Revealed: The Internet's Biggest Security Hole | Threat Level from Wired.com: "'Pilosov's innovation is to forward the intercepted data silently to the actual destination, so that no outage occurs.'
This is not a new innovation. It is BGP Shunt where you ignore TTL decrements. This is taught as one of the core tools in the SP Security Tool Kit for over a decade (see NANOG Tutorials).
Like any tool, BGP Shunts can be used for good or bad. Today it is mostly used for good. The issue is that there is not enough BGP Security deployed. Making the whole Internet based global TELECOMMUNICATIONS system less resilient.
Posted by: Barry Raveendran Greene | Aug 26, 2008 8:39:44 PM
Barry, the innovation is the purpose for which it's being used -- to hi-jack traffic for an interception in a manner that doesn't cause an outage.
Posted by: Kim Zetter | Aug 26, 2008 8:46:10 PM
BGP Shunts are 'hi-jacking' traffic to put them through sniffers, sink holes, DDOS clean up tools, content filtering, anti-spam filtering, etc. etc. etc.
BGP Shunting to a device which does not decrement TTL is not new.
It is in use all over the Internet.
The problem is that people are not walking through the consequences to their business when they do not deploy current BGP Security BCPs. This is a big problem. The bad guys can use this"
