SecurityRatty: tag: bgp

Your Companies Biggest Security Hole - What is the BGP-style Vuln Lurking in Software Security?

2008-09-05 08:31:58 by Gunnar Peterson in 1 Raindrop

...BGP It's a man-in-the-middle attack. "The Internet's Biggest Security Hole" has been that interior relays have always been trusted even though they are not trustworthy That could apply word for word to how MQ Series and other enterprise messaging systems are deployed. Let's say you are a bank and have been happily running your business on a...

Tags: security, security hole, security protocols, business, business runs, business transaction backbone, improve security, message security, enforces authorization policy

YouTube hijacked by Pakistan, caused global outage!

2008-02-25 03:10:07 by Editor in Digg / Security

YouTube has been blocked by Pakistan's government because it contained blasphemous content, videos and documents". Shortly after, Pakistan shutdown YouTube globally by (possibly accidentally) hijacking their IP space via BGP

Tags: youtube, pakistan, pakistan shutdown youtube, blasphemous content, government, bgp, documents, space, possibly

It's Router Upgrade Time As AS Numbers Expand

2008-07-28 22:25:12 by Editor in Cheap Hack

...BGP routing infrastructure, are also running out, and on a similar timeline. AS numbers, like IP addresses, are allocated by RIRs (Regional Internet Registries) and the last one, based on current trends, will be gone in early 2011. As this release from APNIC (the Asia Pacific Network Information Centre, the RIR for the far east) explains ,...

Tags: internet, regional internet registries, ipv4 addresses, 32-bit, networks, network management software, addresses, 16-bit, similar timeline

It's Router Upgrade Time as AS Numbers Expand

2008-07-28 22:25:12 by Editor in Cheap Hack

...BGP routing infrastructure, are also running out, and on a similar timeline. AS numbers, like IP addresses, are allocated by RIRs (Regional Internet Registries), and the last one, based on current trends, will be gone in early 2011. As this release from APNIC (the Asia Pacific Network Information Centre, the RIR for the Far East) explains ,...

Tags: internet, regional internet registries, ipv4 addresses, 32-bit, networks, network management software, addresses, backward compatibility, 16-bit

Border Gateway Protocol Might Be Exploited On Previously Presumed To Be Unavailable Scale

2008-08-27 16:18:48 by CyberInsecure in CyberInsecure.com

...BGP (Border Gateway Protocol) to let an attacker surreptitiously monitor unencrypted internet traffic anywhere in the

Tags: border gateway protocol, internet, internet traffic, attacker surreptitiously monitor, national security agency, scale previously, tactic exploits, unavailable, protocol bgp

Fun Reading on Security - 7

2008-08-27 10:56:00 by Dr Anton Chuvakin in Anton Chuvakin Blog -

...BGP hole to dwarf the DNS hole Chris continues the virtualization and PCI DSS theme here . The jury is still out on this one, even though the common sense approach (that virtualization is OK in regards to PCI) will probably win NEWS FLASH! Privacy dies . The date of death? 1967. While reading it , think just how visionary some folks are...

Tags: security, fun, security controls resistance, stuff, fun stuff, security issues, business, bona fide business, fun pickup

Gaping hole opened in Internet's trust-based BGP protocol

2008-08-29 09:12:49 by Editor in Digg / Security

Dan Kaminsky revealed his discovery of a DNS flaw that could be exploited to direct unwitting users to malicious web addresses,Now, practically on the heels of that announcement, a hacker team that presented at DEFCON has demonstrated how a fundamental design error in the Internet's border gateway protocol can be used to invisibly eavesdrop

Tags: border gateway protocol, fundamental design error, malicious web addresses, invisibly eavesdrop, internet, dns flaw, hacker team, dan kaminsky, direct

Border Gateway Protocol (BGP) Attacks

2008-08-29 06:40:47 by schneier in Schneier on Security

This is serious stuff . (Kim Zetter's posts on the topic are excellent; read them It's a man-in-the-middle attack. "The Internet's Biggest Security Hole" (the title of that first link) has been that interior relays have always been trusted even though they are not trustworthy

Tags: kim zetter, interior relays, security hole, link, topic, internet, attack, trustworthy, excellent

Root of Trust ?

2008-09-29 18:33:27 by Richard Clayton in Light Blue Touchpaper

...BGP and DNS cannot really be trusted at the moment. Although they work just fine most of the time, they are susceptible to attacks which can mean, for example, that you visit the wrong website, or your email is intercepted Steps are now being taken, rather faster since Dan Kaminsky came up with a really effective DNS poisoning attack , to...

Tags: key, public key servers, trust, iis root key, key 0xf440ee9b, pgp, pgp nyckel-id, public key server, pgp key

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo