The Achilles heel of the Internet – The leaky border gateway protocol




Internet dates back to the eighties and it shows. It’s no secret that protocols such as TCP / IP and DNS are not exactly perfect, and the day would be designed totally differently today. So has tcp / ip originally not a form of encryption.

One of the techniques that are fundamental to the operation of the Internet is perhaps the most flawed and yet relatively unknown. The Border Gateway Protocol ties together all the individual networks, but does so in a way that really does not fit with the Internet of today.

To be able to understand it is first necessary to know what the bgp (Do you work for an ISP, please go safely through to the next page). Bgp without the Internet would be a large collection of individual networks that can not talk to each other. BGP ensures that networks can meet.

In a sense, the BGP is similar to the DNS. Where the dns telling which IP address belongs to a domain, the bgp ensures that providers know which network then associated with that IP address. That is not trivial; The Internet consists of hundreds of thousands of networks, which is always impossible to know each other where they are located. If you own network constructs with different routes, which you can still manually enter, but the Internet is not realistic. There are so many possible routes, which may also change, that there is a way to automate it.
Gossip-based protocol

That way it is bgp. The way it works is relatively simple bgp. Each border gateway protocol router tells the BGP routers which it is connected which routes the autonomous system of which he accepts a part, for example, route 202.22.22 / 30. Autonomous systems for example, Internet service providers and large Internet companies. Then again those routers tell their “neighbors” that you can turn to that router for packets in that series.

In this way routers can automatically build a routing table. If a user from Australia wants to visit a website in Iceland, which route through the bgp accessed directly, although a route is likely to be little used. Tcp / ip or udp then ensures that those packets are actually in place, but without bgp which would transport protocols like a headless chicken operation.

The protocol often works fine, but what the authors of the first version of the bgp could not imagine, that the internet would evolve into a place where people are not necessarily honest with each other. Sometimes it is even a dangerous place, where people try to hack each other to gain access to money or data, where criminals are active, as well as governments that want to keep an eye on citizens or other governments.

As the authors of the bgp which did not see it coming, and who can blame them given the modest size of the Internet in 1989, the bgp contains no possibility of authentication. If you have a BGP router, you can basically announce any route you want. Then tell all the routers that you have connected it again with other routers. “We call it bgp therefore called a gossip-based protocol,” said Andree Toonk of BGPmon at the Black Hat security conference earlier this month in Las Vegas.


In: A Technology & Gadgets Asked By: [23225 Red Star Level]

Answer this Question

You must be Logged In to post an Answer.

Not a member yet? Sign Up Now »