Attacking the internet
Last week, someone tried to break the internet.
Luckily for all of us, their efforts were not particularly well thought-out, and failed shortly after they began. But next time, we may not be so lucky.
The event was an attempt at a sophisticated denial-of-service (DoS) attack. This is one of the oldest tricks in the book as far as the internet is concerned, and one of the easiest ways of bringing a web server to its knees.
The idea is simple enough: you take control of one or more computers connected to the internet (the more, the better) and use them to send vast amounts of requests for data to the target victim computer.
That victim is soon overwhelmed with incoming messages and inevitably crashes under the strain. If the victim computer hosts web sites or email accounts, anyone trying to reach those sites or read those emails will be unable to until the DoS attack subsides, and someone in charge of the victim computer can unplug it, dust it down, reboot it and re-connect it to the net.
What made last week’s attack more interesting was that it targeted specific - and very important – computers that act as the central address books for the whole internet.
They are known as the “domain name root servers”. There are 13 of them around the world, maintained on a voluntary basis by companies and non-profit organisations like universities.
The job of the root servers is to maintain the database that holds web site addresses, and maps them to specific computers.
It is thanks to the root servers that when you type “www.yahoo.com” into your web browser, you are connected to the correct web server that stores the Yahoo web site.
The root servers maintain this database and regularly distribute copies of it to many other computers, so that it becomes widespread and distributed as widely as possible.
Last week’s DoS attack was directly aimed at the root servers. It was designed to bring each of them to its knees under a vast flood of incoming data. If it had succeeded in bringing all of the root servers down for many hours, the net would have started to slow down considerably.
But while there was a little minor disruption for some Internet Service Providers, the root server system remained operational. Seven of the 13 root servers were affected, for as long as three hours each, but that posed no real problem.
The whole point of having the root servers distributed is to make the internet as secure as possible. By allowing the database of root server information to be spread around to other computers, the organisers of the system can be sure that even if several root servers disappear from the net, reasonably recent copies of their data will still be available.
