http://www.theregister.co.uk/2009/04/16/internet_backbone_hacking/ By Dan Goodin in San Francisco The Register 16th April 2009 Network backbone technologies used to route traffic over large corporate networks are vulnerable to large-scale hijacking attacks, according to two researchers who released freely available software on Thursday to prove their point. The tools, demonstrated at the Black Hat security conference in Amsterdam, are intended to show that attacks once believed to be only theoretical are very much practical, said Enno Rey, one of the creators of the software. He developed the tools along with researcher Daniel Mende. "We think the trust models of some technologies that are widely deployed in some networks are outdated," Rey told The Register. "This is to make people aware that the technologies they use in their daily life are not as secure as they might seem. Some of the new tools attack a network data-forwarding technology known as MPLS, or multiprotocol label switching. Carriers such as Verizon, AT&T and Sprint use it to segregate one corporate customer's traffic from another's as it's shuttled from one geographic region to another. The tools make it trivial for anyone with access to the carrier's network to redirect that traffic or alter data on it. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Fri Apr 17 2009 - 02:19:46 PDT
This archive was generated by hypermail 2.2.0 : Fri Apr 17 2009 - 02:34:44 PDT