What is Digg?100 Comments
- cfazzini, on 10/12/2007, -0/+74Actually, it's because 13 server addresses is the most that can fit into one 512-byte UDP packet.
- scratched, on 10/12/2007, -1/+67@cannibaljp
No, they don't need the web in tact. It's a common misconception that "the web" and the internet are interchangeable words. The web is just the part of the internet you use to visit websites. The DNS servers that were attacked are like directories of IP addresses associated with web addresses such as "www.google.com". When you type in google's address, the DNS servers are queried to find out the IP. If all of the root DNS servers go down for about 3 days, we'd start to notice.
Hackers can use the internet even if they took down the web. They would just be stuck using IP addresses. The issue with taking out all 13 servers is that #1, there are 13 of them, and #2, each one consists of servers scattered across the world (I don't think all of them are scattered, but I know some are) and #3 it would be almost impossible to take down all of the root DNS servers long enough to affect people on a large scale.
For anyone who knows about how the internet/web works, you'll realize my explanation is very crude and not entirely accurate, but it explains the basic idea, enough that most people reading this will understand it I hope. - MannyHills, on 10/12/2007, -1/+57Am I the only one that feels insulted by not even mentioning them as root dns servers somewhere in the description?
- Domza, on 10/12/2007, -1/+53That graph explains why torrents were so slow. Did i say torrents? I meant to say email.
- kakwakas, on 10/12/2007, -1/+50OMG it's also the number that comes after 12 but before 14!!!!
- thomble, on 10/12/2007, -1/+42I dunno about you guys, but I keep a 40Gb HOSTS file on a spare USB hard drive for circumstances just like this.
zing! - inactive, on 10/12/2007, -3/+36Digg is mostly a bunch of 13 year olds?
- MarkCiccone, on 10/12/2007, -5/+37"Behind the scenes, computer scientists worldwide raced to cope with enormous volumes of data that threatened to saturate some of the Internet's most vital pipelines."
NOT THE TUBES!!! - smcavoy, on 10/12/2007, -0/+30the first rule about root servers is you don't talk about root servers.
- inactive, on 10/12/2007, -2/+25Most People have no clue about root servers. Perfect time to learn people.
- marksmayo, on 10/12/2007, -3/+22For graphs etc of the attack, try http://digg.com/security/Traffic_Graph_of_the_Core_Internet_DNS_Services_Being_Attacked_This_Morning
- DietMountainDew, on 10/12/2007, -0/+18No wonder my internet was so slow.
Wait, it always is. - JimXugle, on 10/12/2007, -9/+23an in ur citiez, lightin ur britez
- Drahkar, on 10/12/2007, -2/+15@scratched - Its accurate enough to get the point across. The article itself is Sensationalist tripe as far as I'm concerned. Not only does it convey an improper message, but its trying to play up something that is relatively low key. There are 13 DNS Root sources for a reason. Not to mention the fact that each one isn't a server but a set of servers.
- RichesToRags, on 10/12/2007, -1/+14Just in case --> 64.191.203.30
- bobcrotch, on 10/12/2007, -0/+9The root servers are under constant attack..
- cannibaljp, on 10/12/2007, -10/+19can i get a little help with understanding the graph?
and the purpose of the attack? don't "hackers" need the web intact in order to BE hackers?
maybe i'm missing something - arronlorenz, on 10/12/2007, -1/+9The article makes me picture 13 beige boxes sitting side by side hooked up to a netgear hub. Would it have hurt to spend a couple of sentences on the specs behind them?
- portly, on 10/12/2007, -0/+8The back story (from http://www.encyclopediadramatica.com/index.php/I_am_in_your_base_killing_your_d00ds):
"Two players (one unnamed, the other known as 1337h4x (leetspeak for "***** Nerd")) are in a game of Starcraft, with 1337h4x playing as the Zerg race, and the other as either the Terran or Protoss races. 1337h4x Zerg-rushed his opponent, and on finding that he was getting raped, his opponent asked:
"dude, where are you?
im in ur base, killing ur d00ds" - thomble, on 10/12/2007, -0/+7You're right and wrong. The internet will keep routing traffic just fine, but it will have to rely on IP addresses, or other, less centralized naming systems while the root DNS servers are down. This would have great affect (especially on the web) because you wouldn't be able to get to hosts using a human-readable name. Furthermore, all contemporary webservers are cabable of hosting multiple websites on a single IP, but this actually requires that there be a unique DNS entry for each site. So, all shared hosting would be unreachable.
However, the American military probably has this accounted for, with their own internal DNS servers, or perhaps some non-standard nameserving scheme that would go unscathed. - bariswheel, on 10/12/2007, -1/+7you mean the set of pictures with the last one being 'i'm in your ceiling, watching you masturbate' ...too funny...
- paulmdx, on 10/12/2007, -0/+6Classic example of why it's bad to read non-technical news sources for technical content. It's an important story that's been targetted at joe public (which is fine), but I'd hope Digg users would be a bit more discerning and digg up articles with a bit more meat.
- BushISuxICocks, on 10/12/2007, -0/+6it came from the /b/ 'tards on 4chan
- widman, on 10/12/2007, -0/+5There are 13 addresses, not 13 servers. Six of these are Anycast, and are distributed across the globe up to ISP level in some cases. This means thousands of servers.
It would be funny if those idiots get to attack an anycast server, they would probably end up attacking someone too close to hide.
http://en.wikipedia.org/wiki/Root_nameserver
http://en.wikipedia.org/wiki/Anycast - napedia, on 10/12/2007, -4/+9I'm giving 50:1 odds izzie2 is a truther
- marksmayo, on 10/12/2007, -0/+4just because you submitted that "later" digg, and don't want it marked as a dupe :)
- Remmy, on 10/12/2007, -0/+4Why the hell are things like this always titled with the word "Hacker"? I am sick of it. Hacker != some cheeto munching fatass loser who used a rootkit to install a bot on your computer, creating a botnet to DDOS while they silently masterbate to porn and weep when they finish.
- ardellin, on 10/12/2007, -1/+5Agree with Manny. First thing I did was search the page for "DNS" and was saddened to see it mentioned only twice, and only as a part of a company name, UltraDNS.
masterpl does have a point, but I personally would been much more interested in an article that didn't trim out the technical details. - bariswheel, on 10/12/2007, -0/+4If they are being constantly attacked ,what kind of security is implemented to counter these attacks and protected the root servers?
- smackhero, on 10/12/2007, -0/+4same as any other network: firewalls & redundancy.
- akilleen, on 10/12/2007, -0/+4And a 28.8 bps modem!!!!!
http://twentyeightpointeightbpsmodem.ytmnd.com/ - n0xie, on 10/12/2007, -0/+4You don't know how the internet works then.
It doesn't 'damage' the internet. It just shuts down DNS. And since I'm pretty sure you don't know the ip of say, 5 sites, most people would be pretty much stuck. - bobcrotch, on 10/12/2007, -0/+3Not really considering the source of the story, theres a lot of other more technical articles that covered this.
- bariswheel, on 10/12/2007, -2/+5can you publish or host the file?
- Markie1006, on 10/12/2007, -1/+4Although to be fair, as soon as they mentioned '3 of 13', most people who know what the root dns servers are, would twig they were talking about them immediately.
Once you know, you know. - inactive, on 10/12/2007, -0/+3@stealthgear: Are the root DNS servers all running on Gibsons? If so, this will be no easy task. We will need a team of stoned cyber punks, and a Pentium laptop with a 3D graphics card.
- marksmayo, on 10/12/2007, -0/+2Article about one of the root servers - the "A" server: http://digg.com/security/Fort_N_O_C_s_The_heart_of_Internet_security_lies_in_obscurity
- widman, on 10/12/2007, -0/+2@izzie2 Here's a clue http://en.wikipedia.org/wiki/Truthiness Go fetch!
- atbnet, on 10/12/2007, -0/+2Here's some info about the root servers: http://en.wikipedia.org/wiki/Root_servers
I was surprised to know G is practically in my backyard and I didn't even know it. I'd like to visit it. - thomble, on 10/12/2007, -0/+2Nope, I do think water would affect this guy right here:
http://en.wikipedia.org/wiki/Image:Ams-ix.k.root-servers.net.jpg - scratched, on 10/12/2007, -0/+2Why keep an external hosts file when OpenDNS does that for you?
- scottschiller, on 10/12/2007, -0/+2It's moderately disappointing a more technical article wasn't posted here, given the crowd. "Root DNS Servers" would have made sense, but then again this article likely wasn't written for the Slashdot crowd which is well-established as being technical (and nerdy!)
They do have nice coverage of this particular incident though, simple and to the point:
"DNS Root Servers Attacked"
http://it.slashdot.org/article.pl?sid=07/02/06/2238225&from=rss
Nonetheless, it's good that people understand that the DNS servers are attacked every so often which causes the tubes to appear to be temporarily clogged, and so on. - cannibaljp, on 10/12/2007, -0/+2just wanted to extend a quick thanks for the insight. good perspective without being overbearing - and not one N00B reference in the bunch!
(of course - now i'll get it... it's like poking a tiger, really...) - smackhero, on 10/12/2007, -0/+2you wouldn't try to take down the root servers to perform dns cache poisoning. there are much easier and realistic ways of going about it.
- sp1nm0nkey, on 10/12/2007, -0/+2Yeah, don't worry about it. The hardware is plenty sufficient. Some of the newer F-root boxes are dual opteron 1U sun boxes with somewhere between 4 and 16 gigs of ram... I can't remember. Anyway, what matters is that it's enough, and this proves that it's plenty.
- nick34, on 10/12/2007, -0/+2Time to call Jack Bauer
- drilldown, on 10/12/2007, -0/+2I'm guessing heist. Drop the backbone load on DNS servers for long enough to propagate a banks name change to a new IP address and you type in Wachovia.com and it goes to the hackers copycat page instead. Middle of the night U.S./Daytime in S. Korea, possibly a N. Korea hack to rob someone's data while propagating DNS locally in S. Korea. Catch a big company in the middle of an automated/timed transfer...
It would take changing the default fall back DNS server to a DNS server with a manually routed static IP, unless it got fancy, and someone with access will be in custody shortly. Or, could just be a test run, or CIA wanting people worried about their safety. Could just be a coincidence. - smackhero, on 10/12/2007, -1/+3or you could just ping or tracert the address.
- widman, on 10/12/2007, -0/+2Still the centralized organization now more and more in hands of a private group, sucks. Remember the scandal of resolving invalid addresses?
- scratched, on 10/12/2007, -1/+3The summary isn't even accurate. DNS servers consist of hundrends of computers. They aren't just giant computers. There are 13 clusters of computers instead of just one computer. It's all about excessive redundancy.
-
Show 51 - 96 of 96 discussions
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is 