ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Vixies vixens make big boo boo on successful Russian DNS hack

  • To: Ga <ga@xxxxxxxxxxxxxx>
  • Subject: Re: [ga] Vixies vixens make big boo boo on successful Russian DNS hack
  • From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
  • Date: Sun, 10 Aug 2008 21:58:55 -0700

Dr. Joe and all,

  As you know, I know what you mean vis a vi Palmer.  I
routinely delete his posts.  I shall not add spice to his
goulash.  I know you Joe, so even at times we may not
always agree fully, I always consider your thoughts carefully
and fully before commenting one way of another.  I also know
that you are a very knowledgeable person in various areas of
expertise in the IT arena.  Like myself, raw politics is not
your plate of caviare.

Joe Baptista wrote:

>
>
> On Sun, Aug 10, 2008 at 9:54 PM, Jeffrey A.
> Williams <jwkckid1@xxxxxxxxxxxxx> wrote:
>
>      Well your very welcome indeed!  >:)  After all what is a
>      meal,
>      if not with the proper spice to enhance properly the savory
>      taste
>      eh?  Unless of course that meal is best served cold...  Food
>      for
>      thought prhaps?  You be the judge.
>
>
> Indeed.  Sometimes a chilly affair is delicious.  But this one I think
> I would prefer spicy hot.
>
> Have you noticed the recent appeals to my person from one Thomas
> Baxter (a.k.a. John Palmer).  My fellow monitor and chair in their
> silence don't seem to mind if we take the group into a brief encounter
> with libel and slander.  They are reminded if they have concerns they
> should be addressed by the three of us in private first.
>
> I think I should reply but was hoping for one more appeal.  I get a
> kick out of Palmers attempts to libel and slander me on the GA.  But i
> think I'll continue my silence until Palmer really starts squealing.
>
> What do you think.  Have we got game?
>
> regards
> joe baptista
>
>
>
>
>      Joe Baptista wrote:
>
>      >
>      >
>      > On Sun, Aug 10, 2008 at 3:12 AM, Jeffrey A.
>      > Williams <jwkckid1@xxxxxxxxxxxxx> wrote:
>      >
>      >
>      >      Dr. Joe and all,
>      >
>      >       Thanks for also saving/archiving the original story.
>
>      >      History if
>      >      saved in this manner can never be truthfully
>      revised.  BTW,
>      >      I
>      >      and 200 odd other or our members also archived this
>      story
>      >      including all metadata for forensics purposes as well
>      if
>      >      needed
>      >      in the future for legal purposes.  I hope SANS will
>      also be
>      >      covering it as well as did NetworkWorld.
>      >
>      >
>      > Your a gem Jeff, if not a joy to add flavour to our
>      gatherings.
>      >
>      > cheers
>      > joe baptista
>      >
>      >
>      >
>      >
>      >       FWIW, it may be time to keep a closer watch on
>      Circleid,
>      >      which I have also written for on occasion.  Yellow
>      >      journalism
>      >      is not a good thing...
>      >
>      >      Joe Baptista wrote:
>      >
>      >      >
>      >      > The news story below was first published on
>      CircleID.  It
>      >      has since
>      >      > been yanked and is no where to be found on
>      CircleID.
>      >      Maybe we are
>      >      > witnessing a bit of history revision.  This makes
>      me sad
>      >      because
>      >      > CircleID was a publication I once wrote for.  In
>      fact I
>      >      was one of the
>      >      > first paid writer for the organization.  Probably
>      the only
>      >      one at the
>      >      > time.  And it is sad to see revision at an
>      organization I
>      >      was once
>      >      > associated with.
>      >      >
>      >      > However it is understandable considering Vixie, the
>      sacred
>      >      cow of DNS,
>      >      > made such a stupid and silly statement in the
>      article.
>      >      >
>      >      > Basically an internet researcher in Russia was able
>      to
>      >      break the Vixie
>      >      > patch and poison a servers cache after some 10
>      hours,
>      >      billions of
>      >      > connections over a gigabit connection.  Vixies
>      response
>      >      was "before
>      >      > somebody gets all excited about it let's be clear
>      that it
>      >      takes two
>      >      > billion packets on average to defeat UDP port
>      >      randomization, which in
>      >      > this case was a fully utilized gigabit Internet
>      connection
>      >      for a
>      >      > period of ten hours."  and proceeded to draw
>      parallels
>      >      that the level
>      >      > of risk was reasonably low because of this
>      >      rationalization.
>      >      >
>      >      > I think sometime Vixie lives in the dark ages of
>      the net,
>      >      when
>      >      > everything was low bandwidth and script kiddies
>      were a
>      >      novelty.
>      >      > Indeed Polyakov, the Russian researcher, should be
>      >      congratulated for
>      >      > his success in this attack considering the poor
>      russian
>      >      was using such
>      >      > limited resources.
>      >      >
>      >      > Unlike script kiddies or real internet criminals
>      Polyakov
>      >      did not have
>      >      > the resources required, being hundreds of thousands
>      of
>      >      computers
>      >      > connected through a maze of IRC botnets on hundreds
>      of
>      >      thousands of
>      >      > both DSL and gigabit connections to conduct a
>      proper
>      >      attack.  Poor man
>      >      > had to do it with one computer and one high speed
>      internet
>      >      link.  If
>      >      > he had better resources - like the kiddies - he
>      could
>      >      probably do it
>      >      > in much less time - 10 - 20 minutes?
>      >      >
>      >      > Under these circumstances I'm not surprised the
>      story was
>      >      yanked.  The
>      >      > quote makes Vixie look like an idiot.
>      >      >
>      >      > In any case - here is the original story no longer
>      >      published at
>      >      > CircleID.
>      >      >
>      >      >
>      >      > Latest news postings on CircleID
>      >      > URL: http://www.circleid.com/news/
>      >      > Updated: 10 hours 46 min ago
>      >      >
>      >      > Emergency DNS Patch Still Vulnerable, Proves
>      Russian
>      >      Physicist
>      >      >
>      >      > 10 hours 19 min ago
>      >      > A Russian physicist has been able to successfully
>      poison
>      >      the latest
>      >      > BIND patch with fully randomized ports. In other
>      words,
>      >      the emergency
>      >      > fix put in place to patch the Domain Name System
>      (DNS)
>      >      vulnerability
>      >      > for BIND, Internet's most popular DNS software, has
>      been
>      >      demonstrated
>      >      > to be vulnerable?and still exploitable by
>      criminals.
>      >      >
>      >      > Evgeniy Polyakov from Moscow, Russia in a blog post
>      today,
>      >      has shown
>      >      > how using two fairly powerful computers and a fast
>      >      broadband
>      >      > connection, one could successfully attack the
>      patched DNS
>      >      server in
>      >      > less than 10 hours. With a fast connection, "any
>      trojaned
>      >      machine can
>      >      > poison your DNS during one night" says Polyakov in
>      his
>      >      blog post.
>      >      >
>      >      > As demonstrated by security expert, Dan Kaminsky on
>
>      >      Wednesday at the
>      >      > Black Hat security conference, the vulnerability,
>      if
>      >      exploited by
>      >      > criminal, could be detrimental to the Web as well
>      as
>      >      services such as
>      >      > email.
>      >      >
>      >      > Paul Vixie, president of the Internet Systems
>      Consortium
>      >      (ISC), the
>      >      > organization in charge of maintaining the BIND
>      software
>      >      has verified
>      >      > that Polyakov's exploit looks real. However "before
>
>      >      somebody gets all
>      >      > excited about it," Vixie says, "let's be clear that
>      it
>      >      takes two
>      >      > billion packets on average to defeat UDP port
>      >      randomization, which in
>      >      > this case was a fully utilized gigabit Internet
>      connection
>      >      for a
>      >      > period of ten hours." In other words, the
>      probability of a
>      >      successful
>      >      > attack is fairly minimal. On the other hand, in the
>      case
>      >      of an
>      >      > unpatched server, an attack was "narrowed down to
>      six
>      >      seconds," Vixie
>      >      > noted.
>      >      >
>      >      > In the long term, Vixie says "we'll go on improving
>      our
>      >      forgery
>      >      > resilience, as will every recursive DNS
>      implementor, while
>      >      we continue
>      >      > pushing DNSSEC as the ultimate long term solution
>      to the
>      >      entire
>      >      > forgery problem including this off-path-attacker
>      problem."
>      >
>      >      >
>      >      > More under: DNS, DNSSEC, Security
>      >      > Categories: Net coverage
>      >      >
>      >      > --
>      >      > Joe Baptista
>      >      > www.publicroot.org
>      >      > PublicRoot Consortium
>      >      >
>      >
>      ----------------------------------------------------------------
>
>      >
>      >      > The future of the Internet is Open, Transparent,
>      >      Inclusive,
>      >      > Representative & Accountable to the Internet
>      community
>      >      @large.
>      >      >
>      >
>      ----------------------------------------------------------------
>
>      >
>      >      > Office: +1 (360) 526-6077 (extension 052)
>      >      > Fax: +1 (509) 479-0084
>      >      >
>      >      >
>      >      Regards,
>      >
>      >      Spokesman for INEGroup LLA. - (Over 281k
>      >      members/stakeholders strong!)
>      >      "Obedience of the law is the greatest freedom" -
>      >        Abraham Lincoln
>      >
>      >      "Credit should go with the performance of duty and
>      not with
>      >      what is
>      >      very often the accident of glory" - Theodore
>      Roosevelt
>      >
>      >      "If the probability be called P; the injury, L; and
>      the
>      >      burden, B;
>      >      liability depends upon whether B is less than L
>      multiplied
>      >      by
>      >      P: i.e., whether B is less than PL."
>      >      United States v. Carroll Towing  (159 F.2d 169 [2d
>      Cir.
>      >      1947]
>      >      =====
>      >
>      =========================================================
>      >      Updated 1/26/04
>      >      CSO/DIR. Internet Network Eng. SR. Eng. Network data
>      >      security IDNS.
>      >      div. of Information Network Eng.  INEG. INC.
>      >      ABA member in good standing member ID 01257402 E-Mail
>
>      >      jwkckid1@xxxxxxxxxxxxx
>      >      My Phone: 214-244-4827
>      >
>      >
>      >
>      >
>      >
>      > --
>      > Joe Baptista
>      > www.publicroot.org
>      > PublicRoot Consortium
>      >
>      ----------------------------------------------------------------
>
>      > The future of the Internet is Open, Transparent,
>      Inclusive,
>      > Representative & Accountable to the Internet community
>      @large.
>      >
>      ----------------------------------------------------------------
>
>      > Office: +1 (360) 526-6077 (extension 052)
>      > Fax: +1 (509) 479-0084
>      >
>      > Regards,
>      >
>      > Spokesman for INEGroup LLA. - (Over 281k
>      members/stakeholders strong!)
>      >
>      > "Obedience of the law is the greatest freedom" -
>      >    Abraham Lincoln
>      >
>      > "Credit should go with the performance of duty and not
>      with what is
>      > very often the accident of glory" - Theodore Roosevelt
>      >
>      > "If the probability be called P; the injury, L; and the
>      burden, B;
>      > liability depends upon whether B is less than L multiplied
>      by
>      > P: i.e., whether B is less than PL."
>      > United States v. Carroll Towing  (159 F.2d 169 [2d Cir.
>      1947]
>      >
>      ===============================================================
>
>      > Updated 1/26/04
>      > CSO/DIR. Internet Network Eng. SR. Eng. Network data
>      security IDNS.
>      > div. of Information Network Eng.  INEG. INC.
>      > ABA member in good standing member ID 01257402 E-Mail
>      > jwkckid1@xxxxxxxxxxxxx
>      > My Phone: 214-244-4827
>      >
>
>
>
>
>
> --
> Joe Baptista
> www.publicroot.org
> PublicRoot Consortium
> ----------------------------------------------------------------
> The future of the Internet is Open, Transparent, Inclusive,
> Representative & Accountable to the Internet community @large.
> ----------------------------------------------------------------
> Office: +1 (360) 526-6077 (extension 052)
> Fax: +1 (509) 479-0084
>
>

Regards,

Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827




<<< Chronological Index >>>    <<< Thread Index >>>