On Wed, 14 February 2001, "Miguel A.L. Paraz" wrote:
On Wed, Feb 14, 2001 at 09:21:32AM -0500, Steven M. Bellovin wrote:
You don't have to break into the "right" router; you just have to start announcing the networks in a way that your peers don't -- can't -- detect is improper.
I did not mean that the network operator was malicious. I meant, in the same way that vulnerable servers are broken into and used for DoS, can routers be broken into and do DoS via blackholes? I think it is hard unless you know the right combination of vulnerable router (sniffable LAN?) and unprotected upstream or peer.
Once again, you don't need to break into someone else's routers. This isn't an exploit list, so I'm not going to post a cookbook on how to do it. But due to the limited protection in some networks, it remains a relatively simple attack or accident waiting to happen. Why break into a bank, when you can push a button on the side of the building and money comes out. Unlike a cash machine, where you need to know at least a PIN in addition to some working bank account number, you can wipe out almost any IP address you don't like with essentially no authentication.