View IT Assist in a larger map 

Easy ways to get the answers you need. Chat now or call/sms us at +678 7799677 or +6787799618.
We also provide remote support via Team Viewer.

Chinese ISP 'hijacks' bits of the web

According to reports, a configuration error on a Border Gateway
Protocol (BGP) router resulted in IDC China, a small Chinese ISP,
briefly declaring itself responsible for routing to around 37,000 IP
networks. The Border Gateway Protocol is used by routers to indicate
which networks (autonomous systems, AS) they are responsible for and
which other networks they can access.

The networks (BGP prefixes) to which the Chinese ISP announced routes
primarily belonged to ISPs in the US and China. The affected networks
are reported to have included Dell, CNN, Apple, www.amazon.de,
www.rapidshare.com and www.geocities.jp.

On attempting to visit affected websites, some users found themselves
directed to the Chinese ISP's network. According to BGPmon.net,
Deutsche Telekom also temporarily adopted the erroneous routes, but
because existing known routes to the networks in question were
generally shorter, in most cases the packets were not misdirected via
IDC China. BGPmon.net reports that this was also the case for the
majority of US ISPs. Users in Asia are likely to have been most
affected by the problem.

This kind of incident is not unprecedented, but it reiterates how
sensitive linking autonomous systems via BGP is and how easily it can
be manipulated. By releasing specially crafted BGP information, an ISP
can in principle divert traffic to specific networks through its own
network and eavesdrop on that traffic. Hackers at the Defcon 2008
security conference demonstrated that they were also able to divert
and eavesdrop on internet data by manipulating BGP. An attempt by
Pakistan to block access to YouTube has achieved legendary status.
They announced on their border gateway a special route to the YouTube
servers which pointed to the null device. This rapidly propagated
through the internet, resulting in packets addressed to YouTube from
all over the world landing in a digital waste pile in Pakistan.

'Prefix Hijacking MitigationPDF' details potential methods of
manipulation and proposed defensive measures. Network operators are
also considering protecting routing information cryptographically.

No comments:

Post a Comment