logging in or signing up Comvalid BGPsentinel Techy_Guy Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 30 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 07, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript BGPsentinel : BGPsentinel COMVALIDAS/BGP: AS/BGP The Internet is composed of 20,000 autonomous systems(AS’s) AS’s exchange route advertisements using BGP. COMVALIDBGP assumptions: BGP assumptions Each AS announces only those prefixes for which they are responsible Source of a BGP-update has the authority to announce the prefix The announced AS path is correct TCP provides a secure transmission between BGP peers COMVALIDBGP problem: BGP problem BGP assumes that the routes advertised by neighboring nodes are correct What if this assumption is violated? An AS propagates spurious routes to a neighbor! COMVALIDBGP threats: BGP threats Configuration error Fraudulent origination Fraudulent modification Compromised routers Routing by miscreants Packet sniffing and injection COMVALIDBGP attacks: BGP attacks What are the effects of attacks? Drop packets and render a destination unreachable Eavesdrop the traffic to a given destination Impersonate the destination COMVALIDBGP threat mitigation: BGP threat mitigation IPSEC secure point-to-point between BGP speakers Implement RFC2385 MD5 validation of TCP sessions Optional extension is BGP MD5 Handle inter-As validation of routes Filters to ensure your neighbors only announce their own space (RFC 2827) sBGP and soBGP extensions of protocol COMVALIDWhy bother?: Why bother? A lot of deployed BGP routers use no mitigation criteria Router mis-configurations are a common occurrence Two major outages already happened in 1997 (as7007) and 2001 (nimda). Router break-ins also occur regularly Many routers have open telnet interfaces “Evil” effects of a compromised node Impersonation of your systems COMVALIDCauses and Effects: Causes and Effects COMVALID Cause EffectBGPsentinel Goals: BGPsentinel Goals Verify the correctness of BGP route about your NETs & AS’s over the Internet Alarm you in order to minimize the harmful effects of spurious updates Do not the impact over the routers Works as an external services Requires no modifications on configs COMVALIDConclusion: Conclusion Causes identified for spurious route advertisements: Mis-configurations, malicious behavior Harmful effects: Blackhole, impersonation, eavesdrop Remedies: Constant checking by BGPsentinel for immediate alarm and remedy action COMVALID You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
Comvalid BGPsentinel Techy_Guy Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 30 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 07, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript BGPsentinel : BGPsentinel COMVALIDAS/BGP: AS/BGP The Internet is composed of 20,000 autonomous systems(AS’s) AS’s exchange route advertisements using BGP. COMVALIDBGP assumptions: BGP assumptions Each AS announces only those prefixes for which they are responsible Source of a BGP-update has the authority to announce the prefix The announced AS path is correct TCP provides a secure transmission between BGP peers COMVALIDBGP problem: BGP problem BGP assumes that the routes advertised by neighboring nodes are correct What if this assumption is violated? An AS propagates spurious routes to a neighbor! COMVALIDBGP threats: BGP threats Configuration error Fraudulent origination Fraudulent modification Compromised routers Routing by miscreants Packet sniffing and injection COMVALIDBGP attacks: BGP attacks What are the effects of attacks? Drop packets and render a destination unreachable Eavesdrop the traffic to a given destination Impersonate the destination COMVALIDBGP threat mitigation: BGP threat mitigation IPSEC secure point-to-point between BGP speakers Implement RFC2385 MD5 validation of TCP sessions Optional extension is BGP MD5 Handle inter-As validation of routes Filters to ensure your neighbors only announce their own space (RFC 2827) sBGP and soBGP extensions of protocol COMVALIDWhy bother?: Why bother? A lot of deployed BGP routers use no mitigation criteria Router mis-configurations are a common occurrence Two major outages already happened in 1997 (as7007) and 2001 (nimda). Router break-ins also occur regularly Many routers have open telnet interfaces “Evil” effects of a compromised node Impersonation of your systems COMVALIDCauses and Effects: Causes and Effects COMVALID Cause EffectBGPsentinel Goals: BGPsentinel Goals Verify the correctness of BGP route about your NETs & AS’s over the Internet Alarm you in order to minimize the harmful effects of spurious updates Do not the impact over the routers Works as an external services Requires no modifications on configs COMVALIDConclusion: Conclusion Causes identified for spurious route advertisements: Mis-configurations, malicious behavior Harmful effects: Blackhole, impersonation, eavesdrop Remedies: Constant checking by BGPsentinel for immediate alarm and remedy action COMVALID