A protocol such as Border Gateway Protocol(BGP) normally used for routing information on Exchange which been work between ISP like different ASes and the internet.

How BGP works and Characteristic?

BGP is a protocol that will eventually connect any internetwork of any autonomous system together via an arbitrary topology. ASes requirement will be using is at least one router will be running the BCP and it will sync to another AS’s BGP router within the same network segment.

Border Gateway Protocol’s Characteristics:

  1. The purpose of BGP is to implement an Inter-Autonomous System Configuration which helps provide communication between two different autonomous system
  2. Next-Hop Paradigm will be supported by BGP and multiple BGP speakers that reside inside the AS will be coordination among each other.
  3. BGP will be advertised using the path information which can be a reachable destination and the next destination pair.
  4. BGP is the same as other networks connection that runs over TCP, Network bandwidth and supports CIDR with Security

The attack that advantages of BGP

The following are the types of BGP Attacks that valid until today.

  1. BGP DDoS which can cause a bogus route to any Internet’s routing tables. An example of the attack would a famous attack that happen long ago which is Youtube DDoS attack which holds two way to access youtube like one legit and other is bogus. Nowadays, most troublesome would be all route will be subnet maps to the other prefix(sub-prefix).
  2. BGP hijacking is an famous attack related to BGP which incident happened a lot within this 2 years.

Public attack that have taken advantages is listed as follows:

  • Roughly around 1300 IP address that using Amazon Web Service space has been compromising on April 2018. The attack is have been done by hijacked the Amazon Route 53 by eNet which is an ISP provider in Columbus, Ohio.
  • The incident happened around July in the same year, Iran Telecommunication Company(AS58224) have been originated 10 of their prefixes of Telegram Messenger.
  • Taiwan Network Information Center (TWNIC) that have run traffic that routes to Public DNS have the redirected to an entity in Brazil which occurs on May 2019
  • A Large European mobile traffic has been redirected through a China Telecom in June 2019

By Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *