In a recent pastebin post from from a member of the now infamous Anonymous hacking group lies a message most of you have been dreading for years – the internet is about to close down. Not content with taking down mere web sites, Anonymous have now seemingly set their sights much higher.
In the post they claim that they are going to take down the 13 root DNS servers that effectively keep the internet running in the manner which most of us are accustomed to, i.e. typing in a web name rather than having to use a numerical IP address for each location we wish to visit.
This, they say, will happen on March 31st this year.
Reflective DNS Amplification DDoS tool
The pastebin poster goes on to say that this feat will be accomplished with a new tool called Reflective DNS Amplification DDoS that is based on AntiSec’s DHN, based on the following principle:
…a flaw that uses forged UDP packets is to be used to trigger a rush of DNS queries all redirected and reflected to those 13 IPs. The flaw is as follow; since the UDP protocol allows it, we can change the source IP of the sender to our target, thus spoofing the source of the DNS query.
The motivation behind the above alleged attack is Anonymous’ dislike of SOPA, greedy bankers, etc.
Is a DDoS attack ever justified?
Now this reminds me of an article I’ve just written for Mohit for next month’s The Hacker News Magazine in which I contemplated the legality and ethics of DDoS attacks. Whilst I have no love for SOPA, ACTA or bankers myself I do still feel as though ‘legitimate’ protest is the way to go – I don’t condone Distributed Denial of Service attacks whatsoever.
But what are your views? Is DDOS ever justified? If so, under what circumstances? And what do you think will be the end result if Anonymous do indeed kill the internet on March 31st as part of their Operation Blackout plan?