North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Six million ways to crash

  • From: Sean Donelan
  • Date: Sun Jan 28 00:13:46 2001

On Sat, 27 January 2001, Simon Lyall wrote:
> Considering the small number of servers and their value I'm surprised
> nobody has gone for a sustained DDOS against them all at once. This could
> get pretty messy if they managed it.

In nearly a century of international telecommunications, the number
of deliberate attacks on the infrastructure itself is amazingly small.
Historically, network engineers have been more dangerous to the
infrastructure than malicious actors.  The telephone system, credit
card system, electric grid and so forth all have significant infrastructure
vulnerabilities.

> Obviously it's pretty hard to add additional servers but has the option of
> splitting the current group into multiple distributed machines with the
> same ip (like how these other DNS organisations are doing) been looked at?

I haven't physically seen all the root servers, but the volunteers
operating the servers take their task seriously.  There are a lot more
than 13 physical machines. Of course, Murphy is always on the prowl, and
there isn't a real effective way to protect against a DDOS.  If there
was a way to protect your server, I think the IRC people would have
already implemented it.