Points of Failure (was Re: National infrastructure asset)

Tue Sep 25 00:38:49 UTC 2001

> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
> Timothy R. McKee
> Sent: September 24, 2001 8:29 PM
> To: nanog at merit.edu
> Subject: RE: Points of Failure (was Re: National infrastructure asset)
> Importance: High
> 
> 
> I know it's difficult to refrain from comment, but let's try to remember
> that the bad guys read this list too.  While they may not have 
> the knowledge
> of critical communication infrastructure points, they can 
> certainly find and
> target them if we point them in the right direction.
> This pertains not only to our side of the ponds, but to overseas as well.
> We all know where the 'soft targets' of our infrastructures are located -
> let's keep it to ourselves or, at the very least, within small private
> discussion groups where everyone knows everyone and not on the 
> public list.

Why would security by obscurity work in this case?

Any terrorist with a quarter of a clue can find out the addresses of enough critical buildings to cause a huge disaster in about 30 minutes (*hint* Find sites for providers that have hardware coloed in major buildings and that list the addresses of these POPs. No names will be provided, but I have at least one in my mind. Repeat this process with some major peering points, a listing of which is quite easy to find).
I might add that it's much easier to find this out than it is to crash some airplanes into prominent US buildings; I doubt a 30 minute Google search would tell you how to pilot airplanes, but perhaps I'm just a little naive.

Vivien
-- 
Vivien M.
vivienm at dyndns.org
Assistant System Administrator
Dynamic DNS Network Services
http://www.dyndns.org/