How To Crash the Internet 166
rudy_wayne writes "We know you can take down Web sites with Distributed Denial of Service (DDoS) attacks. We know that a government, like Egypt's, can shut down an entire country's Internet access. And, we thought we knew that you can't take down the entire Internet. It turns out we could be wrong. In a report from New Scientist, Max Schuchard, a computer science graduate student, and his buddies claim they've found a way to launch DDoS attacks on Border Gateway Protocol (BGP) network routers that could crash the Internet."
Re:How is this news? (Score:5, Informative)
More detail:
http://lists.ucc.gu.uwa.edu.au/pipermail/lore/2006-August/000040.html [uwa.edu.au]
http://www.merit.edu/mail.archives/nanog/1997-04/msg00340.html [merit.edu]
http://www.merit.edu/mail.archives/nanog/1997-04/msg00444.html [merit.edu]
http://portal.acm.org/citation.cfm?id=347428&dl=ACM&coll= [acm.org]
http://web.archive.org/web/20070328170121/http://www.riverstonenet.com/support/bgp/design/index.htm [archive.org]
Sigh... (Score:5, Informative)
Re:How is this news? (Score:4, Informative)
Because, as described in TFA, the method used to exploit BGP is totally different from previous known methods. This one is about DDoS-ing a single high-traffic link between two routes so that neighbouring routers will send BGP updates telling listening parties to route their traffic elsewhere. The DDoS-ing would then stop, traffic resume on the link and new BGP updates being sent. Then another DDoS on the same link and so on. Eventually the amount of BGP updates would build up a huge backlog overloading every router in the world.
The attack is possible in theory. In reality, you would need a huge botnet concentrating on a single vulnerable link to be able to pull off the attack. Generally high traffic links are also high capacity links, so the botnets size would have to be gigantic to disrupt a major link.