DoS Internals

No, no typo. Not DOS Internals or so. Rather, internal DoS attacks.

Are they tractable? [Uhh, that may sound like they’d be positive things to be able to do — sorry, just hinting at “technical feasibility” here]

Yes they are. Stuxnet was the prime example. Something similar would be tractable once one is (somewhat) on the inside, I guess. Like, an APT exploring the internal networks for topology, infecting routers along the way, and then blowing them up all, all at once, with megazillion tons of traffic, internally generated. Denying (internal) network services to all. Or even bricking routers with e.g., flash-ROM attacks. Feasible.

The same, with surreptitious tweaks of kernel scheduling processes, Stux style. Or, there, too, diving deep into and under the virtualisation layers and bricking the core BOISsen and other Level 0 / 1 server software. Overflowing disks with random data (be sure to buffer tons, so restarts / re-mounts will not help too easily).

Hmmm, once one starts thinking about it, the possibilities are huge. Maybe some nationstate party/ies has some arsenal out there in the wild already. Think yesterday’s post; on its own or in combo with Elections, whose interests where?

Oh whatever … plus:

DSCN7411

[A hole in your servers’/routers’ “floatation” capabilities will sink your infra; Baltimore]

Leave a Reply