North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Internet vulnerabilities

  • From: Sean Donelan
  • Date: Fri Jul 05 20:05:38 2002

I don't understand many of the cyber-scare articles.  If I was cynical,
and I thought we had a clever government, I would say it was all a
diversionary tactic to distract attackers from the more vulnerable
infrastructures.

Disrupting the Internet is a matter of scale and time.  It is fairly
trivial to disrupt large portions of the Internet for short periods of
time.  You don't need to be a hacker to do that.  Most of the senior
network engineers on this list have done it by accident or unplanned
maintenance.  Just look at the Internet during major maintenance windows
to see what can be done.  With BGP dampening, its possible to DOS yourself.

On the other hand, disrupting a large portion of the Internet for more
than a few (e.g. 6) hours is slightly more difficult.  Most of that time
is consumed by response team activation.  Nevertheless there are a few
attacks which could take longer than 24 hours to recover.  The loyal
order of  disgruntled, unemployed network engineers met at a bar at
a previous NANOG and come up with several interesting, yet practical
attacks. I'm not talking about permanent events, such as a massive solar
flare ending all life on earth.

What's nice about the Internet is it is a relatively loosly-coupled.
Which means many different people can work on fixing their part of the
Internet without needing too much coordination.  The Internet doesn't
have the equivalent of a LERG, so you can connect your piece of the net
back into whatever other pieces of the Net still working without
centralized coordination.  Highly visible things like root name servers
are under attack a lot, but for the most part the net stumbles throught
it.  Highly visibile things tend to also be highly protected.

But why bother?  There are other infrastructures which are more vulnerable
to attack than the Internet, and more likely to get significantly more
news coverage than any attack on the Internet could achieve.