February 7, 2014 archive
Feb 07
TDYR #093 – A Great Afternoon Of Skiing, And The Sounds Of Skiing
Feb 07
Great Video About The Sport Of Curling In Petersham, MA!
Recently WWLP-TV22 recorded a great video segment about curling at the Petersham Curling Club as part of their “Mass Appeal” show. The video gives a great overview of the sport of curling and shows how open the sport is to anyone to participate. (And if you are interested in trying out curling yourself, the Petersham Curling Club has open houses about curling coming up on February 8, 16 and 20!)
And if you think this looks like a great kind of club to have in Keene, please sign up to help us! (And please read our vision of what we are trying to do.)
Feb 07
Great Video About The Sport Of Curling In Petersham, MA!
Recently WWLP-TV22 recorded a great video segment about curling at the Petersham Curling Club as part of their “Mass Appeal” show. The video gives a great overview of the sport of curling and shows how open the sport is to anyone to participate. (And if you are interested in trying out curling yourself, the Petersham Curling Club has open houses about curling coming up on February 8, 16 and 20!)
And if you think this looks like a great kind of club to have in Keene, please sign up to help us! (And please read our vision of what we are trying to do.)
Feb 07
BGP Hijacking In Iceland And Belarus Shows Increased Need for BGP Security
Want to understand better why we need to secure the Border Gateway Protocol (BGP) to make the Internet’s routing infrastructure more secure? Just read this article on Wired’s site, “Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet“, or the corresponding post on the Renesys blog, “The New Threat: Targeted Internet Traffic Misdirection“. The key point is that attackers are abusing BGP to hijack the routing of traffic off to a another network - but without the end-user having any clue that their traffic was diverted. As noted by Jim Cowie on the Renesys blog:
What makes a Man-in-the-Middle routing attack different from a simple route hijack? Simply put, the traffic keeps flowing and everything looks fine to the recipient. The attackers keep at least one outbound path clean. After they receive and inspect the victim’s traffic, they release it right back onto the Internet, and the clean path delivers it to its intended destination. If the hijacker is in a plausible geographic location between the victim and its counterparties, they should not even notice the increase in latency that results from the interception. It’s possible to drag specific Internet traffic halfway around the world, inspect it, modify it if desired, and send it on its way. Who needs fiberoptic taps?
He goes on to illustrate with an example where traffic was diverted to an ISP in Belarus:
In February 2013, we observed a sequence of events, lasting from just a few minutes to several hours in duration, in which global traffic was redirected to Belarusian ISP GlobalOneBel. These redirections took place on an almost daily basis throughout February, with the set of victim networks changing daily. Victims whose traffic was diverted varied by day, and included major financial institutions, governments, and network service providers. Affected countries included the US, South Korea, Germany, the Czech Republic, Lithuania, Libya, and Iran.
The article shows several graphical examples of how the network traffic was routed though the Belarusian ISP, such as this one:
The Renesys blog post goes on to show examples from a second series of incidents related to an ISP in Iceland, including one where traffic from one network in Denver, Colorado, went to another network in Denver… by way of Iceland!
As both the Wired article and the Renesys post say, the attackers behind these attacks have not yet been identified, and may well never be. This kind of attack, though, is being seen on an increased basis.
This is why we’ve opened up our new topic area on Securing BGP. We collectively need to all work together to make the Internet’s routing infrastructure more secure and more resilient against these type of attacks. We’ll be working over the months ahead to add more content to this site – and we could use your help finding or writing items on our “Securing BGP Content Roadmap”. If you operate a network router, we would also encourage you to join our Routing Resiliency Survey so that we can help in the effort to collect data about what kind of BGP attacks are being seen.
We need to prevent these type of hijackings from happening – and we need your help to do so!