[ISN] Hacking internet backbones - it's easier than you think

From: InfoSec News <alerts_at_private>
Date: Fri, 17 Apr 2009 04:19:46 -0500 (CDT)
http://www.theregister.co.uk/2009/04/16/internet_backbone_hacking/

By Dan Goodin in San Francisco 
The Register
16th April 2009

Network backbone technologies used to route traffic over large corporate 
networks are vulnerable to large-scale hijacking attacks, according to 
two researchers who released freely available software on Thursday to 
prove their point.

The tools, demonstrated at the Black Hat security conference in 
Amsterdam, are intended to show that attacks once believed to be only 
theoretical are very much practical, said Enno Rey, one of the creators 
of the software. He developed the tools along with researcher Daniel 
Mende.

"We think the trust models of some technologies that are widely deployed 
in some networks are outdated," Rey told The Register. "This is to make 
people aware that the technologies they use in their daily life are not 
as secure as they might seem.

Some of the new tools attack a network data-forwarding technology known 
as MPLS, or multiprotocol label switching. Carriers such as Verizon, 
AT&T and Sprint use it to segregate one corporate customer's traffic 
from another's as it's shuttled from one geographic region to another. 
The tools make it trivial for anyone with access to the carrier's 
network to redirect that traffic or alter data on it.

[...]


_______________________________________________      
Best Selling Security Books and More!
http://www.shopinfosecnews.org/
Received on Fri Apr 17 2009 - 02:19:46 PDT

This archive was generated by hypermail 2.2.0 : Fri Apr 17 2009 - 02:34:44 PDT