“Reform of routers” is not needed by anyone
The weak spot of the dynamic routing of Internet traffic has remained a threat to the stability of the Internet for more than 20 years. During this time, the World Wide Web infrastructure was hacked several times, in each case the damage was insignificant (for example, YouTube fell out of the network for a couple of hours in February 2008). However, it’s not at all the fact that next time it will do without consequences. AP gathered expert opinions on this topic. For example, the general manager of Renesys Corporation, which monitors Internet routers, honestly says: “Every day I feel admiration when I come to work and I see that everything is still working.”
The essence of the problem is basically the principle of dynamic routing, when the router selects a route for each packet, focusing on a dynamically adaptable table. That is, no router knows the complete packet route, but simply sends a packet to the nearest “neighbor” based on data from a dynamic table that is constantly updated. The slightest error in one table is immediately copied to neighboring routers and can be fatal.
This happened on April 25, 1997, when millions of North American users lost access to the Internet due to the fact that an employee of one small Internet provider had incorrectly reshuffled the router.
Similar incidents occurred in 1998, 1999, 2001, 2004, 2005, 2006, 2008 and 2009. In 2003, the Bush administration recognized the problem as “vital,” and adopted the strategy paper National Strategy to Secure Cyberspace. However, by 2010, nothing fundamentally changed.
')
In February 2008, the YouTube site dropped out of the Internet for two hours due to the fact that a certain Pakistani Internet provider changed the routing table for this site and redirected all its traffic to itself. They wanted to block access to YouTube from their own country, but the routing table was copied to the rest of the Internet routers, and no one in the world could get to the YouTube site.
According to experts, today about 1 million people in the world have access to computers using the Border Gateway Protocol (BGP). Each of these million people can make a small change that will affect the work of the entire Internet.
A hacker known in narrow circles, Peter Zatko (Peiter Zatko), a member of the hacker group L0pht, said back in 1998 that through a vulnerability in BGP, he could “throw down the entire Internet” in 30 minutes. Today Zatko works in the Pentagon’s DARPA division, but does not give up his words. Only he clarifies that now it will take two hours, due to the increased number of routers.
Interestingly, among commercial firms in global reform of routers, by and large, no one is interested. Large providers believe that this is not their problem, and generally doubt the need for fundamental reform: it is too expensive for them. The Internet is public domain and does not belong to anyone, so it is very difficult to carry out such a reform from an organizational point of view, which is why BGP will remain vulnerable for many years.
According to the most paranoid experts, every user should check their home phone and make sure that it does not work through the IP network. Perhaps in the future we will still have to go through a few days without the Internet.
The essence of the problem is basically the principle of dynamic routing, when the router selects a route for each packet, focusing on a dynamically adaptable table. That is, no router knows the complete packet route, but simply sends a packet to the nearest “neighbor” based on data from a dynamic table that is constantly updated. The slightest error in one table is immediately copied to neighboring routers and can be fatal.
This happened on April 25, 1997, when millions of North American users lost access to the Internet due to the fact that an employee of one small Internet provider had incorrectly reshuffled the router.
Similar incidents occurred in 1998, 1999, 2001, 2004, 2005, 2006, 2008 and 2009. In 2003, the Bush administration recognized the problem as “vital,” and adopted the strategy paper National Strategy to Secure Cyberspace. However, by 2010, nothing fundamentally changed.
')
In February 2008, the YouTube site dropped out of the Internet for two hours due to the fact that a certain Pakistani Internet provider changed the routing table for this site and redirected all its traffic to itself. They wanted to block access to YouTube from their own country, but the routing table was copied to the rest of the Internet routers, and no one in the world could get to the YouTube site.
According to experts, today about 1 million people in the world have access to computers using the Border Gateway Protocol (BGP). Each of these million people can make a small change that will affect the work of the entire Internet.
A hacker known in narrow circles, Peter Zatko (Peiter Zatko), a member of the hacker group L0pht, said back in 1998 that through a vulnerability in BGP, he could “throw down the entire Internet” in 30 minutes. Today Zatko works in the Pentagon’s DARPA division, but does not give up his words. Only he clarifies that now it will take two hours, due to the increased number of routers.
Interestingly, among commercial firms in global reform of routers, by and large, no one is interested. Large providers believe that this is not their problem, and generally doubt the need for fundamental reform: it is too expensive for them. The Internet is public domain and does not belong to anyone, so it is very difficult to carry out such a reform from an organizational point of view, which is why BGP will remain vulnerable for many years.
According to the most paranoid experts, every user should check their home phone and make sure that it does not work through the IP network. Perhaps in the future we will still have to go through a few days without the Internet.
Source: https://habr.com/ru/post/93177/
All Articles