[ale] Revealed: The Internet's Biggest Security Hole

Chris Kleeschulte chris.kleeschulte at it.libertydistribution.com
Thu Sep 4 12:24:47 EDT 2008


If someone can enlighten me on this BGP thing. I remember reading  
about this years ago and it seemed pretty serious, why this story is  
being recycled is beyond me. Here is my question about this:

During my studies in Computer Science, I took a network class and  
learned about AS (autonomous systems) and what the border gateway  
protocol is. I asked the professor this question and never got an  
answer, so maybe someone here can answer this. How can I access the  
communications between edge routers in AS's. The routers that speak  
BGP. I am speaking from a computer that lives on a leaf of that AS.  
It seems like I would need to have access to one of those routers  
that are on the edge of the AS, correct?

So, if those routers are locked down pretty tight (and have routable  
ip's from my location), it seems like a somewhat contained problem.  
Sure, NOC people at your ISP can read your plain text email, but the  
average guy down the street may not be able to since he is most  
likely not receiving your packets.

I remember when I worked at an ISP and we worked with DSL traffic on  
layer 2 and thinking, "wow, even the advanced users of this network  
would never know that their traffic bounced all over layer 2 DSLAM  
devices....what must they be wondering when their ping times are 130  
ms to travel from Altanta to another host in Atlanta",  the  
connections were actually being sent up to New York and then back  
through layer 2 devices elsewhere.


thanks,

Chris



On Sep 4, 2008, at 11:57 AM, Greg Freemyer wrote:

> Everyone has said for years that the Internet is public and that
> anyone can read the data that traverses across it.
>
> If you want security, use encryption.
>
> Thus, this security hole seems way over blown to me.
>
> Greg
>
> On 9/4/08, krwatson at cc.gatech.edu <krwatson at cc.gatech.edu> wrote:
>> Revealed: The Internet's Biggest Security Hole
>>  http://www.neowin.net/news/main/08/08/27/revealed-the-internets- 
>> biggest-security-hole
>>
>>  http://tinyurl.com/6bvblu
>>
>>  keith
>>
>>  --
>>
>>  Keith R. Watson                        Georgia Institute of  
>> Technology
>>  Systems Support Specialist IV          College of Computing
>>  keith.watson at cc.gatech.edu             801 Atlantic Drive NW
>>  (404) 385-7401                         Atlanta, GA 30332-0280
>>
>>
>>  _______________________________________________
>>  Ale mailing list
>>  Ale at ale.org
>>  http://mail.ale.org/mailman/listinfo/ale
>>
>
>
> -- 
> Greg Freemyer
> Litigation Triage Solutions Specialist
> http://www.linkedin.com/in/gregfreemyer
> First 99 Days Litigation White Paper -
> http://www.norcrossgroup.com/forms/whitepapers/99%20Days% 
> 20whitepaper.pdf
>
> The Norcross Group
> The Intersection of Evidence & Technology
> http://www.norcrossgroup.com
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale



More information about the Ale mailing list