Persistent OSPF Attacks
Authors: G. Nakibly, A. Kirshon, D. Gonikman, and D. Boneh
Abstract:
Open Shortest Path First (OSPF) is the most widely deployed interior
gateway routing protocol on the Internet. We present two new attacks
on OSPF that expose design vulnerabilities in the protocol
specification. These new attacks can affect routing advertisements of
routers not controlled by the attacker while evading the OSPF
self-defense "fight-back" mechanism. By exploiting these
vulnerabilities an attacker can persistently falsify large
portions of the routing domain's topology thereby giving the attacker
control over how traffic is routed in the domain. This in turn can
lead to denial of service, eavesdropping, and man in the middle
attacks. We discuss a number of mitigation strategies and propose an
update to the OSPF specification that defeats these attacks and
improves overall OSPF security.
Reference:
In proceedings of the 19th Annual Network & Distributed System Security Conference (NDSS 2012)
Full paper: pdf.