3. FUTURE
COMMUNICATION
IP based communication will become
the core communication?
Scalability and reliability
communication infrastructure?
Vulnerability and security threat?
4. CORE COMMUNICATION
Access Control List?
Default password issue?
Weak password?
Unencrypted remote login?
Routing protocol vulnerability?
We will focus on Border Gateway
Protocol (BGP) now
5. BGP VULNERABILITY
BGP messages
TCP vulnerability
BGP internet man in the
middle
Documented on RFC 4272
6. BGP MESSAGES
BGP states? idle, connect, active,
opensent, openconfirm, established
BGP message? open, update, notification,
keep alive
BGP message modification to poison
routing table and Denial of Service
Complex and nearly impractical
8. TCP VULNERABILITY
BGP and TCP port 179
SPOOFED TCP RST/FIN?
TCP port flooding (SYN)
TCP session ends = BGP idle
10. BGP MAN IN THE
MIDDLE
More specific network prefix wins
Use tracroute to identify routing
from source to destination
Use route-map and AS-PATH
prepending
Static routing to give information
about next-hop-router