Defending networks from malicious hacking exploits depends in large part on the voluntary, cooperative efforts of network operators, device makers, and Internet users.
Today the Broadband Internet Technical Advisory Group (BITAG) -- a group of technical experts dedicated to building consensus about broadband network management -- has released a series of targeted, balanced recommendations to help stifle an emerging type of network attack. That attack has been used in recent years by the hacker collective Anonymous (among others) to swamp web sites with traffic, knocking them offline.
The attack, shown below, exploits two Internet vulnerabilities: the failure of some network operators to apply recommended protections that prevent users from impersonating (“spoofing”) other users’ IP addresses, and the lack of adequate authentication in certain home router software that implements the Simple Network Management Protocol (“SNMP”).
The attack begins with an army of zombie computers (a “botnet”) that the attacker can control. The attacker instructs the computers in the botnet to send traffic to users whose home routers may contain the SNMP vulnerability. That traffic is sent with a spoofed return address to make it look as if it came from the web site that is the intended victim (say, www.example.com). When the users’ home routers respond, their responses flood www.example.com, taking it offline.