Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: BGP to doom us all

  • From: batz
  • Date: Fri Feb 28 21:04:56 2003

On Fri, 28 Feb 2003, Steven M. Bellovin wrote:

:But -- given things like the AS7007 incident, and given the possibility 
:-- probability? -- that it can happen again, can we afford to not do 
:sBGP?  My own opinion is that sophisticated routing attacks are the 
:single biggest threat to the Internet.

Without sliding into a discussion about what our worst imaginable 
attack would be, how are they more of a threat than a worm that 
saturates links? 

I am interested in how you measure the threat of attacks against 
routing protocols against that of something like slammer, as I
would think that routing problems would limit their own propagation 
much faster than say, the way slammer slowed itself down by 
saturating links.  

I am taking sophisticated routing attacks to mean specific protocol
exploitation, instead of attacks on the devices themselves. I would
even suspect that it is not possible for routing information to be 
scrambled in any widely propagated and irrepairable way, for similar 
reasons to why it can't be kept straight without constant updates. 

That is, the routes confusion will limit it's own propagation
precisely because it may no longer know how to propagate itself. Or
rather, the more valid paths valid routing information has, the more
likely it will spread, no?  

I wonder how you could test that. 



Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.