Home page logo
/

nanog logo nanog mailing list archives

Re: The Backhoe: A Real Cyberthreat?
From: sgorman1 () gmu edu
Date: Fri, 20 Jan 2006 09:19:46 -0500



As you mentioned before this is largely because the customer (SIAC) was savvy enough to set the reuirements and had the 
money to do it.  A lot of that saviness came from lessons learned from 9/11 and fund transfer.  Similar measures were 
taken with DoD's GIG-BE, again because the customer was knowlegable and had the financial clout to enforce the 
requirements and demand the information.  My argument simply is if this kind of awareness can be made more broadly 
available you end up with a more resilient infrastructure overall.  An anonymous data pool is just one suggestion of a 
market based mechanism to do it.

----- Original Message -----
From: Michael.Dillon () btradianz com
Date: Friday, January 20, 2006 5:37 am
Subject: Re: The Backhoe: A Real Cyberthreat?


Imagine if 60 Hudson and 111 8th
were to go down at the same time? Finding means to mitigate this
threat is not frivolously spending the taxpayer's money, IMO;
although perhaps removing fiber maps is not the best way to 
address this.

No, removing fiber maps will not address this problem
now that you have pinpointed the addresses that they
should attack.

Separacy is the key to addressing this problem. Separate
circuits along separate routes connecting separate routers
in separate PoPs. Separacy should be the mantra, not
obscurity.

End-to-end separation of circuits is how SFTI and other
financial industry networks deal with the issue of continuity
in the face of terrorism and other disasters. In fact, now
that trading is mediated by networked computers, the physical
location of the exchange is less vulnerable to terrorists because
the real action takes place in redundant data centers connected
by diverse separate networks. Since 9-11 was a direct attack on
the financial services industry, people within the industry 
worldwide, have been applying the lessons learned in New York.
Another 9-11 is simply not possible today.

--Michael Dillon






  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]