Re: Sprint peering policy
Gordon Cook wrote: I don't post here much Any chance of changing that? After listening to endless banter from Ralph Doncaster, I'd welcome of your latest interview with Bill St. Arnaud and Wade Hong on CANET*3.1415927. Pretty please with a plastic figurine of the delectable Ms. Jane on top? Finally I'd like to ask a question in return. I am trying to look at what will grow up on the ashes of the current industry collapse. Larger large players, more basement web hosters. Fiber to the home is beginning to appear in a few isolated areas. It will disappear just as quickly. Has, in some places. A few years back, VC's were wooed by the concept. They didn't know what the heck it was, nor did they care, so long as those pitching it (who knew even less about it, for the most part) kept dropping buzzards such as broadband and fiber over and over. Now's the wake-up call. It just isn't cost-effective, which might explain why every company offering FTTH services in the States is either f'd, soon-to-be f'd, or abandoned the plans in favor of something more viable like cable. Whatever happened to WINfirst? Are there folk with adequate routes and connectivity that would undertake to form a network that might be independent of the current internet core back bone of what (112,000 routes?) on top of which sit the half dozen or so Tier one players that peer primarily with each other and demand transit $$$ from everyone else? Web and email stay on the legacy backbone...new services migrate to a backbone with a cost structure unencumbered by the tier one oligopolists? No. PS. Anyone interested in trekking in Nepal in October please let me know off list. eg http://cookreport.com/everest.shtm When? I'm handnig out summaries of the Cook Report at the Princeton-Harvard game on the 26th. Then it's off to Shanghai to crash the ICANN meeting. Then Eugene to lobby for macro-allocations and true financial disclosure/accountability at the ARIN conference. Beginning of the month works best. I've been benching 300 and tracing Broadwing cross-country fiber routes by foot in preparation, hopefully you'll be able to keep up! Have any other internet luminaries expressed an interest in going? Frank Proud to be an American Rizzo PS: I had a bet with my boss: how many of you are watching fireworks tonight? Mail me privately and I'll post a summary to the list.
Internet vulnerabilities
There is a lot of news lately about terrorist groups doing recon on potential targets. The stories got me thinking. What are the real threats to the global Internet? I am looking for anything that might be a potential attack point. I don't want to start a flame war, but any interesting or even way out there idea is welcome. Is it feasible that a coordinated attack could shutdown the entire net? I am not talking DDoS. What if someone actually had the skills to disrupt BGP on a widescale? jas
Re: Internet vulnerabilities
Well, the recent jumbo AS path issue had an interesting effect of resource starvation on a few routers. Still, I think the softest targets are the root name servers. I was glad to hear at the Toronto NANOG meeting that this was being looked into from a routing perspective. Not sure what is being done from a DoS perspective. ---Mike At 01:56 PM 04/07/2002 -0400, Jason Lewis wrote: There is a lot of news lately about terrorist groups doing recon on potential targets. The stories got me thinking. What are the real threats to the global Internet? I am looking for anything that might be a potential attack point. I don't want to start a flame war, but any interesting or even way out there idea is welcome. Is it feasible that a coordinated attack could shutdown the entire net? I am not talking DDoS. What if someone actually had the skills to disrupt BGP on a widescale? jas
Re: Internet vulnerabilities
In terms of damage to the 'Net lasting longer than the slashdot thread on same; I'm far more afraid of Mickey Mouse Lawyers vice any MidEast terrorist. -- A host is a host from coast to [EMAIL PROTECTED] no one will talk to a host that's close[v].(301) 56-LINUX Unless the host (that isn't close).pob 1433 is busy, hung or dead20915-1433
Re: Internet vulnerabilities
quote who=Jason Lewis What if someone actually had the skills to disrupt BGP on a widescale? I think the media talk about taking down the Internet are kind of bogus. Nobody has ever died because they couldn't check their email. If the net went down for an hour, a day, or even a week I think that my mom and the rest of the non glued-to-their-terminal world would somehow struggle through and sustain a normal daily routine. -davidu [who probably would not survive a week long net outage ;) ] -- Never doubt that a small group of thoughtful citizens can change the world. Indeed, it is the only thing that ever has. --Margaret Mead
RE: Internet vulnerabilities
Except what if in my scenario, while flooding, it executed dd if=/dev/zero of=(hd) on all of the system drives. If someone wanted to do it, it could be done. --Phil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David Ulevitch Sent: Thursday, July 04, 2002 2:23 PM To: [EMAIL PROTECTED] Subject: Re: Internet vulnerabilities quote who=Jason Lewis What if someone actually had the skills to disrupt BGP on a widescale? I think the media talk about taking down the Internet are kind of bogus. Nobody has ever died because they couldn't check their email. If the net went down for an hour, a day, or even a week I think that my mom and the rest of the non glued-to-their-terminal world would somehow struggle through and sustain a normal daily routine. -davidu [who probably would not survive a week long net outage ;) ] -- Never doubt that a small group of thoughtful citizens can change the world. Indeed, it is the only thing that ever has. --Margaret Mead
Re: Internet vulnerabilities
On Thu, Jul 04, 2002 at 02:01:16PM -0400, Jared Mauch wrote: Is it feasible that a coordinated attack could shutdown the entire net? I am not talking DDoS. What if someone actually had the skills to disrupt BGP on a widescale? There are a few interesting things on this front that could be done. As in most routers the data+control plane are the same, one can DoS the processor or router in interesting ways. I can't quite picture Osama leading a crack team of BGP commandos on a jihad against the internet... Maybe blowing up some important net targets, or cutting some important fiber (and then leaving anti-personnel mines for the people who come to splice it)... Though if they took out the MAE's, I think routing would improve. :) I've always wondered if someone could get away with colo'ing explosives at major locations. Take a large computer or router chassis (a 12016 would do nicely, or some Sun gear), fill it with explosives, and colo it... It could even be operated over the internet, running bombd as it were. Or what about an attack against the people running the net, say a NANOG or IETF meeting... Or maybe something more constructive, like MPLSCon... But I'm sure there are probably more subtile ways to do it. As with all good vulnerabilities, it takes someone who is working on the inside to REALLY know how to muck things up... Fortunately the terrorists seem to be concerned with killing thousands of innocent people and scaring millions, not pissing off a few nerds and disrupting eBay's profit margin for a week. As much as we like to think we are important, I'd hardly put them in the same class. -- Richard A Steenbergen [EMAIL PROTECTED] http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)
Re: Internet vulnerabilities
On Thu, Jul 04, 2002 at 02:35:32PM -0400, Richard A Steenbergen wrote: But I'm sure there are probably more subtile ways to do it. As with all good vulnerabilities, it takes someone who is working on the inside to REALLY know how to muck things up... Fortunately the terrorists seem to be concerned with killing thousands of innocent people and scaring millions, not pissing off a few nerds and disrupting eBay's profit margin for a week. As much as we like to think we are important, I'd hardly put them in the same class. Or, you could work behind the scene, get Michael Powell appointed to the FCC, and make sure there are no brakes on the shortsightedness of lawyers at the RIAA, the MPAA, and the US RBOCs. Oh. Wait. That's been done. Nevermind.
Re: Internet vulnerabilities
[EMAIL PROTECTED] (Mike Tancsa) writes:
... Still, I think the softest targets are the root name servers. I was
glad to hear at the Toronto NANOG meeting that this was being looked into
from a routing perspective. Not sure what is being done from a DoS
perspective.
Now that we've seen enough years of experience from Genuity.orig, UltraDNS,
Nominum, AS112, and {F,K}.root-servers.net, we're seriously talking about using
anycast for the root server system. This is because a DDoS isn't just against
the servers, but against the networks leading to them. Even if we provision
for a trillion packets per second per root server, there is no way to get
the whole Internet, which is full of Other People's Networks, provisioned at
that level. Wide area anycast, dangerous though it can be, works around that.
See www.as112.net for an example of how this might work. More later.
--
Paul Vixie
Re: Internet vulnerabilities
On Thu, 4 Jul 2002, Jason Lewis wrote: :What are the real threats to the global Internet? I realize this seems like nitpicking, but asking what the real risks are might be a more useful question. The reason I mention this is because the washington post report the other day about threats to SCADA systems was blown out of proportion, because it equated the seriousness of the threats with their associated risks. Yes, most ASN.1 implementations have serious vulnerabilities, welcome to 1988. The ASN.1 vulnerabilities being talked about right now are serious threats, but lower risk than say, millions of unpatched IIS and apache servers, public exploits and a worm on the loose. Application level vulnerabilities that have to be patched on a host by host basis, cause a greater risk than say, SNMP vulnerabilities that can be filtered at the gateway, which protects from opportunistic external attacks. When you talk about threats to the global Internet, there are hundreds of equally serious vulnerabilities of varying risk. Also, the global Internet has many different meanings. It can mean the ability to send and recieve packets on layer 3 or people being able to conduct business electronically, with some reasonable expectation of the confidentiality, integrity and reliability of their transactions. So, it all depends on what you mean by the Internet:) I think this is an extremely important discussion to have on the list, I just think it should be framed in terms of real risks, root causes, and potential solutions. :I am looking for anything that might be a potential attack point. I don't :want to start a flame war, but any interesting or even way out there idea :is welcome. : :Is it feasible that a coordinated attack could shutdown the entire net? I :am not talking DDoS. What if someone actually had the skills to disrupt :BGP on a widescale? Once you start thinking about the Internet from a security perspective, you realize there is no entire net subject to the sum of its parts in any practical sense. It is a network of networks that serves a continuum of interests, bounded by economics, and driven by porn. ;) The attack point is anywhere you think will do the most harm to the people you dislike. If you just want to break something, find serious, easy to exploit, security design limitations in BGP, MPLS, BIND and drive a major global backbone like UUNet into insolvency. ..What? Oh ...Too late. -- batz
RE: Waiver of IP and AS Number Transfer Fees
Hey, I'll be the first to laugh it up about some of ARIN's oldschool GM-style practices, but let's not knock the staff there... I've had nothing but good experiences with the front-liners (billing and support). And I believe your cry has been heard and this clean-up and the template revision are merely portions of their restructuring. -j -Original Message- From: Tom Thomas [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 03, 2002 9:32 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; jnelson; [EMAIL PROTECTED] Subject: RE: Waiver of IP and AS Number Transfer Fees Michael its simple ARIN is staffed by a bunch of people who have no concept of business or reality. There reality is based on outmoded ideals enforced on them, so no wonder people do not want to go through the abuse of dealing with them. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Hallgren Sent: Wednesday, July 03, 2002 4:34 PM To: [EMAIL PROTECTED]; jnelson; [EMAIL PROTECTED] Subject: RE: Waiver of IP and AS Number Transfer Fees Please correct me if I am wrong. This is not allowing the practice of selling IPs or ASes, I've never really come around to fully understand the notion (more and more common, it seems) of _selling_ such..? (Maybe I'm an idealist :) but it encourages those of us who have acquired other companies to consolidate all the registrations under a single NIC handle (for example) to reduce the total number of contacts floating out there? Is my understanding accurate? I would hope so, in a general perspective. mh Thanks, DJ
RE: Internet vulnerabilities
Coordinated infrastructure attacks are scary for that reason. They are scary. :) Netcraft will provide you the information on every web server/server OS just for the asking -- you don't need an OC3 or even nmap. Historically, wide spreading worms have had a flaw in the program that prevented how much damage they could cause. (i.e., either too virulent or too patient). I suspect even in your dd solution, the attacker would leave a delay to allow some additional CPU power devoted to attacking other destinations. If the timeout is too short and interesting machines go down fast, the spread takes longer. If its too long, it can be stopped before it gets as far. The nastier you make it, the less far it spreads. In some paranoid networks, within 20 minutes of the content disappearing they would probably pull all or many of their most significant machines off line while they are figuring out what attack is occuring. The least responsive networks are going to be the most vulnerable to a scenario like this. Rate limiting ICMP (or your favorite attack packet) isn't as difficult as it used to be (even at the border), and since most large networks use automatic configuration generators -- no matter how cumbersome -- it is concievable that the brute force attack could be killed on the largest networks at a mean of 10-12 hrs. Server damage would take longer depending on how available/recent backups are. The best part of multilevel NOCs (level 1-2 open tickets 3+ solve problems) is that under large, cascading attacks of this sort, those who actually solve the problem are not as bogged down by frantic customers calling. Risers (inside) a building aren't even that big a deal. Most manholes around these carrier hotels are not welded shut, and most of the POEs (no matter how many there are) have a man hole or two on the street for splicing purposes. A few bad guys could drop a explosive, incendiary, acid, etc in each of these around each major carrier hotel and disable the hotel in about 20 minutes from start-to-finish. (4 men teams at each major infrastructure location in the U.S. -- say 10?) could disable everything in less than 5 minutes from start to finish and be making a quick exit before the first fiber goes down. If you simultaneously melt/explode/destroy every POE to every major cable landing/telecom hotel in the U.S., you will have problems (sky links MIGHT be excepted if you are especially clever). And 24 hr repair times, assuming you can get the repair call out in the first place. Lets not forget that manholes are almost always in public right of way, or similarly accessible. Opening them quickly/publicly won't even freak out too many people. Worst case 2-3 blocks away you triple the number of manholes to open/disable, and have no tech-savvy types or building-security types have the chance to even see it go down -- better, no welded manholes to worry about whatsoever. --- Its almost ridiculous to worry about protecting carrier-buildings from deliberate mischief because they are far more vulnerable outside than inside. Security guards inside are (IMO) to keep large pieces of equipment from walking out without getting a good look at the guy(s) doing it. Even then, most misunderstand their role and rely on the basic honesty of the visitors to maintain anything... I could just be grumpy though. Deepak Jain AiNET -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Phil Rosenthal Sent: Thursday, July 04, 2002 2:17 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: Internet vulnerabilities Thinking about a physical threat... If you go to 111 8th ave, NYC. They have added security since 9-11-01 which now requires either building ID, or showing a driver's license before entering building (because terrorists don't have driver's licenses). On some floors (eg the 7th). The building risers and conduits are completely exposed. I can't help but wonder how much damage a terrorist attack to that would do. Also, say someone from a moderately fast internet connection (OC-3) ran nmap across the entire internet on ports like 21,22,53,80,443,3306. In one day, they can probably have a list of every server answering those ports, and the versions of the daemons on them. Next, just wait for an wide enough exploit to come out, and then write a Trojan that has a list of every other server vulnerable, and on every hack, it splits the list in 2, and roots another box and gives it the 2nd half of the list. I estimate that with a wide enough exploit (eg apache or openssh), you could probably compromise 20% of the servers on the net within 1 hour, and then have them all begin a ping flood of something far away network wise (meaning a box in NYC would flood a box in SJC, a box in SJC would flood a box in Japan, etc... Trying to have as much bit distance as possible). Damn scary, but I believe if someone was determined enough, they could
