Before you consider DNS blocking, first, do no harm
Criminals Need IP Addresses

Internet Address Hijacking, Spoofing and Squatting Attacks

Some of the prominent Internet routing attacks are not attacks against the routing system at all. The purpose of this set of attacks is not to disrupt the routing system itself but to (i) use the routing system to make addresses that criminals use for spam or other malicious activities known and reachable and thus (ii) allow malicious traffic to originate from these addresses and be delivered to recipients across the Internet.

This series of blog articles explores attacks that exploit the Internet’s routing system in this manner. In particular, I’ll consider attacks that exploit the Border Gateway Protocol (RFC 1771), a routing protocol that is used to exchange network reachability information among autonomous systems (AS), defined as one or more IP networks that operate under a single routing policy.

This series describes the motives for such attacks, classifies the attacks based on certain distinguishing characteristics, and suggests measures that can be taken to mitigate attacks of these kinds. Since the objective of this paper is to describe how and why attackers target specific addressing resources, the paper does not describe how attacks are executed in detail but instead treats them all as insertion attacks.

2 3 4 5 6 7 8 9 10 11   PDF 


Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.


Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)