undefined | Better HN

0 pointsethbr12y ago0 comments

Curious to speculate about.

If you could temporarily redirect BGP at an arbitrary time, at diplomatic risk, what would be the best use of that?

Surely OpenNet/ClassNet/NIPRNet/SIPRNet/GWAN/JWICS aren't accepting BGP updates, where they even touch public network infrastructure.

And I can't think of anything outside those huge spheres that would be worth burning a capability like that on a lark.

Maybe bulk sensitive data transfer? I.e. some site-to-site backup?

Or you're just looking at the metadata of where-to-where, with the goal of finding future targets.

0 comments

WarOnPrivacy2y ago

I went back and looked up the event. Rostelecom has been behind a few of these. I might be conflating two of them.

In 2017, Rostelecom grabbed financial & other network data for a few minutes. https://www.thousandeyes.com/blog/rostelecom-route-leak-targ...

In 2020 Rostelecom announced lots of networks they didn't own and got that traffic for an hour. Early analysis felt it was accidental. Not sure about later analysis. https://www.zdnet.com/article/russian-telco-hijacks-internet... https://news.ycombinator.com/item?id=22789754

But 2 months ago, Rostelecom grabbed a chunk of Apple's network (which I missed) https://cybernews.com/apple-network-traffic-went-through-rus...

bawolff2y ago

> Surely OpenNet/ClassNet/NIPRNet/SIPRNet/GWAN/JWICS aren't accepting BGP updates, where they even touch public network infrastructure.

If i understand, the article is not so much a typical bgp hijack but the attacker gaining control of their account that controls routing. Seems like private networks would be just as vulnerable to that.

ethbr1OP2y ago

In the case of the article / Orange, possibly.

Though I'd hope that Orange doesn't provide network management services for the Spanish military! Some things are better kept in-house.

Less familiar with how European sensitive networks are architected.

anthk2y ago

As they stated, European gov networks (plus military and universities OFC) had and still have their private backbone. In Spain, RedIris was for scientific research, universities and such. IDK about the rest, but for sure they'd have a similar approach.

Jhsto2y ago

> Less familiar with how European sensitive networks are architected.

Some governments have physical tunnel networks to move people who matter around. Computer networks follow pretty much without a loss of generality.

1 more reply

j / k navigate · click thread line to collapse