Posted on 04/20/2004 9:55:08 PM PDT by Hillarys Gate Cult
A Milwaukee computer security expert's research has helped discover a potential for serious Internet traffic-flow vulnerabilities.
Left unchecked, hackers could disrupt Web surfing,
e-mail and other forms of electronic communication.
Paul Watson, who works for Rockwell Automation's Information Security Group, has been working with the British government's National Infrastructure Security Coordination Centre.
The organization released information Tuesday addressing flaws that could allow hackers to knock computers off-line and disrupt vital traffic-directing devices, called routers, that coordinate the flow of data among distant groups of computers.
"It's a vulnerability that everyone has known about but never really talked about," Watson, 35, said in an interview.
The flaw affects the Internet's "transmission control protocol." Watson said he identified a method to reliably trick personal computers and routers into shutting down electronic conversations by resetting the machines remotely.
Previously, experts said such attacks could take between four years and 142 years to succeed because they require guessing a rotating number from roughly four billion possible combinations.
Watson said he can guess the proper number with as few as four attempts, which can be accomplished within seconds.
"Exploitation of this vulnerability could have affected the glue that holds the Internet together," said Roger Cumming, director of the National Infrastructure Security Coordination Centre.
In the United States, the Department of Homeland Security issued its own cyber-alert hours later, warning that attacks "could affect a large segment of the Internet community." It said normal Internet operations probably would resume after such attacks stopped. Experts said there were no reports of attacks using this technique.
Routers continually exchange important updates about the most efficient traffic routes between large networks.
Continued successful attacks against routers can cause them to go into a standby mode, known as "dampening," that can persist for hours.
Watson began his research after attending a conference where he heard experts from Cisco Systems Inc. say it wouldn't be practical to use this method to attack Internet traffic flow.
"I didn't agree on one of the issues they covered," Watson said. "So I went outside to the pool and began doing my own research."
Watson completed his research in November. He sent it to the two men from Cisco Systems who gave the presentation, seeking their input.
"They said to me, 'Wow, we really dropped the ball on this one,' " Watson said. "Cisco contacted me immediately and asked if they could do more research to corroborate the results."
Watson and Cisco Systems contacted the Computer Emergency Response Team at Carnegie Mellon University in Pittsburgh, a group that works with manufacturers of Internet equipment on security matters. When the team didn't respond to the request, Watson and Cisco went across the Atlantic and called on the British officials.
"They got back to us immediately," Watson said.
Since then, the group has been feverishly working with more than 150 Internet equipment companies to fix the problems before Watson presents his findings at the annual CanSecWest Internet security conference in Vancouver, British Columbia, on Thursday.
Watson predicted that hackers would understand how to begin launching attacks "within five minutes of walking out of that meeting."
Here's another article that goes into more detail;
This post on Slashdot indicates that the major backbone providers have known about this for a week or so, in order to get their ducks in a row. It looks like this mostly affects routers running BGP, so it doesn't impact end-users directly, but it could cause a slowdown in the network that might affect all of us, if exploited,
there was life before the internet
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.