Add to del.icio.us     Digg this

April 10, 2010

Chinese Internet service providers briefly modified network routing tables on April 8. This is the second time in less than two weeks that network admins in China have done so, and now some are wondering when a next similar network breach will happen.

Internet routing data for 32,000 to 37,000 networks was critically affected, causing them to be redirected through China instead of their normally designed path. Some 8,000 of the networks were located in the U.S. including those operated by Dell, Apple, CNN and Starbucks.

Some networks in Australia, India, New Zealand and elsewhere were also affected by the modified routing tables.

The bad networking information originated from IDC China Telecommunications and was soon retransmitted by China's state-owned China Telecommunications. ISPs including AT&T, Level3, Deutsche Telekom, Qwest Communications, UU-Net, Tiscalis and Telefonica soon incorporated the wrong data into their routing tables as well, IDG said.

This incident comes less than two weeks after a similar networking anomaly caused people in Chile to be redirected to Chinese networks, potentially blocking web sites such as Facebook and YouTube, which are already banned in that country.

This issue underscores the fragility of BGP (Border Gateway Protocol) which is used to route traffic over the Internet. The core net underpinning remains susceptible to man-in-the-middle attacks that can divert DNS traffic to imposter networks, or to sites that are hosting pornographic material or other undesirable content such as gamling or casino sites which are illegal in many countries.

But it's still unclear how widely felt Thursday's incident was outside of Asia, IDG said. Internet routers frequently subscribe to several BGP routes and follow the shortest path, in an effort to speed up network speed and throughput.

This means that networks that are physically located in the U.S., Canada, Europe and elsewhere may have totally ignored the tables that traveled through China. Others disagree.

Whether industry observers agree or not, one fact remains: it's still unknown at this time if this incident and the one less than 2 weeks ago were intentional or not. Some think it could have been intentional.

A little over a month ago, Google has decided to shut down its google.cn search engine after well publicized and ongoing privacy issues with the chinese government.

At the 2008 Defcon hacker conference in Vegas, Internet security researchers demonstrated a BGP attack that allowed them to redirect Internet traffic bound for the conference network to a system they controlled in New York.

Also in that same year, large chunks of the Internet lost access to YouTube and Facebook when BGP routing tables inside Pakistan spread to other countries in Asia.

We will keep you posted on this and other Internet security issues at home and abroad.

Add to del.icio.us     Digg this

Source: IDC.

Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.