For want of a single ethernet card, an airport was lost ...
zwhite-nanog at darkstar.frop.org
Tue Aug 21 09:30:36 UTC 2007
On Mon, Aug 20, 2007 at 10:11:33PM -0500, Stephen Sprunk wrote:
> The problem is that if you have a second path of entry with lesser security
> protocols, attackers will find a way to get themselves onto that path. For
> instance, imagine the terrorists have papers that look legit but they know
> won't pass computer cross-references; any time they want to come in, they
> would just disrupt the computer network and force the agents to rely on the
> papers alone. That's why people get stuck on the runways waiting for the
> computers to come back up.
So what happens when the attack changes from trying to harm/kill people
to disrupting daily life in general? If the attackers (who may or may
not be terrorists, whatever that means) can disrupt our networks
whenever they want why isn't that a bigger problem than the fact they
might slip a few people in?
Remember, almost all of the 9/11 hijackers came into this country
legitimately and had verifiable (if not legit) ID.
To bring this back into the sea of on-topicness, I invite you to
remember the early 90s, when the biggest security problem a network
operator had to face was compromised machines. Everyone "knew" that
this was the only real aspect to computer security, and the fact that
some sites could cram (a lot) more data down a pipe than others was
known, but only crackpots thought it was a problem.
Then a little tool called smurf was released, and the game changed. It
opened our eyes to the fact that not all security problems involve
illegitimate access. We realized that a Denial of Service attack was
just as bad, sometimes even worse, than a system compromise.
This same period gave rise to other tools that became the bane of
network operators and irc users everywhere. Pepsi, winnuke, sping, jolt.
These tools didn't do anything to help the user gain access to a system,
but they allowed the user to cause just as much trouble. How many of you
who were working in any capacity then can honestly say you never spent
hours calling upstream providers to get a flow of packets stopped?
At some point our networks have to remain useful. If they can be shut
down for hours or days at a time are they really secure?
More information about the NANOG