Wednesday, February 29, 2012

HACKERS ahead... Technion defends cyber space.

Technion Students Hack OSPF, the Most Popular Routing Protocol on the Internet.
The attack was part of a student project in the Computer Science Department and has attracted substantial interest in two scientific conferences; the students will be awarded the Technion Amdocs Prize.

Alex Kirshon and Dima Gonikman, students in the Technion Computer Science Department, showed how to hack the OSPF routing protocol, the most common protocol on the internet. The attack was part of a student project in the Laboratory of Computer Communication and Networking. It attracted substantial interest in the two scientific conferences it was presented where it was presented. Alex and Dima, supervised by Dr. Gabi Nakibly and Itai Dabran, will be awarded the Technion Amdocs Prize for Best Project in Computer Science.

Hundreds of thousands of routers work on the internet, linking the different networks. Each router is supposed to "know" all the other routers and to "talk" to them (to obtain information about their neighbors and about networks connected to them). The incessant involvement of the routers in the transmission of this information encumbers them and diminishes their effectiveness. Hence, the internet is in fact split into autonomic systems that "talk" to each other. The routers in each such system "know" each another.  

The most popular protocol for the transmission of information between routers in autonomic systems is OSPF. If it malfunctions, many messages will not reach their destination. Moreover, there is concern that these messages will reach the attacker of the protocol. Accordingly, stringent security measures are in place for the protocols of network routers.

One of the important defenses is called "fight-back". When it is implemented – when a router recognizes that another router has sent data in its name – it immediately issues a correction.

With help from their supervisors, Alex Kirshon and Dima Gonikman "targeted" this correction. They triggered a fight-back from a router on the network, but immediately before it was sent, they sent a fight-back with false data that was received by some of the other routers. When these routers received the fight-back of the compromised router, they rejected it.

The "attacking" students also identified in advance which fight-back the attacked router will send, so that the other routers received it "without doubts or questions".  From the moment they received the "fake" fight-back,  routers on the network have incorrect routing tables.

Such an attack can disrupt the entire operation of the autonomic system, prevent messages from reaching their destination and unnecessarily create substantial traffic on the network.

Hacker Inside Logo

You might also like: 



12 comments:

  1. Hi this is David, I found your article and am interested in details as I was looking to prove weaknesses in a clients design as they were using OSPF passive possibly with autehtication. My understanding is that I would need to comprimise auth and then get stated from there i.e. spoof area and inject routes. From an internet perspective however eBGP proprly configured will not be subject to receiving routes.This is the very difference why IGP and BGP exsist. Passing LSA's makes you open for attack. Can you send configs? dtauch@web.de

    ReplyDelete
  2. Also, the club bought Shinji Kagawa, a wonderful Japanese midfielder who has been impressive in Germany for Borussia Dortmund.iOS 7 download links

    ReplyDelete
  3. Thankfully, he finally got off of it! This is a vicious drug that should not be legal! 60s costumes

    ReplyDelete
  4. I need this drug for pain I am getting of losing my doctors and having to resort to medicating myself with alcohol-to control pain, because some fools have to overdose themselves. It is not EVIL how can an inanimate thing be evil? The person using it is the one having the evil intentions not the drug.Live football

    ReplyDelete
  5. The post is absolutely fantastic! Lots of great information and inspiration, both of which we all need! Also like to Logo design admire the time and effort you put into your blog and detailed information you offer! I will bookmark your blog and have my children check up here often.luxury villas in santorini

    ReplyDelete
  6. Crucial, obviously, i did decide to publicize that different a specific things or associations ace works which in this way sound identifying with this web site page ar basically by that sooner despite stagger Dialect Include understudies, which essay writing at heart all researchers whoever works sound about this kind of making associations join plainly ready take off to a perception that captivates posting by uprightness of the works in this specific uncommon site page.

    ReplyDelete
  7. Good post, well put together. Thanks. I will be back soon to check out for updates. CheersPromotional Gifts

    ReplyDelete
  8. First and Business Class: A children’s meal will be automatically loaded on board for children between 2 and 9 years of age. A children’s meal can be ordered separately for children up to the age ofBrackets - Ortodoncia Madrid

    ReplyDelete
  9. I told you how can we make a good sell structured settlement plane. You should be maintain structure in time ,date, products,price ,and budget.

    ReplyDelete
  10. I have browse your all article some points area unit too sensible ,But attempt to update daily our journal ,Because we'd like some eCommerce posts .I have a web site best furious reviews here . It give you sensible and authentic services.

    ReplyDelete
  11. Your site is good Actually, i have seen your post and That was very informative and very entertaining for me.Wholesale White Duvet Covers Online

    ReplyDelete
  12. Gran blog! Patrocinar a los niños pobres y los oprimidos harán su mundo se vuelven más brillantes. Para darles una nueva oportunidad de experimentar cómo bendecir y amar son. Verdaderamente compasión es la empatía por el sufrimiento de los demás.electronic cigarette australia

    ReplyDelete