nanog mailing list archives

Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm]

From: Sean Donelan <sean () donelan com>
Date: Mon, 24 Nov 2003 23:00:22 -0500 (EST)


On Mon, 24 Nov 2003, Stuart Staniford wrote:

So it would seem that worms are, at a minimum, not a simple or
unproblematic capacity management problem.


Things are rarely as simple as they appear.  Even buying a military
grade black box may not solve the worm problem.

There are some natural choke points in the Internet between ISPs and
customers.  The customer may have a 1000 Mbps GigE LAN and the ISP may
have an OC192 backbone, but the link between them is normally much
smaller. Slammer, Blaster, etc had very little impact on the major ISP
backbones, but did severaly congest some of the smaller choke points.  Go
ahead and ask UUNET, Sprint, AT&T, etc. what impact the worms had their
networks.

ISPs don't have (much) control over third-party computers. But they can
control their network capacity.  Of course, its not a complete solution.
If you are a mid-level ISP, you may have a choke point to your customer
but are vulnerable from your upstream provider. A better designed worm
could impact even major backbones.

Current thread:

Re: Santa Fe city government computers knocked out by worm, (continued)
- - - Re: Santa Fe city government computers knocked out by worm Alex Yuriev (Nov 17)
    - Re: Santa Fe city government computers knocked out by worm Scott Francis (Nov 17)
    - Re: Santa Fe city government computers knocked out by worm Alex Yuriev (Nov 17)
    - Re: Santa Fe city government computers knocked out by worm Scott Francis (Nov 17)
    - Re: Santa Fe city government computers knocked out by worm kenw (Nov 17)
- Re: Santa Fe city government computers knocked out by worm Sean Donelan (Nov 16)
  - Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Stuart Staniford (Nov 24)
    - Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] jmalcolm (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Stuart Staniford (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] jmalcolm (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Sean Donelan (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Stuart Staniford (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Rob Thomas (Nov 24)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Sean Donelan (Nov 25)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Rob Thomas (Nov 25)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Petri Helenius (Nov 28)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Sean Donelan (Nov 28)
    - Message not available
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Daniel Senie (Nov 28)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Stephen J. Wilcox (Nov 28)
    - Re: Worm Bandwidth [was Re: Santa Fe city government computers knocked out by worm] Petri Helenius (Nov 29)
- RE: Santa Fe city government computers knocked out by worm Jeffrey Paul (Nov 17)

(Thread continues...)