasoning to why a govt would put the effort into establishing a method of hurting another govt and you have your answer. I'm not saying they will, I'm saying they can.
How would simply shutting down the internet help? This is essentially the equivalent of talking crap about someone whilst they're on holiday.


Quote:
Do you think geohot was thinking "Oh, I shouldn't do this because it's going to cause a huge amount of legal questions".
Am I right in thinking that you are of the opinion that Geohot cracked the PS3 for piracy-related reasons?

Quote:
Honestly, I don't know why you people bother to say you can't do this crap. Go wifi hacking and come back with some field experience and then tell me what you can and can't do. In fact, one of the methods of wifi hacking could easily explain how you could "fake" bank records. In order to get the wifi hacked people will jam the base and create a "new" base so that the clients will connect to it. This allows them to get a multitude of packets, compare, and crack. How would this go anywhere? Shut the network down (internet), build your own bank protocol, think more imaginatively.
We have a paper money system - simply adding numbers doesn't work. If you do it on a country basis, making money just devalues the currency (see Germany in the 1920s, Zimbabwe), if you do it on a per-bank basis people just don't do business with you and you get shut down by the feds.

I'm going to stop arguing with you here and just make one final point:

Your entire argument seems to revolve around the hypothesis that noone has ever thought that electronically forging money might ever become an issue in the future. Think about that a minute.
Current PC
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k Asus Maximus IV Extreme KFA2 GTX 580 Point of View GTX 580 
RAMHard DriveOptical DriveCooling
Corsair Vengeance LP Crucial M4 Some Samsung Custom Water Cooling 
OSMonitorKeyboardPower
Windows 7 Home Premium 64 bit NEC 30 inch Razer Black Widow Corsair AX850W 
CaseMouseMouse PadAudio
Silverstone TJ07-S Steelseries Xai Razer Destructor Sennheiser HD 800 
Audio
Asus Xonar STX 
  hide details  
Reply
Current PC
(17 items)
 
  
CPUMotherboardGraphicsGraphics
i5 2500k Asus Maximus IV Extreme KFA2 GTX 580 Point of View GTX 580 
RAMHard DriveOptical DriveCooling
Corsair Vengeance LP Crucial M4 Some Samsung Custom Water Cooling 
OSMonitorKeyboardPower
Windows 7 Home Premium 64 bit NEC 30 inch Razer Black Widow Corsair AX850W 
CaseMouseMouse PadAudio
Silverstone TJ07-S Steelseries Xai Razer Destructor Sennheiser HD 800 
Audio
Asus Xonar STX 
  hide details  
Reply
post #29 of 50
Quote:
Originally Posted by mushroomboy View Post
Exactly how do you blacklist a computer these days? I can change my MAC, change my hardware ID, basically make myself look like a brand new computer. When you can do this at will it then becomes a very serious threat. You don't realize what will happen once these boxes reboot either, they will be flooded with data AGAIN. This could possibly cause fake blacklists from firewalls, causing an even larger problem. Essentially this problem makes itself worse until somebody fixes it, causing huge amounts of chaos.

The number one problem I see with this is accounting. It instantly makes me wonder if a country would do this so that they could remove or hide debt/expenses.

[edit] Not to mention HFC MAC masking/duping. Pretty much piggy back accounts (various methods, not just HFC MAC which is only cable) so that you make yourself look like somebody else.

Hate to break it to you, but just because your computer changes its MAC address your identity hasn't changed with your ISP. You do realize that you have this fancy thing called a modem that authorizes you to use the network. Your ISP knows exactly who you are...

Anyways, not all core routers rely on dynamic BGP. ISPs can just as easily start filtering out the traffic just like they do for fake source IPs in packets already.

Why is anyone talking about "spoofing" MAC addresses? There is no such thing as "spoofing" when authorization isn't handled by MAC addresses. Your modem authenticates you. (for the ignorant trolls: just because you're in bridged mode, you still need to authenticate with the router depending on the type of authentication available. PPoE/PPTP/etc) "spoofing" only does anything beneficial on the LAN.

Protip: You do realize that every router your packets pass through strip the source mac address and replace it with their own right? Did you just get on the internet today?
Edited by PoopaScoopa - 2/18/11 at 4:33pm
post #30 of 50
Quote:
Originally Posted by Crazy9000 View Post
Source

I found this randomly and thought it was pretty interesting. Please read the article before saying "this won't work" .
This would work but a more effective attack would take down the Root DNS servers. Highly publized and fairly easiy to accomplish with some skill on behalf of the attacker.
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet