Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by: Tony Reveldez GEOFF HUSTON B.Sc., M.Sc. Australian National University MATTIA ROSSI B.Eng.,M.Sc. Leopold- Franzens- Universitaet GEOFF ARMITAGE.

Published byMay Hall Modified over 9 years ago

Similar presentations

Presentation on theme: "Presented by: Tony Reveldez GEOFF HUSTON B.Sc., M.Sc. Australian National University MATTIA ROSSI B.Eng.,M.Sc. Leopold- Franzens- Universitaet GEOFF ARMITAGE."— Presentation transcript:

1 Presented by: Tony Reveldez GEOFF HUSTON B.Sc., M.Sc. Australian National University MATTIA ROSSI B.Eng.,M.Sc. Leopold- Franzens- Universitaet GEOFF ARMITAGE B.Sc., PhD. Swinburne University of Technology 1

2 Border Gateway Protocol  What is it?  iBGP vs eBGP  TCP/IP  Distant Vector Routing Path Vector Routing  Route Selection Process  Messages AS Path 2

3 BGP Threat Model  Securing the BGP Session Injection, eavesdropping, delay messages, replay  Verifying BGP Identity Are you really who you claim to be?  Verifying BGP Information Is your information complete?  Verifying Forwarding Paths Is my information accurate? 3

4 Consequences of Attacks on the Routing System Denial of Service the potential to masqueradeAddress Stealing The ability to eavesdrop www.fireblog.com 4

5 Securing BGP  The Security Toolset  Security Requirements Securing the data payload and semantics Piecemeal incremental deployment  Approaches to Securing BGP sBGP, soBGP, psBGP, pgBGP, IRV 5

6 Approaches to Securing BGP  Securing the operation of BGP TCP session GTSM TCP MD5 IPSEC  Security in the Data Level 6

7 Securing the Integrity of BGP Data  sBGP  soBGP psBGP  IRV  pgBGP 7

8 State of BGP Security As the table shows, of all proposals, only a few have been implemented and mostly not deployed 8

Download ppt "Presented by: Tony Reveldez GEOFF HUSTON B.Sc., M.Sc. Australian National University MATTIA ROSSI B.Eng.,M.Sc. Leopold- Franzens- Universitaet GEOFF ARMITAGE."

Similar presentations

RPKI Standards Activity Geoff Huston APNIC February 2010.

RPKI Standards Activity Geoff Huston APNIC February 2010.
An Operational Perspective on Routing Security Geoff Huston Chief Scientist, APNIC.

An Operational Perspective on Routing Security Geoff Huston Chief Scientist, APNIC.
An Operational Perspective on BGP Security Geoff Huston February 2005.

An Operational Perspective on BGP Security Geoff Huston February 2005.
Mobile IPv6. Why study Mobility in IPv6? What is so different about Mobile IPv6 ?

Mobile IPv6. Why study Mobility in IPv6? What is so different about Mobile IPv6 ?
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.

1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.

© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Module Summary BGP has reliable transport provided by TCP, a rich set of metrics called BGP.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.
How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.

How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.
Securing BGP Geoff Huston November 2007. Agenda An Introduction to BGP BGP Security Questions Current Work Research Questions.

Securing BGP Geoff Huston November Agenda An Introduction to BGP BGP Security Questions Current Work Research Questions.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
BGP update profiles and the implications for secure BGP update validation processing Geoff Huston Swinburne University of Technology PAM2007 5 April 2007.

BGP update profiles and the implications for secure BGP update validation processing Geoff Huston Swinburne University of Technology PAM April 2007.
1 Towards Secure Interdomain Routing For Dr. Aggarwal 60-592 Win 2004.

1 Towards Secure Interdomain Routing For Dr. Aggarwal Win 2004.
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Interdomain Routing Security COS 461: Computer Networks Michael Schapira.

Interdomain Routing Security COS 461: Computer Networks Michael Schapira.
Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.

Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.

Similar presentations

Ads by Google