Border Gateway Protocol: A Gaping Security Hole in the Internet

4

Comments

+ Add a Comment
avatar

Sebastianem

Border Gateway Protocol is  a language that routers use to talk to each other and update routing tables between Autonomous Systems (AS) (i.e. one ISP to another) and has been in full use since approximately 1989 (see RFC 1105) and replaced Exterior Gateway Protocol.

What the article simply states is an attacker could 'poison' the routing tables in order to get a router to direct traffic to his/her 'malevolent network' and have a user log into their 'fake' site (for example, banking, credit card payment systems).

The fix is to institute a secure version of BGP, although all AS' would have to use the same protocol, or routing tables would become invalaid and traffic would come to a screching halt. On some equipment, an MD5 is sent with the route update as the routes change in order to verify that the message is coming from an authorized router in the network, although this can obviosly be circumvented.

avatar

Keith E. Whisman

What is the work around? What is the fix? It seems to me that this is something an enemy nation would do to a country when going to war. When will they fix this security hole and is Microsoft at all involved in this. After all Microsoft is the king of making software packed with vulnerabilities.

avatar

Wareagle

If you don't want people to see what you're doing on the Internet, make sure you use encryption.

Duh.

avatar

opulent_rigs

being involved...hehehe. Well this protocol is from the infantile days of the internet - the 70's. It is used by all ISPs and large networks to route traffic. Think of it as a protocol to manage traffic between ISPs and networks. It is the ISPs that have access to this protocol and generic users have really got nothing to do with it.

This is the first such public demonstration of an exploit. And never before have any attacks come to light, though the knowlede of the chink has existed for more than a decade. But some time ago Pakistan unintentionally hijacked all Youtube traffic of the world and this weakness in BGP was blamed. 

Log in to MaximumPC directly or log in using Facebook

Forgot your username or password?
Click here for help.

Login with Facebook
Log in using Facebook to share comments and articles easily with your Facebook feed.