North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Internet vulnerabilities

  • From: Phil Rosenthal
  • Date: Thu Jul 04 14:23:45 2002

Thinking about a physical threat...
If you go to 111 8th ave, NYC.  They have added security since 9-11-01
which now requires either building ID, or showing a driver's license
before entering building (because terrorists don't have driver's
licenses).

On some floors (eg the 7th).  The building risers and conduits are
completely exposed. I can't help but wonder how much damage a terrorist
attack to that would do.

Also, say someone from a moderately fast internet connection (OC-3) ran
nmap across the entire internet on ports like 21,22,53,80,443,3306.  In
one day, they can probably have a list of every server answering those
ports, and the versions of the daemons on them.

Next, just wait for an wide enough exploit to come out, and then write a
Trojan that has a list of every other server vulnerable, and on every
hack, it splits the list in 2, and roots another box and gives it the
2nd half of the list.

I estimate that with a wide enough exploit (eg apache or openssh), you
could probably compromise 20% of the servers on the net within 1 hour,
and then have them all begin a ping flood of something "far away"
network wise (meaning a box in NYC would flood a box in SJC, a box in
SJC would flood a box in Japan, etc... Trying to have as much bit
distance as possible).

Damn scary, but I believe if someone was determined enough, they could
take down the whole 'net within one hour of pressing "enter".

I suppose there really isn't anything that can be done at this point to
make that scenario impossible.

--Phil

-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Jason Lewis
Sent: Thursday, July 04, 2002 1:57 PM
To: [email protected]
Subject: Internet vulnerabilities



There is a lot of news lately about terrorist groups doing recon on
potential targets.  The stories got me thinking.

What are the real threats to the global Internet?

I am looking for anything that might be a potential attack point.  I
don't want to start a flame war, but any interesting or even way out
there idea is welcome.

Is it feasible that a coordinated attack could shutdown the entire net?
I am not talking DDoS.  What if someone actually had the skills to
disrupt BGP on a widescale?

jas