Re: Internet vulnerabilities

[Jared Mauch <jared () puck Nether net>]

On Thu, Jul 04, 2002 at 01:56:54PM -0400, Jason Lewis wrote:
> There is a lot of news lately about terrorist groups doing recon on
> potential targets.  The stories got me thinking.
>
> What are the real threats to the global Internet?
>
> I am looking for anything that might be a potential attack point.  I don't
> want to start a flame war, but any interesting or even way out there idea
> is welcome.
>
> Is it feasible that a coordinated attack could shutdown the entire net?  I
> am not talking DDoS.  What if someone actually had the skills to disrupt
> BGP on a widescale?

        There are a few interesting things on this front that could be
done.

        As in most routers the data+control plane are the same, one can
DoS the processor or router in interesting ways.

        The easiest thing to probally do would be to do some poking
and prodding in the lab of various vendors routers and see if there is
some sort of fatal update that can be sent that won't take affect until
after it has been propogated.

        Doing this could cause interesting cascade failures.  The
good news is, it wouldn't take too long until someone isolates the
injection point of such an update and turns the connection off.

        - Jared

-- 
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.