DDOS on DNS: Stopping Internet blackouts

DDOS on DNS: Stopping Internet blackouts

Summary: Writing in National Journal's Technology Daily, Andrew Noyes discusses the possibility of a massive Internet blackout caused by a distributed denial of service (DDOS) attack on the backbone infrastructure of the 'Net.

SHARE:
TOPICS: Browser
1

Writing in National Journal's Technology Daily, Andrew Noyes discusses the possibility of a massive Internet blackout caused by a distributed denial of service (DDOS) attack on the backbone infrastructure of the 'Net.

This type of high-tech ambush, which occurs when multiple compromised systems flood the bandwidth or resources of a targeted server to make Web pages unavailable, could be devastating for global online communication, said Susan Crawford of the Internet Corporation for Names and Numbers.

The most significant attack in recent years came on Feb. 6, when six of 13 root-zone servers were slammed by an army of "zombie computers," which were compromised by hackers, the Cardozo Law School professor said at the think tank event.

The ultimate fix for this problem is to reduce the number of botnets--armies of computers that have been compromised by hackers--on the Internet. There are several paths to that goal.

One avenue is legislative. I have little hope that this could have much impact. There are two problems: legislators have little knowledge of technology and almost always end up making things worse, rather than better. Second, and more important, any legislative body is limited by national borders and the criminals are not.

That leaves us with international bodies like ICANN, INAN, or the Internet Governance Forum, but Crawford doesn't hold out much hope for that.

"None of the existing institutions will work," Crawford said. ICANN cannot do the job because its power is contractually based and too narrow, and the recently launched Internet Governance Forum is "highly political" and "not necessarily the best forum for a technical discussion of best practices," she contended.

Where does that leave us? Better computer security ultimately rests on the shoulders of users, most of whom are woefully ignorant of good security practices. Not a very pretty picture.

What do you think the answer is?

[poll id=64]

Topic: Browser

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • Limited Voting

    While I appreciate that offering more than one option per voter would require a sophisticated polling program I feel I must protest.

    There is no magic bullet to any Net security problem.

    Clearly a mix of:
    - Secure OS's;
    - User Education;
    - More widespread adoption of security software; and
    - An official body (like ICANN) with at least a budget to generate industry debate and some standards for security software developers to write to...

    ...would be the ideal start.

    Could we please move away from the 'RW' idea that there is always someone else to blame. While working with bankers on their cash operations I noted that they have a simple rule: Never trust anyone. It saves them a lot of heartache.

    We're really way past the time when we should have to teach anyone the Net=unlit street analogy.
    Stephen Wheeler