[167274] in North American Network Operators' Group
=?UTF-8?Q?Re=3A_Someone=E2=80=99s_Been_Siphoning_Data_Through_a_Huge_S?=
daemon@ATHENA.MIT.EDU (Brandon Galbraith)
Fri Dec 6 13:39:28 2013
In-Reply-To: <9609A22F-5397-4084-8162-146321E7465E@puck.nether.net>
Date: Fri, 6 Dec 2013 12:39:16 -0600
From: Brandon Galbraith <brandon.galbraith@gmail.com>
To: Jared Mauch <jared@puck.nether.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
If your flows are a target, or your data is of an extremely sensitive
nature (diplomatic, etc), why aren't you moving those bits over
something more private than IP (point to point L2, MPLS)? This doesn't
work for the VoIP target mentioned, but foreign ministries should most
definitely not be trusting encryption alone.
brandon
On Fri, Dec 6, 2013 at 12:05 PM, Jared Mauch <jared@puck.nether.net> wrote:
>
> On Dec 6, 2013, at 12:38 PM, Eugen Leitl <eugen@leitl.org> wrote:
>
>>
>> http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/
>>
>> Someone=E2=80=99s Been Siphoning Data Through a Huge Security Hole in th=
e Internet
>> ...
>
>> In 2008, two security researchers at the DefCon hacker conference
>> demonstrated a massive security vulnerability in the worldwide internet
>> traffic-routing system =E2=80=94 a vulnerability so severe that it could=
allow
>> intelligence agencies, corporate spies or criminals to intercept massive
>> amounts of data, or even tamper with it on the fly.
> ...
>
> Yes, nothing new to see here, networks don't do BGP filtering well, no Fi=
lm at 11?
>
> I've detected 11.6 million of these events since 2008 just looking at the
> route-views data. Most recently the past two days 701 has done a large M=
ITM of
> traffic.
>
> In other news, you can go read the other thread on this that happened alr=
eady.
>
> http://mailman.nanog.org/pipermail/nanog/2013-November/062257.html
>
> - Jared
>
>
