Scribd Logo
Upload

Welcome to Scribd!

  • BGP Presentation

    Uploaded by

    api-317825370
    31 views15 pages
    This document discusses the Border Gateway Protocol (BGP) which is used to exchange routing information between autonomous systems on the Internet. It describes BGP's vulnerabilities like bogus messages, modified route lengths or fields that can disrupt routing. Potential attacks are also outlined such as denial of service, man-in-the-middle and route injection. The document concludes that while progress has been made, securing BGP remains difficult due to the large number of autonomous systems.

    Original Description:

    Original Title

    bgp-presentation

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses the Border Gateway Protocol (BGP) which is used to exchange routing information between autonomous systems on the Internet. It describes BGP's vulnerabilities like bogus messages, modified route lengths or fields that can disrupt routing. Potential attacks are also outlined such as denial of service, man-in-the-middle and route injection. The document concludes that while progress has been made, securing BGP remains difficult due to the large number of autonomous systems.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    31 views15 pages

    BGP Presentation

    Uploaded by

    api-317825370
    This document discusses the Border Gateway Protocol (BGP) which is used to exchange routing information between autonomous systems on the Internet. It describes BGP's vulnerabilities like bogus messages, modified route lengths or fields that can disrupt routing. Potential attacks are also outlined such as denial of service, man-in-the-middle and route injection. The document concludes that while progress has been made, securing BGP remains difficult due to the large number of autonomous systems.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 15

    BORDER GATEWAY PROTOCOL

    (BGP) SECURITY
    (Vulnerabilities, Attacks, & Countermeasures)
    Shweta Surati
    May 2nd , 2016

    Border Gateway Protocol (BGP)

    Border
    Gateway
    Protocol
    (BGP) is used to exchange
    routing
    and
    reachability
    information
    among
    autonomous systems (ASs) on
    the Internet.
    Reference: http://www.rhyshaden.com/bgp.htm

    Border Gateway Protocol (BGP)


    Its current version 4 is in the use.
    It uses a TCP connection to send routing updates.
    It is a path vector protocol.
    It uses Classless Inter-Domain Routing (CIDR) notation for IP
    addresses, i.e. A/n where A is the IP address and n is the
    prefix length.

    BGP Messages
    Open Message
    Update Message
    Notification Message
    Keepalive Message

    BGP Message Structure

    Reference- http://
    www.rhyshaden.com/bgp.htm

    Vulnerabilities
    BGP Messages- An attacker can use bogus open, keepalive,
    notification, or update messages to interrupt the BGP peer to
    peer connections.
    Unfeasible Routes Length- An attacker can modify the
    length which results in an error as the message may not to
    be analyzed properly.
    Withdrawn Routes- An attacker can cause the removal of
    existing genuine routes by modifying this field.

    Vulnerabilities (Cont...)
    Origin- Modifying this field can affect the routing decision of
    the receiving BGP speaker.
    AS_Path- An attacker can announce an AS_Path that is not
    correct which may result in routing loops.
    Next_Hop- By modifying this field an attacker could
    interrupt the forwarding of traffic between the two ASs.

    Potential Attacks
    Denial of service- This takes place when a router is flooded
    with more packets than it can handle.
    Man-In-the-Middle- This is an attack where a malicious
    party enters between two parties and gets access to private
    information.
    Peer Spoofing- The goal of this attack may be to insert
    false information into a BGP peers routing tables.

    Potential Attacks (Cont)


    TCP Resets- In this attack a forged TCP reset message is
    inserted into an existing session between the BGP peers
    which leads to dropping of the connection.
    Session Hijacking- In this attack an attacker can act as one
    of the peers in BGP session which leads to eavesdropping or
    traffic analysis.
    Route Flapping- It involves repetitive changes in BGP
    routing table which can cause overload in router.

    Potential Attacks (Cont)


    Malicious Route Injection- An attacker can send updates
    with incorrect routing information which results in
    eavesdropping or traffic analysis.
    Link Cutting Attack- In this attack one or more
    compromised AS can be used to get the knowledge of
    network routes. Using this information attacker can cut the
    genuine links and force the traffic through compromised
    node.

    Countermeasures
    Prefix Filtering- In this technique both incoming and
    outgoing prefixes are filtered. This provide security against
    malicious route injection.
    Sequence Number Randomization- Sequence numbers
    are designed to allow for reassembly of messages and
    protect against transmission errors. They offer protection
    against session hijacking and message spoofing
    TTL Security Mechanism- TTL refers to Time to Live. Using
    this field of IP packet an error message can be identified and
    denied.

    Countermeasures (Cont)
    MD5 Signature- This is the technique in which each packet
    is encrypted using MD5 cryptographic algorithm. It provides
    protection from remote attack. It assumes routers are onehop neighbors.
    IPsec- It is an IP layer protocol which can provide both
    authentication and data encryption.

    Conclusion
    BPG is very popular despite providing no performance
    and security guarantees. Various security measures
    have been proposed but there is a difficulty in
    adopting the solutions as number of autonomous
    systems are increasing on the internet. But overall
    progress has been made.

    References
    IETF, RFC 4272, BGP Security Vulnerabilities Analysis, January 2006.
    http://www.ietf.org/rfc/rfc4272.txt
    Kuhn, D. Richard, Kotikalapudi Sriram, and Douglas C. Montgomery. "SP 800-54. Border
    Gateway Protocol Security." (2007).

    BGP essentials: The protocol that makes the Internet work, Ivan Pepelnjak http://
    searchtelecom.techtarget.com/feature/BGP-essentials-The-protocol-that-makes-the-Internetwork
    Farley, Toni, Patrick Mcdaniel, and Kevin Butler. "A survey of bgp security issues and
    solutions."ACM Journal(2004).
    BGP message overview http://
    www.juniper.net/documentation/en_US/junos15.1/topics/concept/bgp-routing-messages-over
    view.html
    http://www.inetdaemon.com/tutorials/internet/ip/routing/bgp/index.shtml
    http://www.rhyshaden.com/bgp.htm

    Thank You

    You might also like