Category Archives: Infrastructure

Route Hijacking: Identity Theft of Internet Infrastructure

Peter Svensson gives an old and quite serious problem some mainstream press in this AP story from 8 May 2010:
On April 25, 1997, millions of people in North America lost access to all of the Internet for about an hour. The hijacking was caused by an employee misprogramming a router, a computer that directs data traffic, at a small Internet service provider.

A similar incident happened elsewhere the next year, and the one after that. Routing errors also blocked Internet access in different parts of the world, often for millions of people, in 2001, 2004, 2005, 2006, 2008 and 2009. Last month a Chinese Internet service provider halted access from around the world to a vast number of sites, including Dell.com and CNN.com, for about 20 minutes.

In 2008, Pakistan Telecom tried to comply with a government order to prevent access to YouTube from the country and intentionally “black-holed” requests for YouTube videos from Pakistani Internet users. But it also accidentally told the international carrier upstream from it that “I’m the best route to YouTube, so send all YouTube traffic to me.” The upstream carrier accepted the routing message, and passed it along to other carriers across the world, which started sending all requests for YouTube videos to Pakistan Telecom. Soon, even Internet users in the U.S. were deprived of videos of singing cats and skateboarding dogs for a few hours.

In 2004, the flaw was put to malicious use when someone got a computer in Malaysia to tell Internet service providers that it was part of Yahoo Inc. A flood of spam was sent out, appearing to come from Yahoo.

The Pakistani incident is illustrated in the accompanying story and video by RIPE.

This problem has been known for a long time. Why hasn’t it been fixed? Continue reading

Van Meter on Barabasi and Doyle on Internet topology and risks

rdv-hakama-0609.jpg Rodney Van Meter, co-teaching a class by Jun Murai, posts notes on why Albert-László Barabási (ALB) is both right and wrong about the Internet (it is more or less a scale-free network when considered as a network of Autonomous Systems (AS), but contrary to ALB's assumption John Doyle and others have pointed out that the bigger nodes are not central, an AS as a node would be somewhat difficult to take out all at once, there are both higher and lower layer topologies that make the Internet more robust, and the Internet's biggest problem isn't topology at all:

The most serious risks to the Internet are not to individual "nodes" (ASes), but rather stem from the near-monocropping of Internet infrastructure and end nodes, and the vulnerability of the system to human error (and political/economic considerations):

Monoculture, who would have thought it?

For that matter, the Internet's ability to reroute has been very useful to ameliorate topological link breaks at the physical layer, for example undersea cables in the Mediterranean Sea twice last year.

Fast Flux Mapped

ffcrop.png Australian HoneyNet tracks Fast Flux nodes and maps them:
Below is the current locations of the storm Fast Flux hosts. This is updated every 15 minutes from our database.

I Had to change it to only show the last 6 hours of new nodes since GoogleMaps doesn't scale very well when your reaching past a few thousand markers on a map 🙂

Fast Flux Tracking, Australian HoneyNet Project, accessed 7 Aug 2008

Fast Flux, in case you're not familiar with it, refers to various techniques used by bot herders, spammers, phishers, and the like to evade blocking by rapidly changing which IP addresses are mapped to which domain names.

-jsq

Availability Is Not Security If an Abandoned Sea Anchor Cut the Cable?

art.cable.jpg I see in some fora people are still arguing that security involves countering malicious actors, and availability alone is not security, even if people are depending on availabity.

Were all those recent cable cuts in the Med. and the Persian Gulf not security issues, even though some of the affected companies are now planning to spend $300-400m on physical security to fix the problem?

If the culprit had been a Russian mobster or Al Qaeda or the CIA rather than (in one case) an abandoned ship anchor, then it would have been security, but now it’s not?

-jsq

U.A.E. Cable Cut of 30 Jan 2008

There’s been a lot of talk about the numerous cable cuts in the Mediterranean Sea and the Persian Gulf in the past few weeks. It’s interesting to see the Internet route around damage. Here is a visualization of the first cable cut, off Alexandria, on 30 Jan 2008.

-jsq

Count ‘Em All By Hand

ButchHancock.gif I admire Matt Blaze, and I only hope he was being sarcastic in the entire post in which, after pointing out that California just decertified three major voting machine manufacturors due to massive security problems, he wrote:
How to build secure systems out of insecure components is a tough problem in general, but of huge practical importance here, since we can’t exactly stop holding elections until the technology is ready.

The best defense: Ad hominem security engineering. Matt Blaze, Exhaustive Search, 6 August 2007

Well, yes, yes we can. Continue reading

Precision Can Hide Accuracy

target.png Metrics are good, but just because they’re precise doesn’t mean they’re useful:
I’ve been thinking a little bit about “threat/vulnerability” pairing. You know the drill, go out, get a scan – match the scan data to existing exploits, and voila! You’ve got risk.

Now regular readers and FAIR practitioners know that I don’t believe this exercise gives you risk at all. In fact, in FAIR terms, I’m not sure this exercise does much for finding Vulnerability.

My Assertion To You: The industry loves T/V pairing because it is precise. It looks good on paper, and if you’re a consultant doing it, it looks like you’ve earned your hourly rate. We love The precision of T/V pairing gives us a false sense of accuracy.

Accuracy, Precision, And Threat/Vulnerability Pairing, Alex, RiskAnalys.is, 23 July 2007

He goes on to point out you also need to consider who’s likely to attack you, as in such Threat Agents, as he calls htem, may be too stupid to use a given exploit, or too smart to use it because they’ve got a better way. He recommends some statistical analysis to help out.

I’d also recommend more basic steps, such as not using IE and shifting away from other monoculture software until you’ve got a mix of software from different sources. Those things will usually get you in trouble with sales and marketing, however, because hey, they’ve never had any problems, well, not many, and it’s not their job to fix them. The precise thing isn’t necessarily the right thing.

-jsq

Crumbling Infrastructure

Dave Isenberg found this article about crumbling U.S> infrastructure by Bob Herbert in the NYTimes that quotes Felix Rohatyn “the investment banker who helped save New York City from bankruptcy in the 1970s”:
Since the beginning of the republic,” he said, “transportation, infrastructure and education have played a central role in advancing the American economy, whether it was the canals in upstate New York, or the railroads that linked our heartland to our industrial centers; whether it was the opening of education to average Americans by land grant colleges and the G.I. bill, making education basic to American life; or whether it was the interstate highway system that ultimately connected all regions of the nation.

“This did not happen by chance, but was the result of major investments financed by the federal and state governments over the last century and a half. … We need to make similar investments now.”

Our Crumbling Foundation, By BOB HERBERT, New York Times, April 5, 2007 (transcription)

Obviously we’re not just talking bridges and dams here: U.S. Internet infrastructure is just as bad.

Is letting infrastructure crumble while other countries such as China, India, Japan, and Korea busily invest for the future good risk management? I think not.

-jsq