Security News > 2022 > October > That thing to help protect internet traffic from hijacking? Here's how to break it

For those who don't know, the internet is a network of connected networks.

More specifically, the internet consists of networks called autonomous systems that advertise their IP address prefixes via routers to neighboring networks using BGP, again to ultimately construct this routing map.

Ru started advertising one of Twitter's network prefixes, presumably to intercept Twitter traffic or at least redirect it into a sinkhole, blocking access to the social network.

As the name suggests, the technique stalls the network route verification process, which ultimately disables RPKI, so no network route validation occurs.

Using low rate bursts synchronized with queries from the relying party to find RPKI publication points, the attacker can effectively take RPKI protection out of the picture, forcing the target network to make routing decisions based on unvalidated information.

With about 60 percent of IP address blocks lacking RPKI, network route hijacking remains a risk.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/10/09/internet_traffic_routing_defense/