Are Bugs in BGP Implementation a National Security Issue?
Slashdot pointed out an article on ZDnet that related the main points of a talk by Stephen Dugan about problems in the current implementation of Border Gateway Protocol. The talk took place at a Black Hat Security Briefing on Thursday in Seattle.
The key points in the article were that:
- BGP has a number of security holes that stem from the implicit trust that routers running BGP have for each other, and
- architects proposing BGP changes to the Internet Engineering Task Force are not funded sufficiently when the magnitude of the technical problems they are dealing with is taken into account.
We do not need to look back very far to see the potential impact of BGP-related problems on the Internet infrastructure. In January, we reported on the widespread routing failures that took place during the SQL Slammer worldwide network attack. These were attributed by some analysts to widespread BGP session loss and problems with the Cisco Express Forwarding algorithm in low memory or extremely high traffic conditions.
The other obvious issue underlying any possible flaws in BGP is the homogeneity of routing on the Internet. How many practical high-performance routing alternatives really exist to BGP for Internet Service Providers and large corporations?
Earlier last week, an astute Slashdot reader pointed out the fact that one of the 13 root DNS servers changed from BIND to NSD. This was done "...to increase the diversity of software in the root name server system, the lack of which is widely considered to be a potential vulnerability. The nsd software... has no design commonalities with bind, the currently prevalent DNS implementation." If administrators of core DNS servers are acting proactively, shouldn't other administrators of critical infrastructure also evaluate their options?
You have to wonder if all of the core services and protocols on the Internet, except for basic transport, should have widely deployed alternatives. And, if such alternatives don't exist, isn't the entire U.S. telecom infrastructure at risk of a well-crafted attack?