The group Anonymous, well-known for the attacks that they have launched over the past year against those who do not support their viewpoints (see May 11 2011, Jun 28 2011, Jan 23 2012 and Jan 26 2012 blog postings), have announced yet another attack.  Called Operation Global Blackout, this attack will, in their words, “shut down the Internet” on March 31.  However, there probably are too many safeguards for this to happen.

    The Domain Name System (DNS) {Chapter 3 Security+ 4ed} is at the core of TCP/IP and the Internet.  It resolves Website names (such as www.cengage.com) to their corresponding IP address (69.32.173.79).  Built on a hierarchical system, there are 13 authoritative DNS root nameservers (see http://www.root-servers.org/).  These servers contain the master list of where other DNS nameservers can look up an IP address for a domain name within a certain top-level domain such as ".com."   Anonymous plans to perform a distributed denial of service or DDoS {Chapter 3 Security+ 4ed} attack that would overwhelm these root nameservers so that no lookups could be performed, and thus the Internet would be virtually useless (you can read about Anonymous’ plans) at http://pastebin.com/NKbnh8q8.

   Will the Internet become just a memory on March 30?  Probably not.  Robert Graham of Errata Security lists six reasons why Anonymous’ work will probably result in nothing more than isolated minor (and short-term) inconveniences.  These reasons include: an active response by the Internet community to repel the attack, the diversity of the root servers, the redirecting of traffic, the fast connections to which the root servers are attached, the limited resolving that the root servers perform, and caching by the Internet Service Providers (ISP).   Graham concludes that even with a DDoS attack launched at the root nameservers “it’s doubtful that many people would notice”. 

   You can read Graham’s analysis at http://erratasec.blogspot.com.au/2012/02/no-anonymous-cant-ddos-root-dns-servers.html.

   Stay secure!

http://www.cengage.com/community/infosec