Re: Someone¹s Been Siphoning Data Through a Huge Security Hole in the Internet

Brandon Galbraith brandon.galbraith at gmail.com
Fri Dec 6 19:01:14 UTC 2013


An attacker who can "only" attack BGP is different than someone who
can splice into your undersea cables undetected. Prepare for the worst
appears to be the best SOP now.

On Fri, Dec 6, 2013 at 12:44 PM, Warren Bailey
<wbailey at satelliteintelligencegroup.com> wrote:
> That didn¹t seem to work for google.. ;)
>
> On 12/6/13, 9:39 AM, "Brandon Galbraith" <brandon.galbraith at gmail.com>
> wrote:
>
>>If your flows are a target, or your data is of an extremely sensitive
>>nature (diplomatic, etc), why aren't you moving those bits over
>>something more private than IP (point to point L2, MPLS)? This doesn't
>>work for the VoIP target mentioned, but foreign ministries should most
>>definitely not be trusting encryption alone.
>>
>>brandon
>>
>>On Fri, Dec 6, 2013 at 12:05 PM, Jared Mauch <jared at puck.nether.net>
>>wrote:
>>>
>>> On Dec 6, 2013, at 12:38 PM, Eugen Leitl <eugen at leitl.org> wrote:
>>>
>>>>
>>>> http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/
>>>>
>>>> Someone¹s Been Siphoning Data Through a Huge Security Hole in the
>>>>Internet
>>>> ...
>>>
>>>> In 2008, two security researchers at the DefCon hacker conference
>>>> demonstrated a massive security vulnerability in the worldwide internet
>>>> traffic-routing system ‹ a vulnerability so severe that it could allow
>>>> intelligence agencies, corporate spies or criminals to intercept
>>>>massive
>>>> amounts of data, or even tamper with it on the fly.
>>> ...
>>>
>>> Yes, nothing new to see here, networks don't do BGP filtering well, no
>>>Film at 11?
>>>
>>> I've detected 11.6 million of these events since 2008 just looking at
>>>the
>>> route-views data.  Most recently the past two days 701 has done a large
>>>MITM of
>>> traffic.
>>>
>>> In other news, you can go read the other thread on this that happened
>>>already.
>>>
>>> http://mailman.nanog.org/pipermail/nanog/2013-November/062257.html
>>>
>>> - Jared
>>>
>>>
>>
>



More information about the NANOG mailing list