North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Vulnerbilities of Interconnection

  • From: Dave Israel
  • Date: Fri Sep 06 11:55:31 2002

[email protected] said:

>Taking out an a collo would more than just increase time to download porn
>for a few days.

and went on to say:

> > > Is there a general consensus that cyber/internal attacks are more
> > > effective/dangerous than physical attacks.  Anecdotally it seems the
> > > largest Internet downages have been from physical cuts or failures.
> > 
> > It depends on what you consider and internet outage. Or how you define
> > that. IMHO.
> 
> Lets bring this discussion to a some common ground -
> 
> What kind of implact on the global internet would we see should we observe
> nearly simultaneous detonation of 500 kilogramms of high explosives at N of the
> major known interconnect facilities? 

The answer to the first thing is "Yes, it would be back at full speed
in 24 hours" and the second thing is "Unless N is unreasonably large,
not much."  The reason is that people like us work on running the
internet.

In case 1, suppose I am a porn magnate.  (Obviously, I am not, or I
would dress better and work less, but stay with me for a moment.)  I
sell two products: pictures, and online strippers.  The pictures are a
static gold mine, so chances are, I have them backed up.  The
strippers are at a studio near my hosting/colocation site, and
backhauled via your favorite fiber-based protocol.  I get a call
saying, "Hey, a terrorist from group X walked into the colo facility
with a 12008 chassis filled with plastique, and, well, the entire site
is a charred hole in the ground."  After a few seconds of horror,
greed takes over, and I call other nearby providers to see who can get
me back up today, pay the telco a nice hefty fee to reroute my SONET
connection to that provider, and the money is rolling in before
sunset.

In case 2, suppose it is 4 major peering points.  No big deal for the
bulk of traffic, because the bulk of traffic goes between the big
players, and they are all privately peering.  So are many of the
medium-sized folks.  Smaller folks often buy transit from a larger
provider to reach everybody they cannot peer with.  And even if you
don't buy transit and don't have overseas peering and lose your
connectivity because they picked your 4 favorite sites, you're not
going to be down for long, because somewhere, you are close enough to
a UUnet or a AT&T or a Level 3 who can toss you a cable until you can
get back on your feet.

Yeah, an attack can make the Internet uncomfortable and cause a lot of
scurrying and odd deals, but the provider who is completely screwed by
an attack on 1 colo or 4 peering points is going to be an exception,
not the rule.

-Dave