Net boffins brew poison for BGP hijacks The Border Gateway Protocol (BGP) is one of the Internet's basic pieces of plumbing technologies, but it's also so old it was designed before the security needs of a multi-billion-user network were understood. In particular, BGP is notorious for allowing sysadmins to “black-hole” huge swathes of traffic either by fat-fingering …
That's another gold star on the report cards of those wiz kids for proving once again the old addage that you can't fuck with the internet: it routes around the fuckage & then fucks back.
I'll buy a round of drinks for the team & raise my tankard in toast. Good job!
Which is why a group of researchers from Europe and America reckon they've created a framework that would let service providers neutralize a BGP hijack in minutes.
It then goes on to state as little as 5 seconds, maybe 60 seconds etc. The more important point is did the relevant agency of the country concerned get access to the data they required in this time interval or not? Let's face it, the accidental traffic diversion involving Russian and Chinese companies has intelligence gathering written all over it in which case this may not help that much at all.
Of course then there's the question of implementation. I think most protocols can (and should) be implemented through FSM design tools which write the actual executable*
I'm not sure if this will be the final word, but it sounds like a good start.
*FSM's are not Turing complete, but how many comms protocols are complex enough to demand a Turing complete processor?
@DougS: as a general rule, most providers ignore v4 advertisements smaller than /24, so advertising a /25 wouldn't help much.
Deaggregating doesn't seem much like a scaleable solution either. The whole "our crappy routers are about to run out of route memory if someone adds another 5K routes" is less of an issue these days (if you ignore the Cisco 6509 Sup720 issue from a couple of years back), but there is scope to produce an awful lot of churn as various automated mitigation systems automatically announce new prefixes willy nilly.
The issue is not that BGP is somehow out of date as a protocol, but more that there's no way of signalling trust to peers. SBGP was designed to fix this by allowing people to whether as AS was cryptographically allowed to advertise an IP block, but has never taken off: it's a bit of an all or nothing issue, and the idea of relying on the network to check whether the network is allowed is a tad circular.
Perhaps the ability to signal trust via BGP on a per AS and prefix basis might help: using communities obviously. AS's that have never existed before or prefixes that were previously advertised elsewhere could be assigned lower trust levels, allowing their advertisements to be damped.
Interesting how lax security was/is here relying on the baffling complexity to keep things working and secure in the knowledge anyone with the ability to effect things was probably in a high paying job enjoying the fruits of years of hard graft and study.
Now we are in this world were the highly skilled and knowledgable are 10 a penny and regularly reminded of it.
Oh dear.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
