Homeland Security warns of Net attack

Homeland Security warns of Net attack

Carrie Kirby, Chronicle Staff Writer
Wednesday, April 21, 2004



--------------------------------------------------------------------------------



The Department of Homeland Security issued an alert Tuesday warning that "a large segment of the Internet community" could be knocked offline by a newly discovered vulnerability that would allow attacks on a core technology behind the global network.

Such an attack could take down whole Internet service providers by temporarily shutting down communications between computers on the network, said the warning from the United States-Computer Emergency Readiness Team, a partnership between the department and Carnegie Mellon University.

British authorities warned about the vulnerability earlier Tuesday. ISPs have been scrambling to protect themselves against the danger, but "the threat is ongoing," said Jeff Havrilla, an Internet security expert with the U.S. partnership


more.. http://sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2004/04/21/BUGHT686KU1.DTL&type=tech

from rifling through every website you've ever visited and reading every email you've sent in the last few months.

How am I supposed to know what to do without colors? Is this orange, blue, green, plaid, WTF? :shrug:

Love it!

:kick:

but, what are they doing about it ... without, of course, curtailing our privacy and cyberspace rights?

for the most secretative mal-administration ever, they do seem to do a lot of their evildoings in broad daylight ... telling us about Internet attacks and November election attacks it's likely to happen ... Bush* did shut down Somalia's internet in 2001, and as far as it's known, they're still down ...

... they don't want us networking truth ...

That is one I missed.

This is not a 'new' TCP flaw. I've done a lot of reading about it the last couple of days, and it's just the same old 'man-in-the-middle' attack that your manual pages warned you about.

The ease in which Watson is able to guess the TCP sequence number for packets going to and from Cisco routers is more of a Cisco flaw than anything else.

There has been a technological solution to this problem in the form of an upgraded protocol called 'IPv6', which makes it much, much harder to spoof packets (make them appear to come from somewhere else). Most of the internet currently uses the older 'IPv4'.

It will take a very large scale coordinated effort to actually MOVE the internet to predominately using IPv6. It's very much like switching the foundation of a house after it's been built. In fact, it's just the sort of massive effort that a government entity could actually facilitate.

Of course, since the Dept. of Homeland Security is a PR firm at the beck and call of the Bush administration's corporate backers, they will do nothing of the sort. Mandating a switch to IPv6 in any sort of time frame would cost corporations money, and provide no benefit other than safety and security, which to date they haven't seen as really worth it (proof of this: Many of them are still using Windows servers).

To sum up: This press release 'warning' is the Department of Homeland Security trying to look busy.

:)

somebody just figured out that tcp (transmission control protocol) - the protocol used to route traffic around the net - could be exploited to make routers either confused as to where the traffic should go and not deliver, or it could route to the wrong site if spoofed properly.


but then again, the whole Internet has been crying chiken little ever since it got big.

n/t

:eyes: These are getting old.

:hi: