How To Crash the Internet 166
rudy_wayne writes "We know you can take down Web sites with Distributed Denial of Service (DDoS) attacks. We know that a government, like Egypt's, can shut down an entire country's Internet access. And, we thought we knew that you can't take down the entire Internet. It turns out we could be wrong. In a report from New Scientist, Max Schuchard, a computer science graduate student, and his buddies claim they've found a way to launch DDoS attacks on Border Gateway Protocol (BGP) network routers that could crash the Internet."
How is this news? (Score:5, Interesting)
How is this news?
we've know for years that BGP has problems.
it's broken big section of the net before.
http://en.wikipedia.org/wiki/AS_7007_incident [wikipedia.org]
Don't Panic! (Score:5, Interesting)
Re:How is this news? (Score:5, Interesting)
This is not the same type of attack -- the AS7007 problem was a route hijack attack.
The sigcomm paper describes a more basic route convergence issue with path vector protocols
The paper describes the use of packet loss to create a BGP session failure and the impact of repeated announce/withdraw traffic to slow other routers. This is also not new. However, the appropriate point of reference is "RFC 1266 - Experience with the BGP Protocol" (http://www.faqs.org/rfcs/rfc1266.html). Read section 9 -- this points to how packet loss results in BGP failures and points to how ensuring BGP packets have priority fixes this. This was published in 1991 :-) and is generally well known.
Similarly, I haven't read the referenced NDSS paper (http://www-users.cs.umn.edu/~hopper/lci-ndss.pdf) but I am also surprised that BGP holddown timers don't prevent some of the related route churn problems.