Pulse of Truth

2279 readers

6 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 2 years ago

MODERATORS

krogoth@infosec.pub

There Were BGP Anomalies During The Venezuela Blackout (loworbitsecurity.com)

submitted 1 month ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

2 comments fedilink hide all child comments

Comments

you are viewing a single comment's thread
view the rest of the comments

[–] drkt_@lemmy.dbzer0.com 1 points 1 month ago (1 children)

Can someone explain to me what security issues BGP has? I've never looked into this aspect of networking and I only kinda know what BGP is supposed to be doing.

[–] jane232@discuss.tchncs.de 2 points 1 month ago

One option is to hijack a prefix by announcing a more specific one. This should then route traffic to the more specific prefix to your AS. You can then analyse and forward the traffic, attempt to impersonate a server within this range or simply drop the incoming packets.

As the author described, this case might be a bit more tricky, as BGP prefers shorter routes to longer ones. However, it seems that some longer-than-necessary routes were in use.