Owning the Routing Table - New OSPF Attacks

Black Hat USA 2011

Presented by: Gabi Nakibly
Date: Wednesday August 03, 2011
Time: 11:15 - 12:30
Location: Augustus I + II
Track: Bit Flow

The holy grail of routing attacks is owning the routing table of a router. We present new found vulnerabilities in the OSPF protocol - the most popular routing protocol inside autonomous systems (AS) - which allow to own a router's routing table without having to own the router itself.

We present new attacks that falsify the LSAs of routers not controlled by the attacker while evading the "fight-back" mechanism. These attacks affords a single attacker a great power to persistently falsify large portions of the routing domain's topology. This may be utilized to induce routing loops, network cuts or longer routes in order to facilitate DoS of the routing domain or to gain access to information flows which otherwise the attacker had no access to.

This is a joint work with Alex Kirshon and Dima Gonikman.

Gabi Nakibly

Gabi Nakibly is an adjunct lecturer at the Technion (Israel Institute of Technology) and a network security research leader at Israel's National EW Research & Simulation Center (part of Rafael -Advanced Defense Systems) where he is involved in the security analysis of network protocols and the secure deployment of network services. Gabi received his B. Sc. in Information Systems Engineering (summa cum laude) and PhD in Computer Science from the Technion in 1999 and 2008, respectively.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats