Slashdot Mirror


How a Router's Missed Range Check Nearly Crashed the Internet

Barlaam writes "A bug by router vendor A (omitting a range check from a critical field in the configuration interface) tickled a bug from router vendor B (dropping BGP sessions when processing some ASPATH attributes with length very close to 256), causing a ripple effect that caused widespread global routing instability last week. The flaw lay dormant until one of vendor A's systems was deployed in an autonomous system whose ASN, modulo 256, was greater than 250. At that point, the Internet was one typo away from disaster. Other router vendors, who were not affected by the bug, happily propagated the trigger message to every vulnerable system on the planet in about 30 seconds. Few people appreciate how fragile and unsecured the Internet's trust-based critical infrastructure really is — this is just the latest example." Vendor A, in this case, is a Latvian router vendor called MikroTik.

2 of 196 comments (clear)

  1. Legislation to point Cameras at all routers! by Anonymous Coward · · Score: -1, Flamebait

    And that way we will know who the real terrorists have become. Administrators, especially French ones, can never be trusted. I think Barack Husseim Ossama of Kenya will prove to be the greatest President of the United States by pointing cameras away from the streets and more on the people that cause 100% of all the problems in Americuz.

  2. FirsT by Anonymous Coward · · Score: -1, Flamebait

    aas until I hit my user. 'Now that list of other Recent article put transfer, Netscape