16356080
submission
Barlaam writes:
Renesys describes new evidence that the Iranian national telecommunications provider, DCI, is selling (uncensored?) Internet connectivity to customers in neighboring Iraq and Afghanistan:
"The Internet connectivity outreach that we now see in the global routing tables seems like continuing evidence of Iran's long-term strategy: aggressively pursuing bilateral infrastructure and investment projects with its neighbors, in ways that will increase Iran's regional influence after the Americans have moved on."
3513469
submission
Barlaam writes:
A bug by router vendor A (omitting a range check from a critical field in the configuration interface) tickled a bug from router vendor B (dropping BGP sessions when processing some ASPATH attributes with length very close to 256), causing a ripple effect that caused widespread global routing instability last week. The flaw lay dormant until one of vendor A's systems was deployed in an autonomous system whose ASN, modulo 256, was greater than 250. At that point, the Internet was one typo away from disaster. Other router vendors, who were not affected by the bug, happily propagated the trigger message to every vulnerable system on the planet in about 30 seconds. Few people appreciate how fragile and unsecured the Internet's trust-based critical infrastructure really is — this is just the latest example.
699063
submission
Barlaam writes:
It shouldn't be too hard to see that you could end up answering every DNS query from an organization that came to you for an updated list of root name servers. Every one. And you might end up doing this for a very long time, especially if your answers were largely correct. An attack like this would have no resemblance to the YouTube hijack, where the entire planet gets a blank page and it's immediately apparent that something isn't right. Obvious events like this will continue to occur, and we'll continue to resolve them relatively quickly. But as this incident demonstrates, DNS hijacks are far less obvious and potentially far more harmful.