Home page logo

nanog logo nanog mailing list archives

Re: The Backhoe: A Real Cyberthreat? [ & Re: cyber-redundancy ]
From: Frank Coluccio <frank () dticonsulting com>
Date: Fri, 20 Jan 2006 08:35:51 -0600

Imagine if 60 Hudson and 111 8th
were to go down at the same time? Finding means to mitigate this
threat is not frivolously spending the taxpayer's money,

This is not only a fair question, it's the very dilemma that some of us faced
during and immediately following September 11, 2001 when laying down routes into
NJ and north to midtown from the Wall Street area of NY City held new challenges.
The attacks on that grim date and its after effects revealed that sites no longer
had necessarily to be "taken down" in the traditional sense, per se, to be
inaccessible. It was no longer only the physical integrity of building property
and underground infrastructure that was vulnerable, but the very "access" to
those facilities from a broader geographic footprint perspective, as well, was
seen as something new that had to be dealt with. 

To answer Sean Donelan's question, yes, enterprise customers and/or their agents
_do _need to have specific information on the routes in which their leased
facilities (and even dark fiber builds) are placed, ephemeral as those data might
be at times due to SP outside plant churn. They need this data in order to ensure
that they're not only getting the diversity/redundancy/separacy that they're
paying for, but because of the more fundamental reason being that it is the only
way they have to provide maximal assurances to stakeholders of the organization's

All of that having been said, up-to-date information on physical routes and
common spaces and the cables that reside within them remains among the most
problematic and opaque issues that enterprise network builders and SPs alike have
to deal with today in their quest to design and manage survivable networks. NDAs
aren't going away, and the anal nature of carriers isn't about to change anytime
soon. The best information gathering approach to double check any information
that "is" provided is very often knowing the right people to ask on an official
level, and being patient enough to wait for the right moment to ask.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]