FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo User

 
 
LinkBack Thread Tools
 
Old 02-18-2012, 09:26 AM
Dale
 
Default Somewhat OT: Any truth to this mess?

Howdy,

I ran across this and though it was a joke. Did a news search and sure
enough, it is reported in lots of places. Random linky:

http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-March-8-virus-concerns.html?ito=feeds-newsxml

Is there any truth to this mess? My bigger and better question, how is
shutting down the internet going to fix this? When the net comes back
up, they are still going to be infected. Right?

I'm glad I run a really nice Linux OS.

Dale

:-) :-)
--
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output? Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"
 
Old 02-18-2012, 09:44 AM
Alan McKinnon
 
Default Somewhat OT: Any truth to this mess?

On Sat, 18 Feb 2012 04:26:02 -0600
Dale <rdalek1967@gmail.com> wrote:

> Howdy,
>
> I ran across this and though it was a joke. Did a news search and
> sure enough, it is reported in lots of places. Random linky:
>
> http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-March-8-virus-concerns.html?ito=feeds-newsxml
>
> Is there any truth to this mess? My bigger and better question, how
> is shutting down the internet going to fix this? When the net comes
> back up, they are still going to be infected. Right?
>
> I'm glad I run a really nice Linux OS.


Gawd, I hate it when morons write sensational articles that attempt to
make sense to other morons. You get crap like that.

So if this is legit, and I'm not saying it is, what happened is this:

The malware changes the DNS cache settings on infected machines,
sending the user to rogue caches. The FBI captured some (or all) of
these rogue caches and (possibly) tried to fix them. A court has now
said those rogue caches must now be shut down.

So if the morons reading the article do nothing, on March 8 the DNS
caches they use will be down. The user's DNS will not work.

OMFG!!!!!!! Da intartubes is broken!!!!!

<sigh>

Instead, why not just set the DNS caches to something NOT owned by Ivan
The Russian Spammer?

And no, the intartubes will NOT be switched off.




--
Alan McKinnnon
alan.mckinnon@gmail.com
 
Old 02-18-2012, 11:00 AM
Dale
 
Default Somewhat OT: Any truth to this mess?

Alan McKinnon wrote:
> On Sat, 18 Feb 2012 04:26:02 -0600
> Dale <rdalek1967@gmail.com> wrote:
>
>> Howdy,
>>
>> I ran across this and though it was a joke. Did a news search and
>> sure enough, it is reported in lots of places. Random linky:
>>
>> http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-March-8-virus-concerns.html?ito=feeds-newsxml
>>
>> Is there any truth to this mess? My bigger and better question, how
>> is shutting down the internet going to fix this? When the net comes
>> back up, they are still going to be infected. Right?
>>
>> I'm glad I run a really nice Linux OS.
>
>
> Gawd, I hate it when morons write sensational articles that attempt to
> make sense to other morons. You get crap like that.
>
> So if this is legit, and I'm not saying it is, what happened is this:
>
> The malware changes the DNS cache settings on infected machines,
> sending the user to rogue caches. The FBI captured some (or all) of
> these rogue caches and (possibly) tried to fix them. A court has now
> said those rogue caches must now be shut down.
>
> So if the morons reading the article do nothing, on March 8 the DNS
> caches they use will be down. The user's DNS will not work.
>
> OMFG!!!!!!! Da intartubes is broken!!!!!
>
> <sigh>
>
> Instead, why not just set the DNS caches to something NOT owned by Ivan
> The Russian Spammer?
>
> And no, the intartubes will NOT be switched off.
>

I don't really think they can unless they just cut power to all the
computers. After all, the internet is supposed to be redundant right?
If there is a few computers still running that have a connection, it is
still working. Sort of anyway.

Does make one wonder tho. They have been talking about having a
internet "off switch" but I'm not sure it would be that easy.

Dale

:-) :-)

--
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output? Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"
 
Old 02-18-2012, 11:24 AM
Volker Armin Hemmann
 
Default Somewhat OT: Any truth to this mess?

Am Samstag, 18. Februar 2012, 06:00:00 schrieb Dale:
> Alan McKinnon wrote:
> > On Sat, 18 Feb 2012 04:26:02 -0600
> >
> > Dale <rdalek1967@gmail.com> wrote:
> >> Howdy,
> >>
> >> I ran across this and though it was a joke. Did a news search and
> >> sure enough, it is reported in lots of places. Random linky:
> >>
> >> http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-Ma
> >> rch-8-virus-concerns.html?ito=feeds-newsxml
> >>
> >> Is there any truth to this mess? My bigger and better question, how
> >> is shutting down the internet going to fix this? When the net comes
> >> back up, they are still going to be infected. Right?
> >>
> >> I'm glad I run a really nice Linux OS.
> >
> > Gawd, I hate it when morons write sensational articles that attempt to
> > make sense to other morons. You get crap like that.
> >
> > So if this is legit, and I'm not saying it is, what happened is this:
> >
> > The malware changes the DNS cache settings on infected machines,
> > sending the user to rogue caches. The FBI captured some (or all) of
> > these rogue caches and (possibly) tried to fix them. A court has now
> > said those rogue caches must now be shut down.
> >
> > So if the morons reading the article do nothing, on March 8 the DNS
> > caches they use will be down. The user's DNS will not work.
> >
> > OMFG!!!!!!! Da intartubes is broken!!!!!
> >
> > <sigh>
> >
> > Instead, why not just set the DNS caches to something NOT owned by Ivan
> > The Russian Spammer?
> >
> > And no, the intartubes will NOT be switched off.
>
> I don't really think they can unless they just cut power to all the
> computers. After all, the internet is supposed to be redundant right?
> If there is a few computers still running that have a connection, it is
> still working. Sort of anyway.
>
> Does make one wonder tho. They have been talking about having a
> internet "off switch" but I'm not sure it would be that easy.

basically, yes. Take down the core routers and backbones and everything falls
apart.

--
#163933
 
Old 02-18-2012, 11:39 AM
Dale
 
Default Somewhat OT: Any truth to this mess?

Volker Armin Hemmann wrote:
> Am Samstag, 18. Februar 2012, 06:00:00 schrieb Dale:

>>
>> I don't really think they can unless they just cut power to all the
>> computers. After all, the internet is supposed to be redundant right?
>> If there is a few computers still running that have a connection, it is
>> still working. Sort of anyway.
>>
>> Does make one wonder tho. They have been talking about having a
>> internet "off switch" but I'm not sure it would be that easy.
>
> basically, yes. Take down the core routers and backbones and everything falls
> apart.
>

But how long would it take to actually do this?

Another thing, the Government, especially the military, uses the
internet too. What would they do? Without? What about other
countries? Just because the US Government wants the net shut down does
not mean other countries would follow.

I'm just curious as to how this could be done and just how any person
can shut down the internet globally much less one country.

Dale

:-) :-)

--
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output? Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"
 
Old 02-18-2012, 11:56 AM
Pandu Poluan
 
Default Somewhat OT: Any truth to this mess?

On Feb 18, 2012 7:27 PM, "Volker Armin Hemmann" <volkerarmin@googlemail.com> wrote:

>

> Am Samstag, 18. Februar 2012, 06:00:00 schrieb Dale:

> > Alan McKinnon wrote:

> > > On Sat, 18 Feb 2012 04:26:02 -0600

> > >

> > > Dale <rdalek1967@gmail.com> wrote:

> > >> Howdy,

> > >>

> > >> I ran across this and though it was a joke. *Did a news search and

> > >> sure enough, it is reported in lots of places. *Random linky:

> > >>

> > >> http://www.dailymail.co.uk/news/article-2102856/Will-FBI-shut-Internet-Ma

> > >> rch-8-virus-concerns.html?ito=feeds-newsxml

> > >>

> > >> Is there any truth to this mess? *My bigger and better question, how

> > >> is shutting down the internet going to fix this? *When the net comes

> > >> back up, they are still going to be infected. *Right?

> > >>

> > >> I'm glad I run a really nice Linux OS.

> > >

> > > Gawd, I hate it when morons write sensational articles that attempt to

> > > make sense to other morons. You get crap like that.

> > >

> > > So if this is legit, and I'm not saying it is, what happened is this:

> > >

> > > The malware changes the DNS cache settings on infected machines,

> > > sending the user to rogue caches. The FBI captured some (or all) of

> > > these rogue caches and (possibly) tried to fix them. A court has now

> > > said those rogue caches must now be shut down.

> > >

> > > So if the morons reading the article do nothing, on March 8 the DNS

> > > caches they use will be down. The user's DNS will not work.

> > >

> > > OMFG!!!!!!! Da intartubes is broken!!!!!

> > >

> > > <sigh>

> > >

> > > Instead, why not just set the DNS caches to something NOT owned by Ivan

> > > The Russian Spammer?

> > >

> > > And no, the intartubes will NOT be switched off.

> >

> > I don't really think they can unless they just cut power to all the

> > computers. *After all, the internet is supposed to be redundant right?

> > If there is a few computers still running that have a connection, it is

> > still working. *Sort of anyway.

> >

> > Does make one wonder tho. *They have been talking about having a

> > internet "off switch" but I'm not sure it would be that easy.

>

> basically, yes. Take down the core routers and backbones and everything falls

> apart.

>

> --

> #163933

>


Indeed. In fact, easier than that.


Just inject false BGP routes into one of the backbone level routers, and see how wide the Internet becomes 'impacted'. Do it to maybe 5 or 6 other routers that watch guard over the transatlantic and transpacific routes, and watch as the Internet fold upon itself.



I was once a certified Network Engineer before I became a System Admin, so I know. The soft underbelly of the Intartubes is depressingly very vulnerable.


Rgds,
 
Old 02-18-2012, 12:18 PM
Dale
 
Default Somewhat OT: Any truth to this mess?

Pandu Poluan wrote:

> Indeed. In fact, easier than that.
>
> Just inject false BGP routes into one of the backbone level routers, and
> see how wide the Internet becomes 'impacted'. Do it to maybe 5 or 6
> other routers that watch guard over the transatlantic and transpacific
> routes, and watch as the Internet fold upon itself.
>
> I was once a certified Network Engineer before I became a System Admin,
> so I know. The soft underbelly of the Intartubes is depressingly very
> vulnerable.
>
> Rgds,
>


Sounds like the internet could be switched off. So, next question, how
easy would it be to get it going again? Hours? Days? Weeks?

Dale

:-) :-)

--
I am only responsible for what I said ... Not for what you understood or
how you interpreted my words!

Miss the compile output? Hint:
EMERGE_DEFAULT_OPTS="--quiet-build=n"
 
Old 02-18-2012, 12:49 PM
Pandu Poluan
 
Default Somewhat OT: Any truth to this mess?

On Feb 18, 2012 8:21 PM, "Dale" <rdalek1967@gmail.com> wrote:

>

> Pandu Poluan wrote:

>

> > Indeed. In fact, easier than that.

> >

> > Just inject false BGP routes into one of the backbone level routers, and

> > see how wide the Internet becomes 'impacted'. Do it to maybe 5 or 6

> > other routers that watch guard over the transatlantic and transpacific

> > routes, and watch as the Internet fold upon itself.

> >

> > I was once a certified Network Engineer before I became a System Admin,

> > so I know. The soft underbelly of the Intartubes is depressingly very

> > vulnerable.

> >

> > Rgds,

> >

>

>

> Sounds like the internet could be switched off. *So, next question, how

> easy would it be to get it going again? *Hours? *Days? *Weeks?

>


1 router? In THEORY, 24 hours (but see below).


5 routers? Not sure. The unoptimized route due to the loss of optimal routing info will severely impact everything. Maybe two or three weeks. Maybe more than one month.


Heck, when a major Internet hub (i.e., one of the backbone routers) in Taiwan got hit by an earthquake, it took almost one month after the router got recommissioned before things return to normal.


Rgds,
 
Old 02-18-2012, 01:30 PM
pk
 
Default Somewhat OT: Any truth to this mess?

On 2012-02-18 13:24, Volker Armin Hemmann wrote:

> basically, yes. Take down the core routers and backbones and everything falls
> apart.

Which is easier said than done, IMO... but on the other hand, five of
the major tier 1's is in the good old USA so if you take those down you
still have five more tier 1's, which may or may not comply with an
american request... and if they did, how long before people start
screaming because they can't access their facebook accounts? :-/

Best regards

Peter K
 
Old 02-18-2012, 01:36 PM
Alan McKinnon
 
Default Somewhat OT: Any truth to this mess?

On Sat, 18 Feb 2012 06:00:00 -0600
Dale <rdalek1967@gmail.com> wrote:

> > And no, the intartubes will NOT be switched off.
> >
>
> I don't really think they can unless they just cut power to all the
> computers. After all, the internet is supposed to be redundant right?
> If there is a few computers still running that have a connection, it
> is still working. Sort of anyway.
>
> Does make one wonder tho. They have been talking about having a
> internet "off switch" but I'm not sure it would be that easy.

To switch off the internet, you don't switch off the computers on the
internet. You switch off the routers that drive the internet.

There is no "kill switch", what there is is the
old-fashioned method called "making a phone call" and that conversation
has all sorts of references to broken knees and such. This is how
Egypt did it a year ago.

But the internet is full of rogue and maverick sysadmins who don't take
kindly to strong-arming, so coverage won't be complete.

Unless of course Cisco and Huawei put magic firmware code into their
router interface hardware that we don't know about. If you are worried
about that internet, *that* is the part of it you should be worried
about.

--
Alan McKinnnon
alan.mckinnon@gmail.com
 

Thread Tools




All times are GMT. The time now is 05:14 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org