MemeStreams | MemeStreams Discussion

Create an Account

This page contains all of the posts and discussion on MemeStreams referencing the following web page: More on BGP Attacks -- Updated | Threat Level from Wired.com. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

More on BGP Attacks -- Updated | Threat Level from Wired.com
by Decius at 11:17 am EDT, Aug 27, 2008

you can read how Anton Kapela and Alex Pilosov conducted their interception of the DefCon network traffic in the slides from their talk (.ppt). Their DefCon presentation, by the way, was an unscheduled, last-minute talk that occurred at the end of the last day of the DefCon conference, so it hadn't appeared on the conference schedule.

Worth a look.

RE: More on BGP Attacks -- Updated | Threat Level from Wired.com
by Lost at 3:37 pm EDT, Aug 27, 2008

Decius wrote:
you can read how Anton Kapela and Alex Pilosov conducted their interception of the DefCon network traffic in the slides from their talk (.ppt). Their DefCon presentation, by the way, was an unscheduled, last-minute talk that occurred at the end of the last day of the DefCon conference, so it hadn't appeared on the conference schedule.
Worth a look.

You've talked about this one for a long time, right? This is a well known vulnerability, kinda like IP spoofing was well known a gazillion years before it was exploited?

RE: More on BGP Attacks -- Updated | Threat Level from Wired.com
by Decius at 4:05 pm EDT, Aug 27, 2008

Jello wrote:
Decius wrote:
you can read how Anton Kapela and Alex Pilosov conducted their interception of the DefCon network traffic in the slides from their talk (.ppt). Their DefCon presentation, by the way, was an unscheduled, last-minute talk that occurred at the end of the last day of the DefCon conference, so it hadn't appeared on the conference schedule.
Worth a look.
You've talked about this one for a long time, right? This is a well known vulnerability, kinda like IP spoofing was well known a gazillion years before it was exploited?

Yeah, but the information here about long term infrastructural remediation is interesting as well as the attack's method of using AS path prepending to enable them to transmit the traffic back to the final destination, although I think one of their presentation slides underrepresents the scope of the internet that would be excluded from their attack using this method.