North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Cyberattack FUD

  • From: Kurt Erik Lindqvist
  • Date: Wed Nov 20 16:56:39 2002 


    Kurt> I am not  sure what you mean with 25%  of the Internet? What
    Kurt> connectivity would degrade? From where to where?

If you randomly  select nodes to remove, by the  time you have removed
25% of them, the network breaks up into many isolated islands. As Sean




Well, depending on topology and where you shut things off - you could
make one new island per node I take away. I don't see anything
relatively new to this. All networking people at the larger ISPs have a
pretty good knowledge of exactly which nodes to take out to...




pointed  out, the  CAIDA study  considered a  sample of  the  50k most
connected nodes.  So a  successful attack aimed  at 12500  big routers
simultaneously would break the Internet into little pieces.




To be honest - you would need to go for far less than 12500 routers if
you know what you are doing. That everything worked well on the
Internet on 9-11 most likely comes from comparing it with the phone
network. The "Internet" (rather specific networks) where affected by
9-11 and only stayed up due to co-operation among a lot of people.




Taking the  fear mongering  and sabre rattling  too seriously  is much
more dangerous than any possible network outage.





Although I generally agree with this - there is a large risk with
underestimating the problem as well. We have for the last few years
been busy catching up with the attackers, mostly because of sloppiness
and laziness on the operators side. no ip directed broadcast and more
recently the discussions of ingress-filtering are just examples of this.



- kurtis -