The thing is that anything seems to be plausible…..

Posted on July 22nd, 2008 by Drazen Drazic

From idea to concept, to proof of concept, almost anything to break the Net and systems on it is plausible. It’s been done over and over but because it’s been done as one offs so to speak, and dealt with as one offs, everything doesn’t seem as doomsdayish.

The DNS stuff has some wondering if the Net could potentially cope with this vuln. It will because it will be addressed as a one-off. One of a million such stories:
http://www.theregister.co.uk/2008/07/21/dns_flaw_speculation/

Is this latest DNS one a really bad one? I don’t know enough about it to comment.

All I know is that based upon the history of the Internet and what could happen, nothing can be discounted and anyone who thinks that the whole Net is eternally safe from a real big hit is probably optimistic.

End of the day, it’s the nuts we have to worry more about than the Net criminal elements. Everything going to crap is bad for business - for everyone. Just my 2c.

4 Responses to “The thing is that anything seems to be plausible…..”

  1. Anon Says:
    July 22nd, 2008 at 8:52 pm

    An intelligent and now after you have done it, obvious approach to break it down into the basics. A simple theory that with historical evidence makes sense. Is there a simpler proof of concept to combine multiple attack vectors at the same time to achieve the big bang? I think the theorem could be proven here but the end result is the one that would need the potential impact somehow explained to the non-believers. We always think every around us is not fragile. It all is. Nothing has changed.

  2. Drazen Drazic Says:
    July 22nd, 2008 at 10:00 pm

    When you build your foundations on sand (hey, old bible stuff), anything built on top of that is going to be flakey….no rocket science here. We always seem to be plastering, renovating and propping up everything we do while the core foundation problems continue to exist and we continue to ignore them and build layer upon layer upon layer of crap to supposedly make things more secure

    There’s not one big organisation out there that could not save themselves millions of dollars just by adopting smarter practices. (Not necessarily helping the Net as a whole as per this topic). But from an organisational wide perspective!

    Many in the industry have almost given up to product, even though they know it is wrong but my take is, that is giving up. Once you do that, it will only get worse.

  3. Nick Says:
    July 23rd, 2008 at 1:44 pm

    If you’re interested in the whole “Reliability of the Internet” topic you may find this a good read:
    http://www.dbcde.gov.au/__data/assets/pdf_file/0004/75676/FOTI-Reliability-FinalReport.pdf

  4. D2 Says:
    July 23rd, 2008 at 3:03 pm

    DNS, ARP, BGP, SNMP
    DATA PLANE, CONTROL PLANE, MGT CNTRL PLANE
    RFC 2827
    TIME BASED SECURITY
    DEFENSIVE CODING
    VOTING WITH YOUR POCKET

    IP itself.

    Beware of the coming IPv6 bionanotech nanobotnets inside your body! Oh and “How to destroy the internet with Danny McPherson” is fun… http://asert.arbornetworks.com/2008/05/interview-how-to-destroy-the-internet-with-danny-mcpherson/

Leave a Reply