Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet
New Posts  All Forums:Forum Nav:

[ZD] How to crash the Internet - Page 4

post #31 of 50
Well someone who could actually do this wouldn't even want to do this, because they probably spend their life on the internet.
It's TURBO TIME!
(14 items)
 
  
CPUMotherboardGraphicsRAM
[i5 2500k] [AsRock Z77 Pro 4] [ATI 5770] [16GB G.Skill Ripjaws DDR3-1333][7-7-7-21@1.5v] 
Hard DriveCoolingOSMonitor
[OCZ Agility 3 120GB] [Corsair H-60] [Windows 7 Ultimate x64] [22in Asus 2ms 1920x1080] 
KeyboardPowerCaseMouse
daskeyboard [SeaSonic X750 Gold 750W] [NZXT M59] Razer DeathAdder 
  hide details  
Reply
It's TURBO TIME!
(14 items)
 
  
CPUMotherboardGraphicsRAM
[i5 2500k] [AsRock Z77 Pro 4] [ATI 5770] [16GB G.Skill Ripjaws DDR3-1333][7-7-7-21@1.5v] 
Hard DriveCoolingOSMonitor
[OCZ Agility 3 120GB] [Corsair H-60] [Windows 7 Ultimate x64] [22in Asus 2ms 1920x1080] 
KeyboardPowerCaseMouse
daskeyboard [SeaSonic X750 Gold 750W] [NZXT M59] Razer DeathAdder 
  hide details  
Reply
post #32 of 50
Quote:
Originally Posted by DuckieHo View Post
What do you mean? Stored accounting information would be unaffected.

Banks and financial firms also regularly perform reconciliation.
He means from a networking perspective. The router store lots of administrative info and network addresses (Accounting) not like financial account activity of banks and things.

For Banks
It could potentially affect internet banks if you could not route traffic to the destination. The financial information store by the bank would not be effected at all.

In a well design secure banking system there are no direct connections from the web presence to the backend mainframe databases. Tranactions and activities go thru multiple edit programs and validation. The total jobs are balanced and suspect transactions are handled vai an suspense account activity. This is one of the reasons why takes time for debits and credits to post to bank accounts as they need the backend processes to run.

Quote:
Originally Posted by cl04k3d View Post
Well someone who could actually do this wouldn't even want to do this, because they probably spend their life on the internet.
Not a valid assumption. You can buy the programing skill to do this especially if you wanted to impact an country's economy or a company's bottom line.
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
post #33 of 50
Meh. If this were a big deal it would have been done by now.
BGPv4 has been used since like 1994..

Similar to "If you attack the root DNS servers all at once, mass chaos would ensue!".
Not really practical.
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
post #34 of 50
Quote:
Originally Posted by Pheatton View Post
Gotta discuss this with my dad and brother. I have a hard time believing that this is even possible. The companies that house and run most if not all these BGP routers are here in the US. Their facilities are hardened like a military base as are their connections and hardware.


EDIT - Talked to my brother, Cisco certified network admin and senior network admin for a very large hospital service in Richmond VA. He said that this is is feasible but with some things left out. First he said that you would have to know which routers are the core BGP routers for each and every ISP, which is a crap load of routers. Second that you would also have to figure out which routers run the back plane which are run by three companies, two of which are in the US and are probably some of the most secure facilities and HW in the world. Getting access to this info is like working for the NSA, its very hard to get.
Your brother is correct and those things were left out on purpose.

They are secure but not as secure as the NSA. Do a traceroute and you will learn a great deal about how traffic is routerd and who owns the router

Quote:
Originally Posted by beers View Post
Meh. If this were a big deal it would have been done by now.
BGPv4 has been used since like 1994..

Similar to "If you attack the root DNS servers all at once, mass chaos would ensue!".
Not really practical.
Yes, it would create chaos.

The ability to execute a coordinated attack is possible and would need to be synced to a time source such as one of the atomic clocks. Depending upon the resouces the attacker has available will determines the attack potential practicality.

For example, if you have the Chinese, Russion or another government infrastructure or a large telecom provider infrastructure it may be possible. Understand that there may be mitigating controls which may hinder, deter and nullify this type of attack.
Edited by Kmon - 2/18/11 at 5:05pm
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
post #35 of 50
The best way to kill the internet would be to poison DNS, but there's so many DNS servers all over the worl that such a task is rediculously hard to do that it might as well be impossible.
post #36 of 50
Quote:
Originally Posted by mushroomboy View Post
First off, I've been "spoofing" for over a year now. sbhacker.net will explain how it works completely, I'm not going to. Basically, yes they register by HFC MAC. They CAN do other methods, but it requires a lot more work than most of them are willing to pay for. I've got friends in Comcast who A) work internally, and B) spoof. I don't care if you don't believe in it, but it's been possible for years.

Second, why would china hack other sites? More so, why would china do anything illegal if there was nothing to gain from it? Apply that same reasoning to why a govt would put the effort into establishing a method of hurting another govt and you have your answer. I'm not saying they will, I'm saying they can.



See above. It's possible, I know from personal experience. You actually can't use a MAC in the same hub/node/network as your "local" area. You have to spoof outside your current hub, otherwise both modems do a constant reboot loop. It's all explained at sbhacker.net, however they don't exactly explain the spoofing part as that's illegal. They do give you all the tools and knowledge to do so.



Your assuming that this bank will follow the law. Roughly 5.7 billion dollars is laundered in drug money through the U.S. Govt. Who's to say the Govt won't do this? As I said earlier, China has already done "cyber attacks", why not go a step further? If you could facilitate the timing correctly, that's the biggest "if", you could do a lot of problematic things with this.

No offense, but the line of thinking you guys are going under needs to be changed if you want to see the reasoning behind it. If we committed a crime together, I'm going to end up killing you because it benefits me multiple ways. More profit (if that was the case), security issues, or maybe I just didn't like you and decided to just because.

Do you think geohot was thinking "Oh, I shouldn't do this because it's going to cause a huge amount of legal questions". Jesus, do you think China even gave a crap about the "cyber attacks". I mean honestly, if they cared they wouldn't have done it.

[edit]


First off, you can't "geolock" a mac address. The ISP only sends a yes/no config to the Hub(node, different names but I'm going to use HUB). Now, the thing is it's the HUB that accepts traffic not the ISP. So for you to have to do this you would need to put a HUB in place that has GPS (for location), or is sent with a config that knows where it is. Of course, doing this would also force the ISP to create a new department. People who have cable internet and move, getting a new location, would have to have things update and they would have to call tech support. Tech would then need to deal with that, costing them more money.

As for your "cracking" a MAC address. Your thinking too narrow, you need to re-design your method of cracking. All you need is a base address that works, get a friends/neighbors (or my favorite, an inside source). Once you have a base address you can do pre-mutations of that address to get new ones. That's because of how things are manufactured. You figure they manufacture XX:XX:XX:XX:XX:00 to XX:XX:XX:XX:XX:99 in a single shipment. When the ISP gets the shipment all those MACs are going to be in the same box. Thus, the chances of an address being used goes up, all you have to do is find the ones that aren't in storage. Of course, you get situations where independent contractors may get these shipments, or people are using store bought ones, which makes it a little more dicey. Due to the fact that that shipment will be dispersed locally still, because so many come in a box, you still have the chance of finding a few local "extra" addresses.

However, you can always do the scan method. Go find a hotspot or wifi that's open and scan for MACs, that's the no-brainer solution.

Honestly, I don't know why you people bother to say you can't do this crap. Go wifi hacking and come back with some field experience and then tell me what you can and can't do. In fact, one of the methods of wifi hacking could easily explain how you could "fake" bank records. In order to get the wifi hacked people will jam the base and create a "new" base so that the clients will connect to it. This allows them to get a multitude of packets, compare, and crack. How would this go anywhere? Shut the network down (internet), build your own bank protocol, think more imaginatively.
Very nice, you are correct, need to add how mac addresses are authenticated to the cable bridgehead. - Please do not post the response in public to the above. If interested pm me to discuss. Also may want to think about the frequency used -

Quote:
Originally Posted by t4ct1c47 View Post
The best way to kill the internet would be to poison DNS, but there's so many DNS servers all over the worl that such a task is rediculously hard to do that it might as well be impossible.
What about destroying or placing misinformation in the DNS masters
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
Gunslinger
(13 items)
 
  
CPUMotherboardGraphicsRAM
1090 MSI 890FXA GD70 5870 Corsair 
Hard DriveOSMonitorPower
C300 Windows I-INC Thermaltake 850 
Case
HAF 932 
  hide details  
Reply
post #37 of 50
Quote:
Originally Posted by Kmon View Post
What about destroying or placing misinformation in the DNS masters
That's what I'm referring to, nothing quite as irritating as performing a dig and not bringing back any valid A records at all.
post #38 of 50
Quote:
Originally Posted by Cepheus View Post
Ugh. Spoofing your MAC address is easy. The problem is that simply spoofing your mac address does not make you anonymous, in any way. When you send data, pieces of information are always sent by your computer, irrespective of hardware IDs - the source IP and destination IP. The source IP is the address your computer can be found at on the internet - if your public IP is 205.56.49.23 any computer in the world can attempt to connect to your computer by sending packets to 205.56.49.23. This is actually the target of this attack - to disrupt the servers that provide the map to each IP address. Anyway. You don't get to choose your IP address (unless you're a large corporation such as Google), you get assigned it by your ISP. This means that as soon as it becomes clear that 205.56.49.23 is being used to perpetrate an attack, the ISP that owns the ip address can be contacted - the isp can then easily block said line from the network, because they know who (ie the person) they assigned the specific ip address to. This is not the computer. It is the actual subscriber.

Spoofing MAC addresses sounds all high and mighty, but in reality it achieves very little.




How would simply shutting down the internet help? This is essentially the equivalent of talking crap about someone whilst they're on holiday.




Am I right in thinking that you are of the opinion that Geohot cracked the PS3 for piracy-related reasons?



We have a paper money system - simply adding numbers doesn't work. If you do it on a country basis, making money just devalues the currency (see Germany in the 1920s, Zimbabwe), if you do it on a per-bank basis people just don't do business with you and you get shut down by the feds.

I'm going to stop arguing with you here and just make one final point:

Your entire argument seems to revolve around the hypothesis that noone has ever thought that electronically forging money might ever become an issue in the future. Think about that a minute.
I'm well aware about electronic forgery. What was that phone virus that screwed with people? Anyways, I'm well aware that they know WHO is legally assigned to this HFC. However, the ONLY way they can find out who is riding piggy back is to trace back the line. Newer housing might have the hub lines marked, but generally they aren't, so all they can do is tell what hub I'm running off of.

The bull**** part of all this is if I do something illegal (such as hack/download) nothing gets done to me. It gets done to the person who's legally ascribed this account. That's because the only way for them (in most cases, unless when they dropped the lines they were marked) to find out exactly where this line is going is to go to the hub and manually disconnect until I "dissapear". They (generally) won't do that unless they get severe pressure, which this type of scenario might ("breaking the internet").

Honestly, if you know anything about cable modems then you know you can manually set the IP. With a manually set IP and a "fake" HFC their is **** they can do to find out who I am. It's not my account, don't any of you understand that? It's like credit card scamming, you never use your real info. I mean seriously, when did criminals get nice.

Quote:
Originally Posted by PoopaScoopa View Post
Hate to break it to you, but just because your computer changes its MAC address your identity hasn't changed with your ISP. You do realize that you have this fancy thing called a modem that authorizes you to use the network. Your ISP knows exactly who you are...

Anyways, not all core routers rely on dynamic BGP. ISPs can just as easily start filtering out the traffic just like they do for fake source IPs in packets already.
Hate to break it to you, but as I explained before.

It's not my account.

It's like identity theft, only a little harder for them to trace back unless I'm actively using that account.

Quote:
Originally Posted by PoopaScoopa View Post
Why is anyone talking about "spoofing" MAC addresses? There is no such thing as "spoofing" when authorization isn't handled by MAC addresses. Your modem authenticates you. (for the ignorant trolls: just because you're in bridged mode, you still need to authenticate with the router depending on the type of authentication available. PPoE/PPTP/etc) "spoofing" only does anything beneficial on the LAN.

Protip: You do realize that every router your packets pass through strip the source mac address and replace it with their own right? Did you just get on the internet today?
Your right, you don't spoof, it's more like piggy backing. But since that isn't a real term either, I don't really care. How about I say Modem Identity Theft, cause that's a bit more on the point?

The idea is that the ISP sees John Doe online and not me, so when they trace it back they get some random John Doe that had nothing to do with the "DDOS" or hack attempt. It's just as evil as using hotspot wifi to do your illegal activities except you don't have to drive around either marking them on a map or hacking them.

Jesus, you people don't understand that I KNOW how IPs work. What you don't understand is the very little info that a modem (cable) uses to "identify" itself to an ISP.

Code:
HFC XX:XX:XX:XX:XX:XX
Ethernet MAC XX:XX:XX:XX:XX:XX
USB MAC XX:XX:XX:XX:XX:XX
Serial Number 1669XXXXXXXXXXXXXXXXXXXX
It might check, this is a HUGE might:

Vendor
Model
Software Version
Hardware Version
Bootloader Revision

They might do SMNP, but you just set up your own SMNP trap for that.

When the ISP gets the connection they get an IP and the poor smuck's info that is assigned the HFC Mac. You, whoever you choose to be, never has any info leaked to the ISP. They have NO idea of knowing who you are, just that you are using the HFC Mac, and probably the original owner at the same time. They then go "oh, that's not right" and disrupt the service until they can send somebody to fix it. If it checks out nothing happens.

Go do cable modem research before you talk **** about this, seriously I know how the entire ordeal goes. They can find the hub, that's about it. As I said before, the hub has to be marked (and probably on record) for them to know what house it goes to. So if you see the cable guy playin with the hub down the street change the damn mac. It's not THAT hard, or change it after you do anything really illegally dumb and stupid.

[edit] I actually legally have internet now, as of a month ago. =P But yes, I understand how all this goes, and yes I know it's illegal.

[edit2] Generally only the HFC Mac is required. The other info is used by a few ISPs, but they usually don't because of the amount of traffic (people getting disconnected, re-connected, ect..) that happens through accounting. I've actually herd Comcast is so bad that you can use any HFC Mac as long as you have a valid config file. Just manually set up the NTP server to download a config with a "valid" signature/ID and you get on. Yes, security is THAT bad. Probably because of the high demand/maintenance.
Edited by mushroomboy - 2/18/11 at 6:12pm
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #39 of 50
Mildly related, my university's internet was ddos attacked yesterday. Internet was down for 8 hours on campus until our ISP blacklisted the attacker.
Sandy
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k Asrock P67 Extreme4 Gen3 Sapphire 6950 2gb 8gb (2x4gb) G.Skill Ripjaw 1600mhz 
Hard DriveOptical DriveOSMonitor
1tb Samsung F3 Asus Windows 7 Pro 64bit Hannspree 28" + HP 24" 
KeyboardPowerCaseMouse
Razer Tarantula Seasonic X750 Haf 912 Razer Deathadder 
Mouse Pad
sUrface 1030 
  hide details  
Reply
Sandy
(13 items)
 
  
CPUMotherboardGraphicsRAM
Intel Core i5 2500k Asrock P67 Extreme4 Gen3 Sapphire 6950 2gb 8gb (2x4gb) G.Skill Ripjaw 1600mhz 
Hard DriveOptical DriveOSMonitor
1tb Samsung F3 Asus Windows 7 Pro 64bit Hannspree 28" + HP 24" 
KeyboardPowerCaseMouse
Razer Tarantula Seasonic X750 Haf 912 Razer Deathadder 
Mouse Pad
sUrface 1030 
  hide details  
Reply
post #40 of 50
Quote:
Originally Posted by brumby05 View Post
Mildly related, my university's internet was ddos attacked yesterday. Internet was down for 8 hours on campus until our ISP blacklisted the attacker.
The Netriplex data center in NC had a DDoS 2 days ago that affected my crap for a couple hours until it was null routed. Equally as mildly related.

Why can't everyone get along and be nice on the interwebz
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
Waiting on X399
(13 items)
 
  
CPUMotherboardGraphicsRAM
AMD Phenom II B57 @ X4 3.9 Gigabyte 790FXTA-UD5 Sapphire Radeon 290 8 GB G.Skill 2133 
Hard DriveCoolingOSKeyboard
250 GB 840 EVO Noctua NH-D14 Windows 10 Logitech K350 
PowerCaseMouseMouse Pad
Seasonic x750 Corsair 600T Logitech G100s Razer Goliathus Speed 
Audio
Plantronics Gamecom 788 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Technology and Science News
Overclock.net › Forums › Industry News › Technology and Science News › [ZD] How to crash the Internet