[AusNOG] Telstra mobile down "nationwide"

Paul Wallace paul.wallace at mtgi.com.au
Wed Feb 10 13:00:12 EST 2016 

about as likely as DDOS bringing down the power grid

all the targets elements are deep inside their networks so not visible to the outside world

no doubt it'll somehow happen someday though given the reports on compromised ACLs & other low levels control elements around the world.

-P




-----Original Message-----
From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Narelle
Sent: Wednesday, 10 February 2016 11:54 AM
To: Tony Wicks
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] Telstra mobile down "nationwide"

Actually there has been some good work on this by Radware and Arbor.
Granted they are vendors with boxes to sell, but their analysis is quite well reasoned.

I can't find a link to the paper I saw recently but this blog has some pointers to the work:
https://blog.radware.com/security/2015/02/mobile-operators-cyber-attack-risk/
the paper is called "Mobile Network Security Availability Risks in Mobile Networks"

And, for the record, I wasn't diagnosing yesterday's fault as a DDOS attack, rather agreeing that this sort of thing is conceivable. I took the comment as a joke.

I also wouldn't rely on QoS to prevent DDOS attacks on its own. Nor would I rule out the existence of spanning tree in carrier networks. A lot of these "nodes" look an awful lot like "computers" and they get attached to each other in all sorts of interesting ways...

But for sure, MPLS or VPLS across the core would be much, much more reliable...


Narelle
who can anticipate a chorus of "I remember a corner case where..." and so can she...



On Wed, Feb 10, 2016 at 5:44 AM, Tony Wicks <tony at wicks.co.nz> wrote:
> No, the biggest DDOS in the world will not affect voice transit on 
> your average MPLS carrier network either. QOS takes care of this, and 
> I do not believe that Telstra would not have a properly setup QOS configuration.
> Sorry, the DDOS rumour is likely just a rumour based on nothing. Also, 
> carriers do NOT use spanning tree unless something has gone very wrong 
> in their architecture department.
>
> -----Original Message-----
> From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of 
> Narelle
> Sent: Wednesday, 10 February 2016 1:03 AM
> To: Paul Wallace <paul.wallace at mtgi.com.au>
> Cc: ausnog at lists.ausnog.net (AusNOG at lists.ausnog.net) 
> <AusNOG at lists.ausnog.net>
> Subject: Re: [AusNOG] Telstra mobile down "nationwide"
>
> Oh, tsk tsk. Where have you been the last few years? Mobile networks 
> aren't really TDM any more...
>
> Since 4G it's more packet than circuit. So much of the underlying 
> infrastructure is packet based I wouldn't rule out a DDOS. Or a 
> spanning tree failure on the underlying (ethernet) switch fabric...
>
> But, no, not this time.
>
>
> Narelle
>
>
> On Tue, Feb 9, 2016 at 10:37 PM, Paul Wallace 
> <paul.wallace at mtgi.com.au>
> wrote:
>> Really? On a TDM network?
>>
>>
>>
>>> On 9 Feb 2016, at 6:32 PM, Mark Stewart <mark at nabc.com.au> wrote:
>>>
>>> Rumour, to be confirmed, is that it's a massive DDOS attack on the
> Telstra network.
>>>
>>> Regards,
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>



-- 


Narelle
narellec at gmail.com
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog

More information about the AusNOG mailing list