Here's a [free] discussion of BGP threats from Dan Kaminski  at DefCon 16 2008 (including information on what the HomeLand Security and NSA plan to do about it):
http://blog.wired.com/27bstroke6/2008/08/how-to-intercep.html

There's a good indepth discussion of the BGP exploit from the archives of Wired (November 2001 Umar Goldeli, A 30 minute crash-course on BGP 7 years after it was identified).

Here are the Actual SLIDES from the DefCon 16 2008 discussion of the BGP inherent flaw:
http://blog.wired.com/27bstroke6/files/edited-iphd-2.ppt

Patrick McDaniels' Trace of Current Internet BGP Exploits from 2005:
http://www.patrickmcdaniel.org/talks/deter-workshop-9-05.pdf

Here's the CERT proof of concept from 2004 for the script bgp-dosv2.pl:
http://www.us-cert.gov/cas/body/bulletins/SB2004_exploits.html

Here's the location of a BGP script from 2004 that runs the BGP Zero Window exploit of sequence numbers from the archives:
http://packetstormsecurity.org/0404-exploits/
http://packetstormsecurity.org/papers/protocols/SlippingInTheWindow_v1.0.doc

Other script examples exist in the DefCon and 2600 archives from 1995 forward.

Extra Credit: Here's the TCP Zero Window Reset exploit (3 way RST handshake exploit 1995 ) [also called "TCP TREASON"]:
http://articles.techrepublic.com.com/5100-10878_11-5201771.html

http://wapedia.mobi/en/Obnosis |  http://en.wiktionary.org/wiki/Citations:obnosis | Obnosis.com (503)754-4452

Laugh at this MSN Footer



Want to read Hotmail messages in Outlook? The Wordsmiths show you how. Learn Now