Persistent OSPF Attacks
نویسندگان
چکیده
Open Shortest Path First (OSPF) is the most widely deployed interior gateway routing protocol on the Internet. We present two new attacks on OSPF that expose design vulnerabilities in the protocol specification. These new attacks can affect routing advertisements of routers not controlled by the attacker while evading the OSPF self-defense “fight-back” mechanism. By exploiting these vulnerabilities an attacker can persistently falsify large portions of the routing domain’s topology thereby giving the attacker control over how traffic is routed in the domain. This in turn can lead to denial of service, eavesdropping, and man in the middle attacks. We discuss a number of mitigation strategies and propose an update to the OSPF specification that defeats these attacks and improves overall OSPF security.
منابع مشابه
Owning the Routing Table –
Open Shortest Path First (OSPF) is the most popular interior gateway routing protocol on the Internet. Most of the known OSPF attacks are based on falsifying the link state advertisement (LSA) of an attacker-controlled router. These attacks may create serious damage if the attacker-controlled router is strategically located. However, these attacks can only falsify a small portion of the routing...
متن کاملAn experimental study of insider attacks for OSPF routing protocol
It is critical to protect the network infrastructure (e.g., network routing and management protocols) against security intrusions, yet dealing with insider attacks are probably one of the most challenging research problems in network security. We study the security threats, especially internal/insider threats, for the standardized routing protocol OSPF. In OSPF, a group of routers collaborate, ...
متن کاملFinding Security Vulnerabilities in a Network Protocol Using Parameterized Systems
This paper presents a novel approach to automatically finding security vulnerabilities in the routing protocol OSPF – the most widely used protocol for Internet routing. We start by modeling OSPF on (concrete) networks with a fixed number of routers in a specific topology. By using the model checking tool CBMC, we found several simple, previously unpublished attacks on OSPF. In order to search ...
متن کاملAnaliza bezbednosnih mehanizama OSPF protokola
Service or system security depends on the security of any component used on that system. Computer network attacks can jeopardize normal network functionality. There are cases where an attacker can gain unauthorized control over classified data. OSPF is the most common link state routing protocol. In this paper, we have analyzed OSPF security issues and described some protection methods. Analysi...
متن کاملHiding Transit-Only Networks in OSPF
A transit-only network is defined as a network connecting routers only. In OSPF, transit-only networks are usually configured with routable IP addresses, which are advertised in Link State Advertisements (LSAs) but are not needed for data traffic. In addition, remote attacks can be launched against routers by sending packets to these transit-only networks. This document presents a mechanism to ...
متن کامل