BGP Security

0.0(0)
studied byStudied by 0 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/7

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

8 Terms

1
New cards

Internet is a network of autonomous networks and BGP is how we communicate between those autonomous networks

BGP stands for Border Gateway Protocol

  • allows us to find the best route on the internet from source IP to best IP in network

  • between domains of networks

2
New cards

BGP vulnerabilities lead to…

  • able to spoof BGP traffic

  • Blocking access to certain sites

  • impersonating website via IP addresses

3
New cards

BGP is honestly a huge pain b/c it priorities money

So there are like multiple relationships

  • Peer to Peer

    • free

    • I promise to pass your traffic to anotehr network i nexchange you do the same

  • Customer0service

    • you pay or i pay you to pass my traffic

  • usually ISP is always going to prioritize money and do customer service instead

    • figures out best provider through this

4
New cards

We figure out the “routes” via AS

Some act as multhomed AS in the sense that they connect between multiple AS

Stub AS

  • on the periphery of the network

Transit AS

  • passes traffic to other ASs

    • at least two connections

5
New cards

BGP Table

  1. Okay, so how BGP routers work in general

    1. Use TCP and basically send keep alive messages to other routers periodically

    2. This is to make sure that there’s like a good log of available paths from outer routers

    3. we want to know the best path yippie so we use a BGP table

    4. if we find a new best path, BGP update

    5. Originator in AS path is always going to be rightmost

6
New cards

BGP rule, must NEVER have a valley in the based routing

  1. We don’t want that b/c you’re gonna get super charged

  2. and you could get overwhelmed b/c the other provider or network might be like, oh this is free and then pass traffic you can’t manage to you

7
New cards

Cases you want to run BGP

Multiple of the routers will computer BGP routing

BOrder router could bea route for BGP speaker

8
New cards

Attacks for BGP based on the fact that it runs on TCP

DoS

0- we establish a new TCP connection that we think is legitimate, update everything

BGP route flapping

  • where like there’s this one route that you’re getting and it’s new and better than what yo uahve, but it’s actually fake, but you’ve sent the update so now the routes in the area are kind of unreliable

Explore top notes

Explore top flashcards