Schneier has forgotten more about networking and the internet that I have learned in 30+ years. If he is concerned, I'm freaking out.
k. I'm not. "Bang bang!" "Not dead yet." "Bang bang bang!" "Still not dead." "Bang bang bang bang!" "Oh, you got me." "Really?" "No. How stupid are you?" Mutherfucker, I personally know the guy who dropped Netflix for two days back in 2009. It was a load balancing issue. They were using a second-rate CDN for one of their content providers and it got overwhelmed by demand and brought down Akamai and Amazon. And somehow, the world didn't end. "They can't hold anything back." Right. Because fuckin'A if Yahoo.com goes down there will be panic in the fuckin' streets. Did you mean ICANN? Because you're talking about ICANN. Fun fact: they used to be a mile from my house, then I moved. Check it. here they are on Street View. No, it seems like the kind of janky shit North Korea would do. "bang bang!" "..."If he is concerned, I'm freaking out.
These attacks are significantly larger than the ones they're used to seeing. They last longer. They're more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.
The attacks are also configured in such a way as to see what the company's total defenses are. There are many different ways to launch a DDoS attacks. The more attack vectors you employ simultaneously, the more different defenses the defender has to counter with. These companies are seeing more attacks using three or four different vectors. This means that the companies have to use everything they've got to defend themselves. They can't hold anything back. They're forced to demonstrate their defense capabilities for the attacker.
Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains.
Who would do this? It doesn't seem like something an activist, criminal, or researcher would do.
Hanging out in the chan threads last night talking about this was a blast. The way Schneier described the events it looked like the DDOS was a distraction for something else. Then I reread the article. You cannot take down global DNS. It's not like the old days where there were only 13 global DNS servers.This database contains public DNS Servers that are reachable by IPv4 or IPv6. Currently there are 55,053 Nameservers from 205 countries in the database.
Link
yeah... you can do dumb haranguing shit to a surprising number of sites - often there will be a slowdown between Google and Amazon which is somebody DDOSing the CDNs, for example - but "killing the internet" is, at this point, a matter of protracted physical violence. not that it couldn't be done. But from my understanding of network security (which is as a layman's, but as a layman's educated by one of the guys that keeps the DOE up) is that quality of service attacks are easier and likelier than denial of service attacks.
China and Russia, sure, maybe, but I wouldn't put it past our own guys either. Do we have an open source "good" botnet you can selectively participate in? Like SETI @ Home, except instead of radio data, you're crunching away on network traffic data to squash other botnets? Sounds like something EFF could be affiliated with.