ARPANET and the unintentional playground

ARPANET or the Internet as we now know it was release prematurely onto an unsuspecting world by the American Department of Defence (DoD), it is not fit for purpose. It was designed to be robust but fails miserably under certain conditions when attacked. Basically the routing protocols that make sure all your packets of data are directed and arrive in the right place and are reassembled by the IP (Internet Protocol) layer is open to fakery by flooding your local network with false packets, which can take over your communications by utilizing a number of techniques.

This attack can be done by a botnet which is a number of computers usually the same subnet provided by you ISP (Internet Service Provider). Windows computers are renowned for being open to being misused for attacking other computers without the users knowledge. Remember the Microsoft advert with a castle and guard dogs around a girl sitting there with a laptop on her sitting room table. Well its was all a PR job, if you watched any other the security news at the time you would have realized this was a marketing hoax.

The unsecure HTTP (Hyper Text Transfer Protocol) protocol used to deliver most HTML content is open to these sort of attacks called tear drop attacks. Basically the machines in the botnet produce crafted packets which are designed to get through and pretend to be valid packets. All they have to do is fit within what is called a window which is an area in the sequence of packets which the packet can get through within.

It only needs one of these bogus crafted packets to get through to deliver what is called an exploit which exploits a vulnerability or multiple vulnerabilities within the target computers operating system to gain control.

The target computer may actually have a number of vulnerabilities at any one time some know by Microsoft some not, there were about 20 vulnerabilities a month being published as patched over a several year period. Anyway the vulnerabilities within a computer are known as an attack surface. One such one just required a single pixel graphic called a GIF this allowed an attacker to get into the Windows machines GDI.

The whole thing resulted in an open bonanza of a lot of people termed script kiddies, although they are of varying ages, trying to hack and take control of systems. They use tools and code available on the internet not necessarily with full understanding of the code or the tools and used them to play with attacking random and selected users machines and whole networks.

Now exploits are very hard things to craft properly and a lot of badly crafted ones resulted in a lot of machine crashing apparently randomly. Remember the period of YouTube crashes well this was a teardrop attack. And the earlier Blaster and Sasser attacks that resulted in thousands of machine crashing.

I believe there are still vulnerabilities from this era of Microsoft code in Windows XP, Vista and Windows 7, there may still be some in Windows 8.

Well crafted and executed attacks on the other hand can go totally unnoticed the only thing you may notice is a slight slow down in your machine response or excessive CPU usage.

Even your so called virus protection software is easy to circumvent by an up to date what is termed a eleet (31337 in hacker speak) hacker. Keeping and working on this cutting edge is a technical art form in itself. And there are competitions like DEFCON where the NSA are no longer welcome since the Edward Snowdon witch hunt.

Okay so what do you do about this, the answer is simple for a start but no guarantee use the HTTPS protocol for all website that support it, if you look at the web address or URL in the address bar check to see there is an “https:\\” in there if there is not try inserting an ‘s’ there, if you get what is termed a 404 which is another way of saying page not found then that site does not support HTTPS. But this is no guarantee GCHQ and the NSA and any eleet hacker can still get into you computer in various ways.

Basically the internet is a playground intentionally or unintentionally released onto the public and the world. This system could have been totally secure using the correct techniques but premature release, capitalism, and the rush to get things to market precluded this.

So are the hackers or to term it correctly the crackers guilty, well some are and some are not, but who is really guilty its the American DoD, and the pressures on the IETF after hand over of ARPANET. The internets documentation is still based on what is called “Request for Comments” or RFC‘s, says it all really I read these in the 1990’s and found two of the main errors which are still there today in ARPANET, which is written into every internet device, router, and the internets backbone.

As a result we have a system that is not really fit for purpose, all thought it works, most of the time. But a lot of hacker who have tried to bring things to the attention of the authorities and Microsoft have been ignored, silenced, and even vilified.

Microsoft refused to take part in the Full Disclosure mailing list which acted as a clearance house for vulnerabilities and exploits for Open Source products and as a result there were people selling Microsoft Exploits for extortionate amounts of money. Meanwhile Linux and other open source products benefited from the many-open eyeball approach to bug and exploit discovery and fixing. Most of the time the Open Source vendors would publish there addresses and receive the exploits from the discovers who may or may not have been paid for their work, and the code fixes would then be published on the mailing list.

Microsoft wanted no part of this and as a result they still do not have a single secure operating system. Other than a research project called Singularity which was written from ground up and uses a very clever and complex model based on .NET to provide a secure system.

Well that’s all folks for now … Ethernet, MTU’s and the efficiency of the Internet will come next.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s