logo

  •   Submit to to del.icio.us   Submit to to digg   submit to to reddit   submit to to StumbleUpon   submit to to Google   Submit to to Yahoo!

Category: news | Posted by Avatar Staff 97 days ago
Via: http://lists.jammed.com | Tags: isn revealed internets biggest security hole comments Discuss  






From: InfoSec News <alerts_at_private>




Date: Thu, 28 Aug 2008 00:34:28 -0500 (CDT)






http://blog.wired.com/27bstroke6/2008/08/revealed-the-in.html



By Kim Zetter 

Threat Level

Wired.com

August 26, 2008



Two security researchers have demonstrated a new technique to stealthily 

intercept internet traffic on a scale previously presumed to be 

unavailable to anyone outside of intelligence agencies like the National 

Security Agency.



The tactic exploits the internet routing protocol BGP (Border Gateway 

Protocol) to let an attacker surreptitiously monitor unencrypted 

internet traffic anywhere in the world, and even modify it before it 

reaches its destination.



The demonstration is only the latest attack to highlight fundamental 

security weaknesses in some of the internet's core protocols. Those 

protocols were largely developed in the 1970s with the assumption that 

every node on the then-nascent network would be trustworthy.  The world 

was reminded of the quaintness of that assumption in July, when 

researcher Dan Kaminsky disclosed a serious vulnerability in the DNS 

system. Experts say the new demonstration targets a potentially larger 

weakness.



"It's a huge issue. It's at least as big an issue as the DNS issue, if 

not bigger," said Peiter "Mudge" Zatko, noted computer security expert 

and former member of the L0pht hacking group, who testified to Congress 

in 1998 that he could bring down the internet in 30 minutes using a 

similar BGP attack, and disclosed privately to government agents how BGP 

could also be exploited to eavesdrop. "I went around screaming my head 

about this about ten or twelve years ago.... We described this to 

intelligence agencies and to the National Security Council, in detail."



The man-in-the-middle attack exploits BGP to fool routers into 

re-directing data to an eavesdropper's network.



Anyone with a BGP router (ISPs, large corporations or anyone with space 

at a carrier hotel) could intercept data headed to a target IP address 

or group of addresses. The attack intercepts only traffic headed to 

target addresses, not from them, and it can't always vacuum in traffic 

within a network -- say, from one AT&T customer to another.



The method conceivably could be used for corporate espionage, 

nation-state spying or even by intelligence agencies looking to mine 

internet data without needing the cooperation of ISPs.



[...]





__________________________________________________      

Register now for HITBSecConf2008 - Malaysia! With 

a new triple-track conference featuring 4 keynote 

speakers and over 35 international experts, this 

is the largest network security event in Asia and 

the Middle East! 

http://conference.hackinthebox.org/hitbsecconf2008kl/



Received on Wed Aug 27 2008 - 22:34:28 PDT
addto Add this link to... report Bury 


Comments Who Voted Related Links
Copyright 2005-2008 Best of Security