[ale] Revealed: The Internet's Biggest Security Hole

[Jim Popovitch]

On Thu, Sep 4, 2008 at 12:24, Chris Kleeschulte
<chris.kleeschulte at it.libertydistribution.com> wrote:
> If someone can enlighten me on this BGP thing. I remember reading
> about this years ago and it seemed pretty serious, why this story is
> being recycled is beyond me. Here is my question about this:

It's old news, with a new twist.... but still just a twist.

> During my studies in Computer Science, I took a network class and
> learned about AS (autonomous systems) and what the border gateway
> protocol is. I asked the professor this question and never got an
> answer, so maybe someone here can answer this. How can I access the
> communications between edge routers in AS's. The routers that speak
> BGP. I am speaking from a computer that lives on a leaf of that AS.
> It seems like I would need to have access to one of those routers
> that are on the edge of the AS, correct?

Yes.  You can't do this BGP twist from your home.... unless you live
in a peering complex.

> So, if those routers are locked down pretty tight (and have routable
> ip's from my location), it seems like a somewhat contained problem.
> Sure, NOC people at your ISP can read your plain text email, but the
> average guy down the street may not be able to since he is most
> likely not receiving your packets.

Yep.  It's really not a BGP "hole" has much as it's a Trust issue.  Do
you trust the neighbors you are BGP peering with.

-Jim P.