Re: Internet FUD Abound

[Danny McPherson]

Agreed.  For example, effecting availability of a few root nameservers alone 
would have an _interesting effect.  No need to even attack the servers 
themselves, simply advertise more specifics of their address space (or the 
like).

Just another subtle reminder that prefix-filtering (@ access and 
inter-provider -- at least well-known address space) could have a significant 
impact -- if/when this does occur.

-danny

  
> The Reuters article skips over some of the important qualifiers
> in the Nature letter.  Read the entire letter on the Nature
> website.  http://www.nature.com/
> 
> The conclusions are interesting, but I think missing a few pieces
> of data.  Every major public NAP has had service affecting incidents,
> and so far we have not seen the partioning effect Albert et al write
> about.  I've also followed a fair number problems in the private
> connections, also without major network partion beyond those networks.
> Further, the source data from NLANR doesn't pick up every possible
> connection between networks.  You should view source data as a floor(),
> not a ceil(), on the connectivity.  And finally, coordinating a physical
> attack on more than a few physical locations is hard, even with perfect
> information.
> 
> Of course, this is a false argument because it has never happened doesn't
> mean it can never happen.  But I think its important to understand why
> such an attack is hard, as well as understanding why it is possible.
> 
> On the other hand, there have been accidents (and perhaps some attacks)
> on the logical layer which have severely disrupted the Internet.  The
> interesting thing about logical attacks is you don't need perfect information
> about the network because the critical points of the network almost act as
> natural gravity wells pulling the attack towards them (using a physical
> analogy in cyberspace).
> 
> 
>