Marc
------Original Message------
From: Gadi Evron
To: Frank
Cc: NANOG list
Sent: Aug 27, 2008 20:54
Subject: Re: Revealed: The Internet's Biggest Security Hole
hehe
"new". hehe
Maybe something will change now' though, it was a great and impressive
presentation, hijacking the defcon network and tweaking TTL to hide it.
On Thu, 28 Aug 2008, Frank wrote:
http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html
Two security researchers have demonstrated a new technique to stealthily
intercept internet traffic on a scale previously presumed to be unavailable
to anyone outside of intelligence agencies like the National Security
Agency.
The tactic exploits the internet routing protocol BGP (Border Gateway
Protocol) to let an attacker surreptitiously monitor unencrypted internet
traffic anywhere in the world, and even modify it before it reaches its
destination.
The demonstration is only the latest attack to highlight fundamental
security weaknesses in some of the internet's core protocols. Those
protocols were largely developed in the 1970s with the assumption that every
node on the then-nascent network would be trustworthy. The world was
reminded of the quaintness of that assumption in July, when researcher Dan
Kaminsky disclosed<http://blog.wired.com/27bstroke6/2008/07/details-of-dns.html>a
serious vulnerability in the DNS system. Experts say the new
demonstration
targets a potentially larger weakness.
"It's a huge issue. It's at least as big an issue as the DNS issue, if not
bigger," said Peiter "Mudge" Zatko, noted computer security expert and
------Original Message Truncated------
--------------------------
Marcus H. Sachs
Verizon
202 515 2463
Sent from my BlackBerry