My winter break from school started a few days before Thanksgiving and I’m not going back till January 5th.  I decided now was the time to start researching fun stuff.  But where to start?  As luck would have it I came across The Internet Protocol Journal and quickly got a subscription.

Two-thirds of the issue I received in the mail talks about securing BGP (if your going to follow that link you’ll want to read this one first).  I had never thought about it but routing protocols need to be secured.  Anyone who has any concept of how the Internet works knows that if you can confuse the routers you can, for the most part, take down the Internet.  Luckily someone at IETF woke up one morning and realized “OH SHIT!!!  WE AREN’T DOING MUCH TO SECURE TRAFFIC BETWEEN ROUTERS!!!” and the Routing Protocol Security Working Group was formed.  Unfortunately after browsing their site it sounds like actually implementing any of their proposed protocols is about as likely as a switch to IPv6.  Which means that more tools (such as the Internet Routing Protocol Attack Suite) that can be used in such attacks will become prevalent. 

I much prefer working with and studying subjects like this one as opposed to dealing with desktop issues and configuring Outlook.  Expect to see a lot more on this topic in the next few weeks.  

Now if I can just get my hands on a router so I can really start learning...Ah, oh well, for now I guess I’ll have to stick to reading theoretical papers about attacking routers:

http://www.rpsec.org/drafts/draft-beard-rpsec-routing-threats-00.txt

http://www.rpsec.org/drafts/draft-murphy-threat-00.txt

http://www.rsaconference.com/rsa2003/europe/tracks/pdfs/hackers_w15_majstor.pdf