Owning the Routing Table: New OSPF Attacks presented at BlackhatUSA 2011

by Gabi Nakibly,

URL : https://media.blackhat.com/bh-us-11/Nakibly/BH_US_11_Nakibly_Owning_the_Routing_Table_Slides.pdf

Summary : The holy grail of routing attacks is owning the routing table of a router. We present new found vulnerabilities in the OSPF protocol - the most popular routing protocol inside autonomous systems (AS) - which allow to own a router's routing table without having to own the router itself.
We present new attacks that falsify the LSAs of routers not controlled by the attacker while evading the "fight-back" mechanism. These attacks affords a single attacker a great power to persistently falsify large portions of the routing domain's topology. This may be utilized to induce routing loops, network cuts or longer routes in order to facilitate DoS of the routing domain or to gain access to information flows which otherwise the attacker had no access to.
This is a joint work with Alex Kirshon and Dima Gonikman.