On Wed, 26 July 2000, Andrew Bender wrote:
Another lapse in editorial integrity... this time, Reuters:
The Reuters article skips over some of the important qualifiers in the Nature letter. Read the entire letter on the Nature website. http://www.nature.com/ The conclusions are interesting, but I think missing a few pieces of data. Every major public NAP has had service affecting incidents, and so far we have not seen the partioning effect Albert et al write about. I've also followed a fair number problems in the private connections, also without major network partion beyond those networks. Further, the source data from NLANR doesn't pick up every possible connection between networks. You should view source data as a floor(), not a ceil(), on the connectivity. And finally, coordinating a physical attack on more than a few physical locations is hard, even with perfect information. Of course, this is a false argument because it has never happened doesn't mean it can never happen. But I think its important to understand why such an attack is hard, as well as understanding why it is possible. On the other hand, there have been accidents (and perhaps some attacks) on the logical layer which have severely disrupted the Internet. The interesting thing about logical attacks is you don't need perfect information about the network because the critical points of the network almost act as natural gravity wells pulling the attack towards them (using a physical analogy in cyberspace).
On 26 Jul 2000, Sean Donelan wrote:
On Wed, 26 July 2000, Andrew Bender wrote:
Another lapse in editorial integrity... this time, Reuters: http://www.techweb.com/wire/story/reuters/REU20000726S0007 The conclusions are interesting, but I think missing a few pieces of data. Every major public NAP has had service affecting incidents, and so far we have not seen the partioning effect Albert et al write about.
Has anyone written Albert and pointed this out? -Dan
Sean Donelan wrote:
Andrew Bender wrote:
Another lapse in editorial integrity... this time, Reuters:
The Reuters article skips over some of the important qualifiers in the Nature letter. Read the entire letter on the Nature website. http://www.nature.com/
The conclusions are interesting, but I think missing a few pieces of data. Every major public NAP has had service affecting incidents, and so far we have not seen the partioning effect Albert et al write about.
Note also that the graph they examine is one of web pages linked to each other. Not the underlying network of fibers and routers. And, as you said, there have been catastrophic failures in the past (even as recent as last month), none of which fragmented the internet. Sure, some sites got isolated, but the majority of users didn't notice anything more than longer response times. I think there are much more important things to be worried about, like the security of the DNS system, than a coordinated attack on multiple major switching centers. -- David
At 18:16 07/26/2000 -0400, David Charlap wrote:
Sean Donelan wrote:
The Reuters article skips over some of the important qualifiers in the Nature letter. Read the entire letter on the Nature website. http://www.nature.com/
The conclusions are interesting, but I think missing a few pieces of data. Every major public NAP has had service affecting incidents, and so far we have not seen the partioning effect Albert et al write about.
I agree with Sean that the article itself is an interesting read. In fact, I'd say it's better than I expected based on the Reuters report. A key conclusion -- that elimination of a random 2.5% of the routers of the Internet would cause little harm, but elimination of the most central 2.5% of the routers would at least triple the diameter of the network -- is likely correct. (Although I don't think we needed fancy mathematics to tell us that. ;^) Sean, I don't think that they were arguing that EVERY failure would cause this kind of collapse. They were saying that a scale-free system might be particularly vulnerable to a systematic attempt to cripple its most critical elements. A failure of a single public NAP is probably well below that threshhold.
... and David Charlap wrote: Note also that the graph they examine is one of web pages linked to each other. Not the underlying network of fibers and routers...
Perhaps you read this too hastily? They appear to have evaluated both. Cheers, - Scott
"Scott" == Scott Marcus <smarcus@genuity.com> writes:
Scott> I agree with Sean that the article itself is an interesting Scott> read. In fact, I'd say it's better than I expected based on Scott> the Reuters report. A key conclusion -- that elimination Scott> of a random 2.5% of the routers of the Internet would cause Scott> little harm, but elimination of the most central 2.5% of Scott> the routers would at least triple the diameter of the Scott> network -- is likely correct. (Although I don't think we Scott> needed fancy mathematics to tell us that. ;^) Scott> Sean, I don't think that they were arguing that EVERY Scott> failure would cause this kind of collapse. They were Scott> saying that a scale-free system might be particularly Scott> vulnerable to a systematic attempt to cripple its most Scott> critical elements. A failure of a single public NAP is Scott> probably well below that threshhold. True, although I wonder how the graph would look if only the most connected (say with >= 5 peers) ASs were considered. I suspect such a graph would be fairly well meshed and so might approximate an exponential network rather than a scale-free one. In that case I imagine that the threshold would be nearer 30% than 3%. That is, a targeted attack would have to disable close to a third of the largest ASs on the internet. -w -- Will Waites \________ ww@shadowfax.styx.org\____________________________ Idiosyntactix Ministry of Research and Development\
Sean Donelan wrote:
On the other hand, there have been accidents (and perhaps some attacks) on the logical layer which have severely disrupted the Internet.
There were confirmed attacks on carrier backbone routers as early as 1994; the most damaging was by some Internet Liberation Front. Fortunately, they didn't have much clue about cisco configurations, or they could pretty much disable the entire Internet for a significant period of time. --vadim
participants (6)
-
Dan Hollis
-
David Charlap
-
Scott Marcus
-
Sean Donelan
-
Vadim Antonov
-
ww@shadowfax.styx.org