Internet vulnerabilities

Richard A Steenbergen ras at e-gerbil.net
Thu Jul 4 18:35:32 UTC 2002


On Thu, Jul 04, 2002 at 02:01:16PM -0400, Jared Mauch wrote:
> 
> > Is it feasible that a coordinated attack could shutdown the entire net?  I
> > am not talking DDoS.  What if someone actually had the skills to disrupt
> > BGP on a widescale?
> 
> 	There are a few interesting things on this front that could be
> done.
> 
> 	As in most routers the data+control plane are the same, one can
> DoS the processor or router in interesting ways.

I can't quite picture Osama leading a crack team of BGP commandos on a 
jihad against the internet... 

Maybe blowing up some important net targets, or cutting some important
fiber (and then leaving anti-personnel mines for the people who come to
splice it)... Though if they took out the MAE's, I think routing would 
improve. :)

I've always wondered if someone could get away with colo'ing explosives at
major locations. Take a large computer or router chassis (a 12016 would do
nicely, or some Sun gear), fill it with explosives, and colo it... It
could even be operated over the internet, running "bombd" as it were.

Or what about an attack against the people running the net, say a NANOG or 
IETF meeting... Or maybe something more constructive, like MPLSCon...

But I'm sure there are probably more subtile ways to do it. As with all
good vulnerabilities, it takes someone who is working on the inside to
REALLY know how to muck things up... Fortunately the terrorists seem to be 
concerned with killing thousands of innocent people and scaring millions, 
not pissing off a few nerds and disrupting eBay's profit margin for a 
week. As much as we like to think we are important, I'd hardly put them in 
the same class.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)



More information about the NANOG mailing list