Wednesday, April 22, 2009

Hacking Internet Backbone, Blackhat

New freely available tools demonstrated in Blackhat last week showed that MPLS, BGP, and Metro Ethernet are vulnerable to several attacks.

The MPLS used to segregate network traffic for corporate customers, can be modified by an attacker to gain access to other MPLS networks.

As the MPLS has no mechanism for protecting the integrity of the headers that determine where a data packet should be delivered, the tool was used to modify the header. although the attack is difficult to be carried out as it require the attacker to be in the MPLS backbone.

The message here is, Encrypt your traffic anyway, and do not trust your carrier....

No comments: