[30319] in North American Network Operators' Group
Re: Internet FUD Abound
daemon@ATHENA.MIT.EDU (Danny McPherson)
Wed Jul 26 16:59:02 2000
Message-Id: <200007262053.OAA20971@tcb.net>
To: nanog@merit.edu
From: Danny McPherson <danny@tcb.net>
Reply-To: danny@tcb.net
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 26 Jul 2000 14:53:46 -0600
Errors-To: owner-nanog-outgoing@merit.edu
Agreed. For example, effecting availability of a few root nameservers alone
would have an _interesting effect. No need to even attack the servers
themselves, simply advertise more specifics of their address space (or the
like).
Just another subtle reminder that prefix-filtering (@ access and
inter-provider -- at least well-known address space) could have a significant
impact -- if/when this does occur.
-danny
> The Reuters article skips over some of the important qualifiers
> in the Nature letter. Read the entire letter on the Nature
> website. http://www.nature.com/
>
> The conclusions are interesting, but I think missing a few pieces
> of data. Every major public NAP has had service affecting incidents,
> and so far we have not seen the partioning effect Albert et al write
> about. I've also followed a fair number problems in the private
> connections, also without major network partion beyond those networks.
> Further, the source data from NLANR doesn't pick up every possible
> connection between networks. You should view source data as a floor(),
> not a ceil(), on the connectivity. And finally, coordinating a physical
> attack on more than a few physical locations is hard, even with perfect
> information.
>
> Of course, this is a false argument because it has never happened doesn't
> mean it can never happen. But I think its important to understand why
> such an attack is hard, as well as understanding why it is possible.
>
> On the other hand, there have been accidents (and perhaps some attacks)
> on the logical layer which have severely disrupted the Internet. The
> interesting thing about logical attacks is you don't need perfect information
> about the network because the critical points of the network almost act as
> natural gravity wells pulling the attack towards them (using a physical
> analogy in cyberspace).
>
>
>
