Talk:BGP hijacking

This article is rated Stub-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Computer Security: Computing Mid‑importance This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles Mid This article has been rated as Mid-importance on the project's importance scale. This article is supported by WikiProject Computing. Things you can help WikiProject Computer Security with: Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information... Answer question about Same-origin_policy Review importance and quality of existing articles Identify categories related to Computer Security Tag related articles Identify articles for creation (see also: Article requests) Identify articles for improvement Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc. Find editors who have shown interest in this subject and ask them to take a look here.

There was previously a request for a merger of this article with the prefix hijacking section of the Border Gateway Protocol article. I believe that the section in the BGP article should be shortened and the meat of the information be in this article. IP/Prefix Hijacking can become a large article. There is already a lot of research in this area that can be integrated into the article and more research and information is likely to become published on this topic. --TreyGeek (talk) 00:46, 13 June 2008 (UTC) BGP is an entirely separate protocol from TCP. TCP hijacking is irrelevant to BGP hijacking. While the article needs revising merging them doesn't make sense. The vulnerabilities in the protocols are unrelated. —Preceding unsigned comment added by 66.160.11.162 (talk) 15:05, 23 March 2009 (UTC)[reply]

Previous user is correct: BGP security flaws require their own separate distinction, in part due to their prevalence and huge impact of security at a much higher level then IP Hijacking. —Preceding unsigned comment added by 136.142.195.129 (talk) 16:23, 30 March 2009 (UTC)[reply]

I noticed a problem with this section of the Border Gateway Protocol article. The text has been plagiarized from [here] apparently --131.107.0.77 (talk) 18:34, 18 June 2009 (UTC)[reply]

I believe that bgp is so specialist that the hijacking issues should be left seperate and not merged into a larger corpus. —Preceding unsigned comment added by 217.16.218.141 (talk) 11:07, 15 January 2010 (UTC)[reply]

it should stay within the current topic, as-path hijacking is specific to BGP, sessoin hijacking and man-in-the-middle attacks are generic, but exploits possible once the BGP session has been hijacked are very specific. if anything, rearrange the page so its at the bottom, but for the sake of completeness, leave it in, link to it from the ip_hijacking generic page. —Preceding unsigned comment added by 124.168.140.120 (talk) 12:02, 14 February 2010 (UTC)[reply]

BGP is in a league of it's own. It has no real comparable other. As for protocol hacking... for that matter, you could include just about every single protocol ever published (IETF, IEEE, ANSI, FIPS, ISO, etc.) and end up with one humongous article, but BGP flaws which are specific to BGP should be left under the BGP thread. But I feel a simple mention of BGP hijacking should be made in the IP hijacking section with specifics to BGP linked back to this article. wbenton (talk) 08:30, 26 February 2010 (UTC)[reply]

IP Hijacking is not inherant or solely focused on BGP. One can hijack an IP from within an OSPF network (within a single AS); I've seen this done by accident and know it's been done deliberately. There is no need to merge the articles, given that BGP is only one example of where IP hijacking can occur. —Preceding unsigned comment added by 160.147.83.98 (talk) 17:12, 13 July 2010 (UTC)[reply]

• • [1] Seguridad en BGP {Link is in Spanish} Meaning: Main vulnerabilities of BGP protocol
  • [2] Internet's Security
  • [3] BGP attacks
  • [4] DNS rebinding, aka anti-DNS-pinning (and IP hijacking)

See http://crypto.stanford.edu/dns/ for more information. Related, http://en.wikipedia.org/wiki/Man-in-the-middle_attack

the last three links of the Public Incidents section are broken 79.131.231.147 (talk) 14:27, 25 October 2008 (UTC)[reply]

Hello fellow Wikipedians,

I have just modified 3 external links on IP hijacking. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

• Added archive https://web.archive.org/web/20090227181607/http://www.merit.edu:80/mail.archives/nanog/1997-04/msg00380.html to http://merit.edu/mail.archives/nanog/1997-04/msg00380.html
• Added archive https://web.archive.org/web/20080228131639/http://www.renesys.com:80/blog/2005/12/internetwide_nearcatastrophela.shtml to http://www.renesys.com/blog/2005/12/internetwide_nearcatastrophela.shtml
• Added archive https://web.archive.org/web/20080405030750/http://www.ripe.net:80/news/study-youtube-hijacking.html to http://www.ripe.net/news/study-youtube-hijacking.html

When you have finished reviewing my changes, please set the checked parameter below to true or failed to let others know (documentation at {{Sourcecheck}}).

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

• If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
• If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 17:58, 30 November 2016 (UTC)[reply]

I've moved this article to BGP hijacking, which is the most correct, and most commonly used, term among those who know about such things. -- The Anome (talk) 17:17, 9 January 2017 (UTC)[reply]

I suggest the addition of some clarification on terminology re route leaks (there currently isn’t any explanation) perhaps at the end of Mechanism. How about something like:

When a router promulgates flawed BGP routing information, whether that action is intentional or accidental, it is defined by the Internet Engineering Task Force (IETF) in RFC 7908 as a "route leak". Such leaks are described as "the propagation of routing announcement(s) beyond their intended scope. That is, an announcement from an Autonomous System (AS) of a learned BGP route to another AS is in violation of the intended policies of the receiver, the sender, and/or one of the ASes along the preceding AS path." Such leaks are possible because of a long-standing "…systemic vulnerability of the Border Gateway Protocol routing system…"^[1]

BGP is only peripheral to my background so I’m seeking thoughts/improvements. Zatsugaku (talk) 21:27, 29 May 2021 (UTC)[reply]

As I explore this topic a further, I see there are some additional protocol initiatives beyond RPKI that aim to provide a more comprehensive fix to iBGP and eBGP. I think there is an opportunity to create a section, perhaps “Proposed redesigns that forestall hijacking.” The idea is to very briefly touch on evolutionary and clean slate ideas that address BGPs long-standing security/flow issues, putting it in the general context of the diverse institutional and private technical initiatives that collectively could fit under Future Internet. That is a lightly edited page and there are a lot of older/historic/archive.org references there to sort through. It could use some updating. Beyond RPKI, the SCION (Internet architecture) page seems to be the most apparent/credible research/academic driven project with at least some adoption (references solicited). There are others that exist mainly as academic proposals/papers and some that are proprietary (so I have to avoid it being a magnet for a product list/soapbox). Also, I notice there is a similar gap on the BGP main page re a no subsection on redesign proposals, so I guess there is a need to finesse two similar paragraphs. Eventually I think the topic of BDG redesign is important enough to justify its own page. Any thoughts? Zatsugaku (talk) 18:03, 4 September 2021 (UTC)[reply]