On Thu, Jul 04, 2002 at 02:01:16PM -0400, Jared Mauch wrote:
Is it feasible that a coordinated attack could shutdown the entire net? I am not talking DDoS. What if someone actually had the skills to disrupt BGP on a widescale?
There are a few interesting things on this front that could be done.
As in most routers the data+control plane are the same, one can DoS the processor or router in interesting ways.
I can't quite picture Osama leading a crack team of BGP commandos on a jihad against the internet... Maybe blowing up some important net targets, or cutting some important fiber (and then leaving anti-personnel mines for the people who come to splice it)... Though if they took out the MAE's, I think routing would improve. :) I've always wondered if someone could get away with colo'ing explosives at major locations. Take a large computer or router chassis (a 12016 would do nicely, or some Sun gear), fill it with explosives, and colo it... It could even be operated over the internet, running "bombd" as it were. Or what about an attack against the people running the net, say a NANOG or IETF meeting... Or maybe something more constructive, like MPLSCon... But I'm sure there are probably more subtile ways to do it. As with all good vulnerabilities, it takes someone who is working on the inside to REALLY know how to muck things up... Fortunately the terrorists seem to be concerned with killing thousands of innocent people and scaring millions, not pissing off a few nerds and disrupting eBay's profit margin for a week. As much as we like to think we are important, I'd hardly put them in the same class. -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)