[geeks] Internet not prepared for attack?

Chris Byrne geeks at sunhelp.org
Tue Oct 2 13:58:05 CDT 2001 

Actually they're not far off with a lot of what they are saying.

The biggest problems are those of scale, and what we've done (or not done)
to deal with it.

The original design of the internet was decentralized to avoid point source
failures i.e. problems originating with or caused by a single point.
Distributed failures, and more specifically distributed attacks were not a
part of the plan.

The fault tolerance inherent in the net depends on having multiple paths to
each single point. In a distributed attack scenario this very feature is
used to support the attack. Since there are so many possible point sources
taking so many possible routes it can be difficult to localize and
neutralize those  sources. Even if sources can be localized it can be very
difficult to seperate hostile from benign traffic, thus accomplishing the
mission of the attacker for them.

More directly relating to scale, the architecture was envisioned to provide
for a few hundred or at most a few thousand systems to be directly
connected. We've scaled up in a way so far beyond anything envisioned that
there is literally nothing short of a complete redisign of the architeture
that could deal with a deliberate, capable, and and well supported assault
on the infrastructure as a whole.

Lets break it down a bit further. At the core of the internet are high speed
trunking routers (and/or switches/adapters/multiplexers etc... depending on
the exact physical transport technologies involved) which keep a pretty good
map of where things are (logically).They are set in a limited number of
peering points where they connect to a number of other service providers
networks to pass packets and share information about routing. Most people
know about Mae West and Mae East but these peering points exist in many
locations. These systems have a finite amount of memory, and process so much
data that it would be infeasible to manually inspect and control all of that
data. If there were only a few thousand systems or even a few million
systems to deal with this wouldnt be all that much of a problem, but we are
now dealing with roughly 500 million directly connected systems and growing.
Keeping track of routing for all of these systems is getting to be a bigger
and bigger job, and IPV6 will only make that part worse not better.

So here we have a system that is already at it's limit handling the normal
loads placed on it. The overloading of any one of these peering point causes
problems which ripple throught the whole internet. A determined distributed
assault on the infrastructure of several of these systems simultaneously
would almost guarantee a collapse of the internet into local tiers. At that
point the assault would fragment and die out on it's own much like a flu
epidemic burning out as people isolate themselves, but the damage is done.

Complicating all of this is the fact that IPV4 (and really IPV6 as it
stands) provides for no means of authenticating traffic to a particular host
or user, which makes it quite easy to spoof these routing systems (as well
as any other systems). Without the ability to track traffic back to it's
true source any action taken to deal with a percieved attack may result in
the DOS of an innocent third party, which may have been the attackers intent
in the first place.

So what we have is a system that wasnt designed to handle distributed
attacks, and that has no way of localizing and elminating those attacks
which occur without duplicating the intended effects of the attack itself.
Kind of like killing the patient to cure the disease.

Honestly the only reason the net as it is today still runs is that for the
most part the people who have the skills necessary to take it down dont want
it down. These people like or love the net and want it to continue, and work
towards making sure it does.

My fear is that a nation state that is genuinely hostile to the internet
(China, Myanmar, Cambodia/Kampuchea, Afghanistan etc...) may decide to
finance and support either the training in those skills of people who don't
want the net to continue, or the operations of the few who already have
those skills and would simply like to piss the whole world off (or other
such motives, the "ha ha I'm smarter than you" syndrome doesnt just affect
skript kiddies).

The thought of a team of  criminally insane prgrammers with the vision,
skills, and motivation of  Vint Cerf, Bill Joy, Richard Stallman, Linus
Torvalds and the like, well funded and well supported by a hostile nation
state is not all that far fetched. If these people existed, and were turned
loose on the net as it is today does anyone really think it would survive?

Chris Byrne


----- Original Message -----
From: "Ken Hansen" <Ken.Hansen at ICTI-USA.com>
To: <geeks at sunhelp.org>
Sent: Tuesday, October 02, 2001 19:08
Subject: [geeks] Internet not prepared for attack?


>
> I got this in my inbox this morning, and I find it hard to believe, since
the whole *point* of the ARPANET/Internet was to be able to establish
communications inthe event of an attack (collection of peers as opposed to a
single point of control)...
>
>
> FBI, SANS Institute: Internet 'not ready' for attack
>
> The FBI and SANS Institute today released a list of the top 20
vulnerabilities
> of Internet-connected systems and urged companies to close those dangerous
holes
>  while warning again of potentially virulent cyberattacks to come.
>
> http://computerworld.com/nlt/1%2C3590%2CNAV47_STO64384_NLTPM%2C00.html
>
>
> ====
> Ken Hansen
> Group Leader, Validation
> x1305, PA Office
> _______________________________________________
> GEEKS:  http://www.sunhelp.org/mailman/listinfo/geeks

More information about the geeks mailing list