Interdomain Routing News Archive
(See the home page for the most recent IDR news.)
-
On December 17th, Yahoo News published an
article
about hackers attacking the router infrastructure of the Net.
The story is pretty much completely without merit. First of all, no
incidents or specific threats of hackers actually attacking routers, or
realistic ways in which they might accomplish this, are given. The bit about
using the default password sounds especially implausible. If only because
Cisco routers don't come with a default password: if you don't set a password
yourself, it is impossible to telnet to the router. I've never heard of a
BGP-running router without adequate password protection.
The idea that routers might be vulnerable to denial of service attacks
is not
completely out in left field, but adequate access control filters and
enough CPU power easily neutralize this threat.
The stuff about MD5 protection of BGP sessions is plain and simple wrong.
Have a look at some remarks about BGP passwords and MD5 in the
old news (Q3 2001)
section for better information.
(Or, better yet, read
RFC 2385.
It's just six pages.)
Secure BGP (S-BGP)
might sound like a good idea, but I'm far from sure that
making the routing system depend on something as complex and (at least
potentially) fragile as a public key infrastructure is a good idea.
"We're very sorry, but the root CA certificates expired, so there won't
be any internet today."
Besides, in the current situation each network can build all the filters it
deems necessary. This way, routes are only used when they are announced
by the neighboring network and if they're allowed through the
manually created filters. The chances of both screwing up in exactly the
same way are very small.
Also, a PKI system might open up additional
ways in which a router could be the victim of a denial of service attack.
The required RSA computations are extremely CPU intensive, so an attacker
would only have to deliver a small number of falsified routing updates
to keep a router very busy rejecting them.
-
On November the 28th, I attended the "The Next Net" conference in
Amsterdam, organized by Dutch chapter of the
Internet Society (ISOC).
The key note address was delivered by Vint "father of the Internet" Cerf,
who was in The Netherlands to pick up another
honorary Ph.D. at the University of Twente.
(Don't worry -- he has a real one from UCLA as well.)
He told the audience he is reluctant to accept credit for founding the net,
since that means receiving the majority of the blame as well, and went on
to analyse the IPv4 address depletion and the pros and cons of net-enabled
socks. He is currently
working on some interesting things (for instance, an interplanetary network
for communicating with space probes for NASA), so check out his web pages at
Cerf's Up.
Prior to The Next Net, Jaap Akkerhuis from the .nl TLD registry talked about
an analysis he made of the impact of the events of September 11th on the net.
This is the same analysis he presented at the
ICANN
general meeting mid-November.
Slides of the presentation (PDF)
Extensive archives of the ICANN meeting (but hard to find specific information)
-
On October 16th, the
London Internet Exchange (LINX),
Europe's largest interconnect point (10 Gbps),
had an outage for most of the day. News articles:
-
The Renesys Corporation has published a preliminary report indicating that
the Code Red II and Nimda worms caused a somewhat alarming instability in
global routing.
Remarkably, this instability lasted much longer than those caused by
(even quite large) outages. When important links go down, BGP converges
within minutes and remains stable after that. The worms on the other hand
made the interdomain routing system less stable for many hours.
Global Routing Instabilities during Code Red II and Nimda Worm Propagation
-
Internet Still Growing Dramatically,
says Lawrence Roberts, one of the pioneers of the ARPANET.
Older Interdomain Routng news:
third quarter 2001.
|