[34611] in North American Network Operators' Group
Re: Using unallocated address space - for DoS?
daemon@ATHENA.MIT.EDU (Miguel A.L. Paraz)
Wed Feb 14 09:36:26 2001
Date: Wed, 14 Feb 2001 22:32:48 +0800
From: "Miguel A.L. Paraz" <map@internet.org.ph>
To: "Steven M. Bellovin" <smb@research.att.com>
Cc: nanog@merit.edu
Message-ID: <20010214223248.A20151@mail.q-linux.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010214142140.616D535C42@berkshire.research.att.com>; from smb@research.att.com on Wed, Feb 14, 2001 at 09:21:32AM -0500
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Feb 14, 2001 at 09:21:32AM -0500, Steven M. Bellovin wrote:
> You don't have to break into the "right" router; you just have to start
> announcing the networks in a way that your peers don't -- can't --
> detect is improper.
I did not mean that the network operator was malicious. I meant, in the same
way that vulnerable servers are broken into and used for DoS, can routers
be broken into and do DoS via blackholes? I think it is hard unless you
know the right combination of vulnerable router (sniffable LAN?) and
unprotected upstream or peer.
--
http://www.internet.org.ph The Philippine Internet Resource
Mobile Voice/Messaging: +63-917-810-9728
