November 13, 2001
Experts Say Key Internet Servers Vulnerable to Attack
By REUTERS
Filed at 11:13 p.m. ET
MARINA DEL REY, Calif. (Reuters) - It would not take much for a malicious hacker to shut down the Internet, researchers at a meeting
of the body that oversees Web address allocation warned on Tuesday.
An attack designed to flood the Web's master directory servers with traffic ``is capable of bringing down the Internet,'' Paul Vixie, a
speaker at the Internet Corporation for Assigned Names and Numbers (ICANN) annual meeting, told Reuters.
After the September 11 attacks on New York and Washington, non-profit corporation ICANN pushed other agenda items aside to
concentrate the discussion on ways to keep the Internet safe.
Adding to the impetus for the change in focus were the Code Red and Nimda Internet worms, which cast more attention on network
security issues.
Researchers said they were worried malicious hackers could attack the 13 ``root'' servers that direct computers to Web addresses, or
domain names, or the 10 top-level domain servers, all of which serve as a kind of directory for the Internet.
To mount a so-called denial-of-service attack a malicious hacker would break into numerous PCs or Web servers and instruct them to
send so much traffic to a target server that it would overload it, preventing people from accessing the Web. Such attacks are attempted all
the time but usually to single Web sites and not on a scale that seriously interferes with overall Internet traffic, experts said.
Another trouble spot is security at registrars, the companies which sell domain names, or Web addresses, experts said.
``Registrars are the weakest link,'' Steven Bellovin, an AT&T fellow, said during his presentation. ``If the registrar is hacked and the
database tampered with,'' it would be difficult for a domain name owner to prove ownership of a domain.
Researchers would also like to prevent attacks that redirect Web traffic to a dummy site and e-mail to someone other than the intended
recipient, said Paul Mockapetris, the inventor of the Domain Name System protocol and chairman of Nominum, which handles directory
services for registrars.
INTERNET IS FRAGILE
``The Internet is very fragile,'' said Vixie, who was one of the developers of the Berkeley Internet Name Domainsoftware that translates
Web server names into numerical Internet Protocol addresses. ``It would be very easy for an angry teenager with a $300 computer to
create almost unlimited pain for anyone on the Internet and not get caught. We've got to have attention focused on this.''
At the sessions engineers said they have taken steps to secure the computers that run the Internet. They have contingency plans for outages
at the root servers -- the 13 master domain name computers around the world -- and are keeping them safe from unauthorized physical
access, said Lars-Johan Liman, a senior systems specialist at Autonomica AB in Stockholm.
The operators of the root server in Japan also are stepping up security according to Kenji Kosaka, a senior vice minister at the posts and
telecommunications ministry.
``I was unpleasantly surprised to learn that ICANN decided to hold a meeting focused on the security of the Internet only after the tragic
events of September 11,'' Kosaka said during his keynote speech.
There was also scrutiny of security at VeriSign Inc (news/quote), the sole overseer of the .com, .net and .org master databases and
provider of authentication technology to the root servers and most other registries of top-level domains.
``I am deeply troubled by the complacency of the ICANN leadership on the subject of security,'' Paul-Jean Jouve, president of Los
Angeles-based network security company Brinx Corp, wrote in a letter to ICANN directors. ``It took worldwide fears to stimulate the
dialogue on this issue.''
REFOCUSED AGENDA
While some criticized ICANN for taking so long to make security a priority, others said the subject should be left to engineers and not
bureaucrats.
Switching the focus to security ``is opportunistic,'' Rodney Joffe, chairman and chief technical officer at Ultra DNS, which provides Internet
directory services to companies, told Reuters.
``It's relevant in general, but I don't think ICANN needs to focus on it,'' Joffe said. ``Security is, after all, a technical issue, not an
administrative one.''
ICANN Chairman Vint Cerf dismissed the concerns, saying board members need to hear about the technical issues from engineers to
know what recommendations to make.
``For policymakers this is a valuable opportunity to have access to this kind of primary source input,'' Cerf said.
In addition to engineers, other attendees and even Cerf said they were concerned about ICANN going beyond its scope, with some asking
the group to formally restate its mission and even restructure. |
