BGP and TCP TREASON

Lisa Kachold lisakachold at obnosis.com
Sat Oct 18 09:36:37 MST 2008


Here's a [free] discussion of BGP threats from Dan Kaminski  at DefCon 16 2008 (including information on what the HomeLand Security and NSA plan to do about it):

http://blog.wired.com/27bstroke6/2008/08/how-to-intercep.html



There's a good indepth discussion of the BGP exploit from the archives of Wired (November 2001 Umar Goldeli, A 30 minute crash-course on BGP 7 years after it was identified).



Here are the Actual SLIDES from the DefCon 16 2008 discussion of the BGP inherent flaw:

http://blog.wired.com/27bstroke6/files/edited-iphd-2.ppt



Patrick McDaniels' Trace of Current Internet BGP Exploits from 2005:

http://www.patrickmcdaniel.org/talks/deter-workshop-9-05.pdf



Here's the CERT proof of concept from 2004 for the script bgp-dosv2.pl:

http://www.us-cert.gov/cas/body/bulletins/SB2004_exploits.html



Here's the location of a BGP script from 2004 that runs the BGP Zero Window exploit of sequence numbers from the archives:

http://packetstormsecurity.org/0404-exploits/

http://packetstormsecurity.org/papers/protocols/SlippingInTheWindow_v1.0.doc



Other script examples exist in the DefCon and 2600 archives from 1995 forward.



Extra Credit: Here's the TCP Zero Window Reset exploit (3 way RST handshake exploit 1995 ) [also called "TCP TREASON"]:

http://articles.techrepublic.com.com/5100-10878_11-5201771.html


http://wapedia.mobi/en/Obnosis |  http://en.wiktionary.org/wiki/Citations:obnosis | Obnosis.com (503)754-4452
Laugh at this MSN Footer


_________________________________________________________________
Want to read Hotmail messages in Outlook? The Wordsmiths show you how.
http://windowslive.com/connect/post/wedowindowslive.spaces.live.com-Blog-cns!20EE04FBC541789!167.entry?ocid=TXT_TAGLM_WL_hotmail_092008
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.PLUG.phoenix.az.us/pipermail/plug-discuss/attachments/20081018/615cf4d3/attachment.htm 


More information about the PLUG-discuss mailing list