Home page logo
/

nanog logo nanog mailing list archives

RE: The Backhoe: A Real Cyberthreat?
From: "Wallace Keith" <kwallace () pcconnection com>
Date: Sat, 21 Jan 2006 02:06:38 -0500


        I for one have spoken in the past in favor of making the FCC Outage Reports public again. If you want to 
deliberatley destroy fiber infrastructure, you can gain more knowledge quicker by stepping outside your door and gazing 
upon clearly marked routes, than by reading outage reports.  Want to find a bldg where multiple carriers are housed? 
Read the carrier hotel advertisements on the internet and in print or read NANOG. 
         I have suffered more from trying to figure out (quickly) over the past few years what's going on in a multi 
carrier fiber outage situation, especially when a given carrier has IRU's on the competitor's fiber which I have also 
provisioned my redundany on (and they seem to "forget" that). Many times during outages people in NOCs are spinning in 
their chairs trying get a grip. The information that is purposely being suppressed from  the public by DHS initiatives 
with the FCC,  is also  frequently inadvertantly obfuscated within a given orginisation due to turnover, layoffs, 
mergers and acquisitions, etc. So besides government interference, we are at times our own worst enemy due to lack of 
adequate knowledge transfer and change mgmt. procedures. Imagine if you will 2 competing carriers, 1 has a cut 22.1 km 
east of X, the other 3 km west of Y, crews are dispatched, and bingo- collide at the scene.....how many times has THAT 
happened. Neither realizes they share some form of infrastructure until they are having coffee together while looking 
at the muddy hole in the ground that the contractor for a 3rd company just dug. It IS a less than perfect world within 
the industry.

On a slightly different rant - Forget attacking the glass. Take down DNS and SS7 at the same time...hmmm wonder what 
one company has a lock on a big piece of THAT. enough said. Hope their infrastructure for those things stays totally 
diverse (no offense meant). Just another thing that I think about at times...
-Keith
-----Original Message-----
From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
sgorman1 () gmu edu
Sent: Friday, January 20, 2006 3:05 PM
To: frank () dticonsulting com
Cc: nanog () merit edu
Subject: Re: The Backhoe: A Real Cyberthreat?



What data went into the system would depend on what questions you were looking to answer.  I spend most of my time 
looking at the geographic diversity of fiber routes, so I'll use that as a very simple example.  

To answer that particular set of questions you would need the fiber routes for each provider, and they would need to be 
georeferenced.  Other useful data would be the buildings lit by those fiber routes and lease costs.  Users would then 
enter the buildings they want connectivity for.  The system would find all the providers that could service that 
combination of buildings then calculate what the diversity of each provider is for that set of buildings, or what the 
diversity was if the user wanted to use more than one provider.  Each provider would be given a score for that 
particular connectivity combination and a price, or the scores for each combination of providers.  The user would then 
have a market indicator for diversity.  You could have a vairety of metrics - the total distance between network paths, 
average distance, the variance, the number of times paths come with 100 feet of each other, the number of routes that 
are colocated etc.  

The providers do not give up any proprietary data and the customers have a set of indicators to make a more informed 
choice.  Not the ideal solution, but the game was to come up with something that would be palatable to the providers.  
Companies like Last Mile Connections already keep provider supplied databases of lit buildings and prices to run 
auctions.  This would just be another indicator for customers that also value diversity and resiliency.  Protecting the 
master database would be important, but there are lots of mechanisms to do that effectively.  The metrics are the key, 
and that of course is my angle on the game.


----- Original Message -----
From: Frank Coluccio <frank () dticonsulting com>
Date: Friday, January 20, 2006 1:53 pm
Subject: Re: The Backhoe: A Real Cyberthreat?


My argument simply is if this kind of awareness 

can be made more broadly available you end up with 

a more resilient infrastructure overall.



Sean, would you care to list the route, facility, ownership and 
customer
attributes of the data base that you'd make public, and briefly 
explain the

access controls you would impose on same? 



If this is not what you originally intended, then please show me 
the way ... thanks.





Frank 



On Fri Jan 20 9:19 , sgorman1 () gmu edu sent:







   As you mentioned before this is largely because the customer 
(SIAC) was savvy

enough to set the reuirements and had the money to do it. A lot of 
that saviness

came from lessons learned from 9/11 and fund transfer. Similar 
measures were

taken with DoD's GIG-BE, again because the customer was 
knowlegable and had the

financial clout to enforce the requirements and demand the 
information.  An

anonymous data pool is just one suggestion of a market based 
mechanism to do it.



   ----- Original Message -----

   From: Michael.Dillon () btradianz com

   Date: Friday, January 20, 2006 5:37 am

   Subject: 



   >

   > > Imagine if 60 Hudson and 111 8th

   > > were to go down at the same time? Finding means to 
mitigate this

   > > threat is not frivolously spending the taxpayer's money, IMO;

   > > although perhaps removing fiber maps is not the best way to

   > > address this.

   >

   > No, removing fiber maps will not address this problem

   > now that you have pinpointed the addresses that they

   > should attack.

   >

   > Separacy is the key to addressing this problem. Separate

   > circuits along separate routes connecting separate routers

   > in separate PoPs. Separacy should be the mantra, not

   > obscurity.

   >

   > End-to-end separation of circuits is how SFTI and other

   > financial industry networks deal with the issue of continuity

   > in the face of terrorism and other disasters. In fact, now

   > that trading is mediated by networked computers, the physical

   > location of the exchange is less vulnerable to terrorists 
because
   > the real action takes place in redundant data centers connected

   > by diverse separate networks. Since 9-11 was a direct attack on

   > the financial services industry, people within the industry

   > worldwide, have been applying the lessons learned in New York.

   > Another 9-11 is simply not possible today.

   >

   > --Michael Dillon

   >

   >

   >

   > 




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]