Description: Anton Kapela and Alex Pilosov gave this talk titled "Stealing the Internet - A Routed, Wide-area, Man in the Middle Attack" at Defcon 16. The talk begins with some background about BGP basics and how it is used to route traffic, then moves on to currently known attacks on BGP and then finally describes the attack discovered by the researchers using which it is possible to MITM traffic on the Internet for any target destination.
It is important to note that the researchers have not discovered a new protocol vulnerability in BGP or anything alike, instead they have simply exploited the trust which routers have with their peers in accepting routing announcements. However, the novelty of their approach lies in the fact that before them, all such malicious announcements would lead to the attacker receiving the victim's traffic but would not allow the attacker to re-route the traffic to the intended recipient. In their attack using a method called AS path prepending that causes a select number of BGP routers to reject their deceptive advertisement, they use these ASes to forward the stolen data to its rightful recipients. This way the whole MITM attack occurs transparently without the victim noticing it.
The slides for their detailed presentation is available here.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.