[AusNOG] Telstra mobile down "nationwide"

Narelle narellec at gmail.com
Wed Feb 10 12:53:41 EST 2016


Actually there has been some good work on this by Radware and Arbor.
Granted they are vendors with boxes to sell, but their analysis is
quite well reasoned.

I can't find a link to the paper I saw recently but this blog has some
pointers to the work:
https://blog.radware.com/security/2015/02/mobile-operators-cyber-attack-risk/
the paper is called "Mobile Network Security Availability Risks in
Mobile Networks"

And, for the record, I wasn't diagnosing yesterday's fault as a DDOS
attack, rather agreeing that this sort of thing is conceivable. I took
the comment as a joke.

I also wouldn't rely on QoS to prevent DDOS attacks on its own. Nor
would I rule out the existence of spanning tree in carrier networks. A
lot of these "nodes" look an awful lot like "computers" and they get
attached to each other in all sorts of interesting ways...

But for sure, MPLS or VPLS across the core would be much, much more reliable...


Narelle
who can anticipate a chorus of "I remember a corner case where..." and
so can she...



On Wed, Feb 10, 2016 at 5:44 AM, Tony Wicks <tony at wicks.co.nz> wrote:
> No, the biggest DDOS in the world will not affect voice transit on your
> average MPLS carrier network either. QOS takes care of this, and I do not
> believe that Telstra would not have a properly setup QOS configuration.
> Sorry, the DDOS rumour is likely just a rumour based on nothing. Also,
> carriers do NOT use spanning tree unless something has gone very wrong in
> their architecture department.
>
> -----Original Message-----
> From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Narelle
> Sent: Wednesday, 10 February 2016 1:03 AM
> To: Paul Wallace <paul.wallace at mtgi.com.au>
> Cc: ausnog at lists.ausnog.net (AusNOG at lists.ausnog.net)
> <AusNOG at lists.ausnog.net>
> Subject: Re: [AusNOG] Telstra mobile down "nationwide"
>
> Oh, tsk tsk. Where have you been the last few years? Mobile networks aren't
> really TDM any more...
>
> Since 4G it's more packet than circuit. So much of the underlying
> infrastructure is packet based I wouldn't rule out a DDOS. Or a spanning
> tree failure on the underlying (ethernet) switch fabric...
>
> But, no, not this time.
>
>
> Narelle
>
>
> On Tue, Feb 9, 2016 at 10:37 PM, Paul Wallace <paul.wallace at mtgi.com.au>
> wrote:
>> Really? On a TDM network?
>>
>>
>>
>>> On 9 Feb 2016, at 6:32 PM, Mark Stewart <mark at nabc.com.au> wrote:
>>>
>>> Rumour, to be confirmed, is that it's a massive DDOS attack on the
> Telstra network.
>>>
>>> Regards,
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>



-- 


Narelle
narellec at gmail.com


More information about the AusNOG mailing list