funsec mailing list archives
BGP: The Internet's Biggest Security Hole
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Wed, 27 Aug 2008 01:13:10 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via Threat Level. [snip] Two security researchers have demonstrated a new technique to stealthily intercept internet traffic on a scale previously presumed to be unavailable to anyone outside of intelligence agencies like the National Security Agency. The tactic exploits the internet routing protocol BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the world, and even modify it before it reaches its destination. The demonstration is only the latest attack to highlight fundamental security weaknesses in some of the internet's core protocols. Those protocols were largely developed in the 1970s with the assumption that every node on the then-nascent network would be trustworthy. The world was reminded of the quaintness of that assumption in July, when researcher Dan Kaminsky disclosed a serious vulnerability in the DNS system. Experts say the new demonstration targets a potentially larger weakness. The man-in-the-middle attack exploits BGP to fool routers into re-directing data to an eavesdropper's network. Anyone with a BGP router (ISPs, large corporations or anyone with space at a carrier hotel) could intercept data headed to a target IP address or group of addresses. The attack intercepts only traffic headed to target addresses, not from them, and it can't always vacuum in traffic within a network -- say, from one AT&T customer to another. [snip] More: http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFItKofq1pz9mNUZTMRAr9rAKDi2t6vsqX59wlUkPFCAQjxEj4R/QCeLD3g 9fNMHPuP4sNceUXTzNANOm0= =eWqk -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- BGP: The Internet's Biggest Security Hole Paul Ferguson (Aug 26)
- Re: BGP: The Internet's Biggest Security Hole Jon Kibler (Aug 27)
- <Possible follow-ups>
- Re: BGP: The Internet's Biggest Security Hole Paul Ferguson (Aug 26)
- Re: BGP: The Internet's Biggest Security Hole Gadi Evron (Aug 27)
- Re: BGP: The Internet's Biggest Security Hole Valdis . Kletnieks (Aug 27)
- Re: BGP: The Internet's Biggest Security Hole Gadi Evron (Aug 27)