The holy grail of routing attacks is owning the routing table of a router. We present new found vulnerabilities in the OSPF protocol - the most popular routing protocol inside autonomous systems (AS) - which allow to own a router's routing table without having to own the router itself. We present new attacks that falsify the LSAs of routers not controlled by the attacker while evading the "fight-back" mechanism. These attacks affords a single attacker a great power to persistently falsify large portions of the routing domain's topology. This may be utilized to induce routing loops, network cuts or longer routes in order to facilitate DoS of the routing domain or to gain access to information flows which otherwise the attacker had no access to. This is a joint work with Alex Kirshon and Dima Gonikman.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.