OWNING THE ROUTING TABLE - PART II

Black Hat USA 2013

Presented by: Gabi Nakibly
Date: Thursday August 01, 2013
Time: 17:00 - 18:00
Location: Augustus 1 & 2

The holy grail of routing attacks is owning the routing table of a router. In this work we present a powerful OSPF attack that exploit a newly discovered ambiguity of the OSPF protocol -- the most popular routing protocol inside autonomous systems (AS). The attack allows an attacker who gained control over just a single router in an AS to control the routing tables of all other routers in that AS. The attack may be utilized to induce black holes, network cuts or longer routes in order to facilitate DoS of the routing domain or to gain access to information flows which otherwise the attacker had no access to. The attack can also be used to easily DoS a victim router using a single packet. A multi-vendor effort is now under way to fix this vulnerability which currently inflict many of today's OSPF routers. This work is a sequel to the work "Owning the Routing Table" we presented at Black Hat USA 2011.

This is a joint work with Eitan Menahem, Yuval Elovici and Ariel Waizel of Telekom Innovation Laboratories at Ben Gurion University.

Gabi Nakibly

Gabi has more than a decade of experience in networking technologies and security. He is currently a fellow at the National EW Research & Simulation Center in Israel (as part of Rafael - Advanced Defense Systems) where he is involved in the security analysis of network protocols and the secure deployment of network services. He also serves as an adjunct lecturer and researcher in the computer science department at the Technion (Israel Institute of Technology). In 2012 Gabi was a visiting scholar at Stanford University's security lab. Gabi received his B. Sc. in Information Systems Engineering (summa cum laude) and PhD in Computer Science from the Technion in 1999 and 2008, respectively.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats