Wednesday, August 27, 2008

BGP Security issue

If you are running a lot of routers, with BGP peering, then you hopefully already know about this. If you don't use BGP, then there's not really much you can do besides plead to your upstream provider, but regardless, you probably should know.

Security researchers have revealed that there is a major flaw in BGP that allows an attacker in an arbitrary location to redirect BGP traffic to their site and then reroute it to it's intended destination.

Of course, encrypted streams would make this a non-issue, but think about all the unencrypted traffic on the internet. That's a lot of information that you don't want someone getting their hands on.