Re: Vulnerbilities of Interconnection

[alex () yuriev com]

> > > > > Lets bring this discussion to a some common ground -
> > > > >
> > > > > What kind of implact on the global internet would we see should we observe
> > > > > nearly simultaneous detonation of 500 kilogramms of high explosives at N of the
> > > > > major known interconnect facilities?
> > > >
> > > > N? Well, if you define N as the number of interconnect facilities, such
> > > > as all the Equinix sites
> > >
> > > Lets say that N is 4 and they are all in the US, for the sake of the
> > > discussion.
> >
> > Which four? Makes a big difference. And there, we just got
> > proprietary/classified. I've often wondered what difference there would
> > be in attacking cable heads instead of colo sites. Cut off the country
> > from everywhere. How bad would that be.
>
> I was under the impression that OCS/Homeland Security had already done a
> little study, perhaps aided by some other 3 letter agencies and some
> Telco's, for this very thing. I was also under the impression that the
> number of sites had to be sigificantly higher than 4 to do any real
> damage.

That study probably came from the same people who believe that Echelon can
intercept every single email sent, in addition to every phone conversation
and fax. Bankruptcies of two fiber carriers showed rather clear that those
companies themselves do not know where do they have what and what depends on
what. 

> > > > (and I'm not banging on Equinix, it's just
> > > > where we started all this) then I think globally, it wouldn't make that
> > > > much difference. People in Tokyo would still be able to reach the globe
> > > > and both coasts of the US.
> > >
> > > This presumes that the networks peer with the same AS numbers everywhere in
> > > the world, which I dont think they do.
> >
> > Hadn't thought of that. I'm not sure then of the impact.
>
> Additionally, a majority of peering, big peering, isn't on public
> exchanges is it? So, you'd have to find all the places that the larger
> providers connect to eachother and perhaps target these. Even with this
> there are the public exchanges so things 'should' fail over to them...

Interconnect sites are not public peering. It is simply a location where
the networks exchange traffic with each other. 

> This was about the result I heard, you can easily cut out 'mom and pop'
> ISP, but cutting out a large provider is a tougher task with bombs... we
> already know its possible with the right routing 'update' :(

Tell it to those whose primary facility was in one tower of WTC and backup
facility in another.


Alex