[53694] in North American Network Operators' Group
Re: Cyberattack FUD
daemon@ATHENA.MIT.EDU (William Waites)
Wed Nov 20 15:37:26 2002
To: Kurt Erik Lindqvist <kurtis@kurtis.pp.se>
Cc: "Stephen Sprunk" <ssprunk@cisco.com>,
<Michael.Dillon@radianz.com>, <nanog@nanog.org>
From: William Waites <ww@styx.org>
Date: 20 Nov 2002 15:35:24 -0500
In-Reply-To: <1BB0AC80-FCB6-11D6-BC97-000393AB1404@kurtis.pp.se>
Errors-To: owner-nanog-outgoing@merit.edu
>>> "Kurt" == Kurt Erik Lindqvist <kurtis@kurtis.pp.se> writes:
Kurt> I am not sure what you mean with 25% of the Internet? What
Kurt> connectivity would degrade? From where to where?
If you randomly select nodes to remove, by the time you have removed
25% of them, the network breaks up into many isolated islands. As Sean
pointed out, the CAIDA study considered a sample of the 50k most
connected nodes. So a successful attack aimed at 12500 big routers
simultaneously would break the Internet into little pieces.
If more strategy is used in the selection process, you get localized
outages -- i.e. disabling everything in 60 Hudson or 151 Front is
likely to cause significant problems in New York or Toronto but you'll
probably be able to see the rest of the world just fine from Sweden.
A distributed physical attack against a large number of Telco Hotels
and trans-oceanic fibre landing points would be somewhat worse. It
would also be very difficult to do from a laptop.
With the exception of E911 service (which normally doesn't use IP
anyways), any such disruption is unlikely to really hurt anyone. Such
hand-wringing whenever someone threatens to break the Internet is
maybe a sign of an unhealthy dependence on a medium that is younger
than most of the people on this list?
Taking the fear mongering and sabre rattling too seriously is much
more dangerous than any possible network outage.
-w
