Interesting People mailing list archives
more on Fort N.O.C.'s
From: Dave Farber <dave () farber net>
Date: Thu, 22 Jan 2004 11:11:16 -0500
Delivered-To: dfarber+ () ux13 sp cs cmu edu Date: Wed, 21 Jan 2004 16:14:16 -0600 From: Bob Alberti <alberti () sanction net> Subject: RE: [IP] Fort N.O.C.'s To: dave () farber net X Ah yes, "Security by obscurity," http://en.wikipedia.org/wiki/Security_through_obscurity "Many people believe that 'security through obscurity' is flawed because... secrets are hard to keep." I'm glad the guys guarding the A Root Servers are up on the latest security trends. Of course, you could hide the A Root Servers at the heart of the Minotaur's maze, but they're still going to be "right over there" in cyberspace, at 198.41.0.29 : 7 so1-3-0-2488M.ar1.DCA3.gblx.net (67.17.68.33) 52.274 ms 8 InterNAP-Ken-Schmid-Ashburn-3.ge-2-3-0.ar1.DCA3.gblx.net (208.50.25.194) 50.903 ms 9 border12.ge2-0-bbnet1.wdc.pnap.net (216.52.127.17) 50.888 ms 10 verisign-9.border12.wdc.pnap.net (216.52.118.78) 50.227 ms 11 65.205.32.154 (65.205.32.154) 51.598 ms 12 65.205.32.42 (65.205.32.42) 52.234 ms 13 198.41.0.29 (198.41.0.29) 70.563 ms Reminds me of a local ISP, "Glasspath" (a casualty of the DotCom Crash), which bragged that it was safer from hackers because it was situated inside an old bank vault. http://twincities.bizjournals.com/twincities/stories/2001/08/13/story7.html Once you run that fiber through the wall of the vault, you're letting in a lot of the world. "'...If this site just vanished off the Internet, it would automatically [switch] over to one or two other locations,' Silva said. These are the so-called 'warm back-ups' that VeriSign has on stand-by at all times. The Internet never sees them, Silva says, but they can be up and running within 15 minutes and in that time Internet users wouldnt even notice a hiccup in traffic." And this process is tested... how? when? This testing is independently audited... when? by whom? These audit results are compared against what criteria? These critera are set by what body? Or are we playing fast and loose and depending on the word of a fellow who could be laid off tomorrow at the whim of a "volunteer" corporation? I'm sure that Sean Gorman would have something to say about the security value of "security by obscurity"... http://www.washingtonpost.com/ac2/wp-dyn/A23689-2003Jul7?language=printer "Using mathematical formulas, he probes for critical links, trying to answer the question: 'If I were Osama bin Laden, where would I want to attack?' "For this, Gorman has become part of an expanding field of researchers whose work is coming under scrutiny for national security reasons." So while we can rest easy that the Verisign A Root Server is protected by "obscurity", the Internet itself remains vulnerable to network-based attacks and well-placed backhoes. And the organization that's supposed to be "managing" the Internet? Too busy playing politics, consolidating power, and forging Afghani ccTLD contracts... http://www.theregister.co.uk/content/6/34883.html (previously cited here on IP) Bob Alberti, CISSP, President Sanction, Inc. Phone: (612) 486-5000 ext 211 PO Box 583453 http://www.sanction.net Mpls, MN 55458-3453 "I'd like to be secure, but how can security help day-to-day business?" -----Original Message----- From: owner-ip () v2 listbox com [mailto:owner-ip () v2 listbox com]On Behalf Of Dave Farber Sent: Wednesday, January 21, 2004 3:31 PM To: ip () v2 listbox com Subject: [IP] Fort N.O.C.'s http://www.msnbc.msn.com/Default.aspx?id=4009568&p1=01%7C%7C%7C%7C004 Fort N.O.C.'s The heart of Internet security lies in obscurity Technicians monitor Internet traffic in a Verisign network operating center. A new center has recently gone operational and will replace the one seen here. By Brock N. Meeks Reporter MSNBC Updated: 8:52 p.m. ET Jan. 20, 2004 ANYTOWN, Va. - The heart of the Internet, the so-called A root that is the Internets master addressing computer, resides here on the third floor of a nondescript four story building, housed in massive flat-black aluminum cage that looks like it could double as a gym locker for a mountain troll. All this sits in a nondescript town at the end of a nondescript ribbon of highway thats just a Little League outfielders throw from suburbia. And thats just the way VeriSign Inc., the company responsible for administering the A root, wants it. For that matter, thats just how the Department of the Homeland Security, which has designated the root servers as critical homeland security infrastructure, likes it, too. The unassuming building that houses the A root sits in a cluster of three others; the architecture looks as if it were lifted directly from a free clip art library. No signs or markers give a hint that the Internets most precious computer is inside humming happily away in a hermetically sealed room. This building complex could be any of a 100,000 mini office parks littering middle class America. Once terrorism became the buzzword and the Internet became the lynchpin of global commerce people started to get serious about their paranoia, that the Net could very well be a target. Christopher Ambler President, Ambler Internet Consulting Thats called security through obscurity, says Christopher Ambler, a long time Internet veteran and principle of Ambler Internet Consulting. And thats the first line of defense and that has traditionally been the main line of defense for root servers, Ambler says, referring to the collection of thirteen computers located around the world that act as the main arteries for all the Internets addressing traffic. But Ambler nearly chokes on the word defense noting that up until two years ago nobody gave a rats ass for security of the root servers because if the Internet went down it would have been an annoyance to some researchers and nerds. Today its a different story as the worlds economy cruises the Internets fast lane. Once terrorism became the buzzword and the Internet became the lynchpin of global commerce people started to get serious about their paranoia, that the Net could very well be a target, Ambler said. Volunteer duty In addition to the A root, which maintains the central address book for the Net and in turn sends updates to the other 12 root servers, VeriSign also administers another root server in the Washington, D.C. area but in a different facility that is miles and miles away from where the A root sits. Each of the <http://www.root-servers.org/>root servers is operated on a volunteer basis; they are scattered around the world with the U.S. operating the majority of them. These root operators are a collection of academic, non-profit, scientific and governmental institutions. Historically the root operators have formed a loose collation that coordinates and cooperates out of sense of duty, not regulation or contract. VeriSign is a publicly held company that inherited operation of the A root via an acquisition. In addition, the company runs both the .COM and .NET databases, making it one of the most powerful and influential forces in the Internet. As such, VeriSigns actions often end up being only slightly less controversial than the sport of dwarf tossing. The most recent dust-up being VeriSigns site finder product that redirected a mistyped or non-existing Web address to a VeriSign-owned search page instead of simply returning a site not found message. VeriSign was accused of hijacking such traffic and using it to potentially profit from. The company has temporarily shut down the site while it reviews its options. While controversy is a by-product of being the biggest player in the game there also are advantages. The biggest is in the amount of money available to throw into security and VeriSign isnt shy about touting the $150 million it has invested in various security measures. But that figure isnt just what VeriSign spends on securing the root servers -- that money also buys protection for a host of services VeriSign provides. The root servers are unwitting benefactors of a company carrying out its fiduciary responsibility to to protect its entire business line. From our perspective, I think that clearly we are the leader in that particular area, that we provide more back-ups than anyone else does, says Ken Silva, vice president of Network Security for VeriSign. The advantage of us running the root servers that we run is that we do invest in this infrastructure, said Silva, a 20 year veteran of the nations top spy agency, the National Security Agency. He believes that none of the other root server operators can match VeriSigns investment. Inner chamber While security outside the VeriSign building is non-existent, inside is another story. An electronic badge is required to get into the reception area. Visitors are tagged and bagged and made to sign de facto non-disclosure agreements before being lead to an elevator. Another badge is needed to access floors three and four. Off the elevator and again badges are needed to access any of a dozen doors. Access to the Network Operations Center, the NORAD of the Internets traffic monitoring, requires the electronic badge and then a double biometric hand print scan. Silva offers up his badge and then scans his hand. The door clicks open and he herds his small group into a much smaller hallway, briskly steps to another door, swipes his badge and reaches to place his hand on the second biometric scanner. Abruptly he pulls his hand away, like a small child sensing the heat radiating from a stove burner. Can you pull that door closed? I didnt hear it click, he asks of the person standing nearest to the first door. Click. Silva offers up his second hand scan and the door to the NOC opens. Inside there is plush carpeting and the hushed atmosphere of a library. The NOC is ringed in tasteful subdued lighting more suited to seduction than network protection. In front there are 13 huge flat panel monitors. One of the screens shows Internet data loads on the root servers all over the world. Its the same screen that the Department of Homeland Security has real-time access to. Along the sides of the room CNN and CNN Headline News are playing; the techs monitor the world news in case of natural disaster. When asked why only one of the 24-hour cable news networks is being monitored Silva says a bit sheepishly, Oh yeah, we should have switched that [to MSNBC] I suppose. It is in this place, on these monitors, Silva says, that VeriSigns technicians would be among the first to see any tell-tale sign that the Net was melting down. But frankly, theres little chance of that happening, he says. On a scale of one-to-ten, ten being highest for the potential of the Internet totally crashing, Id give it a three, Silva says. The Internet is more resilient that people give it credit for, he says. Should the A root fail for any reason... somehow if this site just vanished off the Internet, it would automatically [switch] over to one or two other locations. Ken Silva VeriSign VP of Network Security Even if someone managed to simultaneously take out all 13 root servers in some kind of coordinated attack there are back-ups in place to shoulder the load. Should the A root fail for any reason, sudden network drop or a backhoe out there [cutting a line], somehow if this site just vanished off the Internet, it would automatically [switch] over to one or two other locations, Silva said. These are the so-called warm back-ups that VeriSign has on stand-by at all times. The Internet never sees them, Silva says, but they can be up and running within 15 minutes and in that time Internet users wouldnt even notice a hiccup in traffic, Silva says, owing to the fact that the majority of a users web experience is cached on a local Internet Service Provider. Contracted responsibility The other root server operators arent investing at VeriSign levels in security measures, but they are cutting deals that, in essence, allow a root server to clone itself on computers owned by other willing organizations. This type of redundancy provides powerful disaster preparedness. But there is no requirement or regulation placed on these root server operators compelling them to practice good Internet security. The Internet Corporation for Assigned Names and Numbers (ICANN), a non-profit body contracted to the U.S. government to help administer the Internet and oversee the doling out of domain names, drafted a Memorandum of Understanding (MoU) that sets out recommended minimum security standards for all root operators. But nothing in the ICANN document carries the force of law. That begs the question of whether the root operators should be under contract to ICANN to run the roots. The root server operators have no contract with anyone, no guarantee of level of service, they could turn [the root servers] off tomorrow with no consequences at all because they are doing it out of the kindness of their heart, said Internet consultant Ambler. ICANN needs contracts with the root server operators that specify minimum levels of service and minimum levels of security and the root servers need to be paid for that, he said. Internet pioneer Dave Farber said he would like to see the root server operators held accountable for creating a secure environment. However, Farber said hes not in favor of mandating how that should be accomplished because thats going to give you diversity, otherwise its the old Microsoft Windows game: if everyone is using the same software and someone finds a hole then everyone is vulnerable at that point. Variety is the spice of life. But in a contract situation, where there are strict performance clauses and requirements, legal liability issues will inevitably crop up, Farber said, as would the issues of who do you sue and where do you sue. I think its a bag of worms, he said. © 2004 MSNBC Interactive ------------------------------------- You are subscribed as alberti () sanction net To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Fort N.O.C.'s Dave Farber (Jan 21)