Re: Using unallocated address space - for DoS?
In message <20010214215512.A19817@mail.q-linux.com>, "Miguel A.L. Paraz" writes :
On Tue, Feb 13, 2001 at 09:47:15PM -0800, Sean Donelan wrote:
Unfortunately this is not a unique occurance. Cable&Wireless, Sprint, AT&T and UUNET have all had portions of their service knocked off the Internet for various periods of time due to bogus announcements. Until other ISPs fix their policies, I can knock your network off most of the Internet, and there is nothing you can do to prevent it.
I hope this is a remote possibility, but what are the chances of someone malicious breaking into the "right" router and blackholing the worst possible networks? If this is done, how long till it can be remedied?
You don't have to break into the "right" router; you just have to start announcing the networks in a way that your peers don't -- can't -- detect is improper. --Steve Bellovin, http://www.research.att.com/~smb
On Wed, Feb 14, 2001 at 09:21:32AM -0500, Steven M. Bellovin wrote:
You don't have to break into the "right" router; you just have to start announcing the networks in a way that your peers don't -- can't -- detect is improper.
I did not mean that the network operator was malicious. I meant, in the same way that vulnerable servers are broken into and used for DoS, can routers be broken into and do DoS via blackholes? I think it is hard unless you know the right combination of vulnerable router (sniffable LAN?) and unprotected upstream or peer. -- http://www.internet.org.ph The Philippine Internet Resource Mobile Voice/Messaging: +63-917-810-9728
participants (2)
-
Miguel A.L. Paraz
-
Steven M. Bellovin