[AusNOG] Internet Kill Switch???

Daniel Hood dsmhood at gmail.com
Fri Jun 18 16:20:17 EST 2010


I don't believe that's 100% correct. I know that it did draw a lot of
awareness to the issue and a number of ISPs did change their ways
which is great but a majority would have probably written down on
their task list to find a way to mitigate it but never actually gotten
around to it.

Dan.

On Fri, Jun 18, 2010 at 4:17 PM, McDonald Richards <macca at vocus.com.au> wrote:
> Actually you'll find since the little mikrotik "issue" to do with prepends
> in a route-map, most providers lock down max-as these days.
>
> Macca
>
>
> -----Original Message-----
> From: ausnog-bounces at lists.ausnog.net
> [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Daniel Hood
> Sent: Friday, 18 June 2010 4:14 PM
> To: Andrew Fort
> Cc: ausnog at ausnog.net
> Subject: Re: [AusNOG] Internet Kill Switch???
>
> Just flood BGP with a stupidly long AS path such as.
>
> 4051 4502 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
> 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503 4503
>
> Its brought down the internet successfully enough times before. While
> some carriers routers would be able to handle a request like this,
> most older routers that don't have the resources to comprehend a route
> like this would either reboot or just crash and brick. It would
> successfully bring down a majority of the internet.
>
> Especially when america is so afraid of attacks coming from China,
> Pakistan, Iran and the likes. They are biggest culprits of having old
> not-properly-configured gear.
>
> Daniel
>
> On Fri, Jun 18, 2010 at 3:58 PM, Andrew Fort <afort at choqolat.org> wrote:
>> On Fri, Jun 18, 2010 at 2:58 PM, Glenn Hocking <glenn at woosaw.com> wrote:
>>> Oh no. Hope that Conroy does not see this, he'll want one too :-(
>>>
>>>
> http://www.smh.com.au/technology/technology-news/obama-internet-kill-switch-
>>> proposed-20100618-yln6.html
>>
>> Given there are global or almost-global carriers that are not entirely
>> US owned, I can't imagine they'd allow such a risk (if legislated) to
>> exist to their business.
>>
>> Wouldn't they then look for an economical way to have circuits bypass the
> US?
>>
>> -a
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>



More information about the AusNOG mailing list