Several news sources have been carrying a story about the DEFCON BGP hijack. While that “trick” was pretty cool it was not new. Original DEFCON paper is here: http://eng.5ninesdata.com/~tkapela/iphd-2.ppt A good collection of BGP security papers is available here: http://www.cs.cmu.edu/~dwendlan/routing/ |
donald 206 Posts Sep 3rd 2008 |
Thread locked Subscribe |
Sep 3rd 2008 1 decade ago |
Pilosov and Kapela don't claim that the attack they presented is new. They claim that it's a problem that needs to be addressed, hence the talk.
Also, while many ISPs responsibly filter routes received from customers, many others don't, and it only takes one weak link. |
Anonymous |
Quote |
Sep 4th 2008 1 decade ago |
The recent BGP hijacking demo is interesting. However, the fact that the routing has been hijacked is immediately obvious -- just do a traceroute. More insidious would be MPLS hijacking. There, the only way to tell that label switching (routing) has been hijacked would be an increase in packet latency -- which would not always be significant enough to be detectable. The biggest problem with MPLS is that service providers are in deep denial that MPLS has any security issues. They rate hijacking as an "impossibility." Worse, service providers claim that MPLS is "totally secure." They try to sell MPLS as "so secure you do not need encryption." I have even had one service provider threaten to block all IPSec traffic because it introduced "too much needless network overhead." Others have threatened to remark all IPSec traffic as default precedence and ignore customer DSCP markings. I fear that too many users of MPLS are falling for the security marketing hype that is prevalent with MPLS and they not encrypting their MPLS traffic. They forget that if their traffic crosses national borders, it is probably being monitored. If you have sensitive intellectual property that transits national borders on unencrypted MPLS networks, you can pretty much guarantee that foreign governments are stealing this information in transit for distribution to their country's companies, giving them a competitive advantage through government-sponsored industrial espionage. Using MPLS? Not encrypting? Not concerned? You should be. It could be the weakest link in your organization's security. |
Johannes 4513 Posts ISC Handler |
Quote |
Sep 7th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!