BBC NEWS
BBCi CATEGORIES   TV   RADIO   COMMUNICATE   WHERE I LIVE   INDEX    SEARCH 

BBC News UK Edition
    You are in: Technology  
News Front Page
World
UK
England
N Ireland
Scotland
Wales
Politics
Business
Entertainment
Science/Nature
Technology
Health
Education
-------------
Talking Point
-------------
Country Profiles
In Depth
-------------
Programmes
-------------
BBC Sport
BBC Weather
CBBC News
SERVICES
-------------
EDITIONS
 Tuesday, 28 January, 2003, 12:05 GMT
How the net leaves itself open to attack
Bin full of waste paper, Eyewire
Most net address queries are unnecessary
The net is making itself unnecessarily vulnerable to crippling attacks, warn experts.

Analysis of the queries sent to one of the net's core address books show that 98% of them could have been handled by other parts of the network.

Dealing with these queries on the outer reaches of the net rather than at its core could help limit the damage of concerted attacks on key servers say experts.

The report and advice comes as the net recovers from the damage wrought by the Slammer worm that exploited holes in Microsoft software.

Bad call

Often your computer only knows where to go to get the webpage you want by consulting one of 13 root servers.

These, or others closer to your home PC if the site you are after is particularly popular, translate the text address you type into your browser into a numerical one the net understands.

These fast, powerful computers possess lists of the location of other servers holding records of the exact location of the net's many websites.

As the master address books the 13 servers are an obvious choke point for the net and have already had been attacked en masse.

Researchers at the San Diego Supercomputer Center (SDSC) have analysed traffic received by one root server on 4 October last year and found that it spent most of its time dealing with unnecessary queries.

We see millions of broken queries from certain sources

Duane Wessels, San Diego Supercomputer Center
On that day the server received more than 152 million queries and the researchers estimate that 98% of these requests were unnecessary.

Analysis of the figures showed that 70% of the requests for net addresses were duplicates - essentially different people looking for the same sites.

The SDSC scientists say all these queries could easily be dealt with if frequently requested information were held, or cached, by net service providers.

A further 12% of the queries sent to the server were for frivolous or non-existent domains such as .elvis, .corp, and .localhost.

Many of the requests sent to the server used the numeric net address of the site in question, meaning the entire request was unnecessary.

"If the system were functioning properly, it seems that a single source should need to send no more than 1,000 or so queries to a root name server in a 24-hour period," said Duane Wessels, a researcher from the Cooperative Association for Internet Data Analysis at the SDSC.

"Yet we see millions of broken queries from certain sources," he said.

The researchers believe that many of the requests are due to badly configured networks that allow computers to make queries but do not let the reply return to the requesting computer.

As a result many computers continue to request addresses fruitlessly over and over again.

The SDSC is creating software tools that help network administrators tweak systems to stop them making unnecessary requests.

See also:

23 Oct 02 | Technology
20 Jul 01 | Science/Nature
31 Jan 01 | Science/Nature
15 Jan 02 | Science/Nature
02 Aug 01 | Science/Nature
20 Sep 01 | Science/Nature
Internet links:


The BBC is not responsible for the content of external internet sites

Links to more Technology stories are at the foot of the page.


 E-mail this story to a friend

Links to more Technology stories

© BBC ^^ Back to top

News Front Page | World | UK | England | N Ireland | Scotland | Wales |
Politics | Business | Entertainment | Science/Nature | Technology |
Health | Education | Talking Point | Country Profiles | In Depth |
Programmes