-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Ferguson wrote: > Via Threat Level. > > [snip] > > Two security researchers have demonstrated a new technique to stealthily > intercept internet traffic on a scale previously presumed to be unavailable > to anyone outside of intelligence agencies like the National Security > Agency. > > The tactic exploits the internet routing protocol BGP (Border Gateway > Protocol) to let an attacker surreptitiously monitor unencrypted internet > traffic anywhere in the world, and even modify it before it reaches its > destination. > > The demonstration is only the latest attack to highlight fundamental > security weaknesses in some of the internet's core protocols. Those > protocols were largely developed in the 1970s with the assumption that > every node on the then-nascent network would be trustworthy. The world was > reminded of the quaintness of that assumption in July, when researcher Dan > Kaminsky disclosed a serious vulnerability in the DNS system. Experts say > the new demonstration targets a potentially larger weakness. > > The man-in-the-middle attack exploits BGP to fool routers into re-directing > data to an eavesdropper's network. > > Anyone with a BGP router (ISPs, large corporations or anyone with space at > a carrier hotel) could intercept data headed to a target IP address or > group of addresses. The attack intercepts only traffic headed to target > addresses, not from them, and it can't always vacuum in traffic within a > network -- say, from one AT&T customer to another. > > [snip]
( Yawn! Old news -- at least security time-scale wise. Received SoK DVDs from BH/DC already -- its that old! ) So, I presume you were not at Defcon? Talk was a packed crowd. It was a great talk. I agree that BGP is THE big issue that remains to have a real workable fix. (Maybe the next NANOG should have a big BGP signing party?) Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAki09YEACgkQUVxQRc85QlOMqACeKMJMMVeZKg5VV01VsJ1P+F9N lnkAn2fosbfT6+7EpAiOf+2RbaJHyTLA =Frz7 -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
