Slashdot Mirror

← Back to Stories (view on slashdot.org)

Fix To Chinese Internet Traffic Hijack Due In Jan.

Posted by CmdrTaco on from the route-around-it dept.

alphadogg writes "Policymakers disagree about whether the recent Chinese hijacking of Internet traffic was malicious or accidental, but there's no question about the underlying cause of this incident: the lack of built-in security in the Internet's main routing protocol. Network engineers have been talking about this weakness in the Internet infrastructure for a decade. Now a fix is finally on the way."

1 of 92 comments (clear)

  1. HOSTS use won't work vs. BGP by Anonymous Coward · · Score: 5, Informative

    "Is there no way on a local machine to maybe add to a host file a list of non allowed hops or something, where the packets have info as to where they can not be sent, and avoid. I am not sure as I am not very knowledge about networking, as much as I am programming, I would see this as trivial to add to a packet a flag that says it must stay within a hopping locality or sequence?" - by hesaigo999ca (786966) on Wednesday December 08, @01:10PM (#34489968) Homepage

    Specifically on HOSTS files, since I often post about them here? HOSTS files usage won't work vs. BGP exploits!

    (Think of BGP as SORT OF like arp is, which you also need for routing).

    ISP's use BGP to make routes between one another, and this is not something YOU have any control over... once you get packets in (from who knows where under this type of attack), & send them out again? You have ZERO control now at that point vs. BGP.

    BGP READ:

    http://en.wikipedia.org/wiki/Border_Gateway_Protocol

    That URL's where you can read up more on BGP...

    and

    ARP READ:

    http://en.wikipedia.org/wiki/Address_Resolution_Protocol

    That URL's where you can read up more on ARP which is used between routers/gateways...

    Why did I put those links up for you?

    Well - You stated you're more of a programmer than a network engineer/tech, & I was much the same a decade + 1/2 ago is why...: I KNOW WHERE YOU ARE COMING FROM! Those will help...

    (I too was "mostly coder & hardware tech" ONLY, back then circa 1994-1996, until I started doing webservices based coding + client-server work, where you HAD to have @ least SOME understanding of "things networking", & picked up MOST of it on IRC back then)...

    Later though? Heh, it ended up getting me work as a network administrator many times even, just because I took some initiative to "grow myself" a BIT more, to be more "well-rounded/all-around" & more "liberal arts", albeit STRICTLY around computing (learn BOTH coding & networking - it's worth it!).

    APK

    P.S.=> This isn't a first, though I truly DO suspect China did it intentionally (because of the military information being sampled as mentioned in the source articles is why MOSTLY), but iirc, some ISP in Florida USA did it by accident & FLOORED THEMSELVES (sort of funny, but NOT for their customers though I imagine - especially those that depend on the net for their work/livelyhood, education, etc./et al (& even if only in part))... apk